Net::ProxyMod - Small TCP proxy module for packet alteration.


  use Net::ProxyMod;


This is a small module that allows you to create a proxy for packet alteration and debugging. You just need to specify two functions in and outgoing packets will be passed to. In these functions you can then modify the packet if desired. This is useful to get in between an existing client and server for testing purposes.

ProxyMod can be used as a standard proxy or as a transparent proxy together with a firewall package such as ipfw on FreeBSD. Please refer to the ipfw documenation for more information.


new(local_host, local_port, remote_host, remote_port, debug)


new( param => value [, param => value ...] )

will create a new proxy object. It will also create a tcp socket bound to the given host and port. If dest_host and dest_port are emtpy, the destination address and port will be taken from the original request.

The following named parameters are recognized:






If debug is 1, the module will give you messages about connects.


If -mode is set to 'nonforking', the proxy will handle the connections without forking of child processes for each connection. Quite usefull when you don't have fork() :-).

get_conn(infunc, outfunc)

will wait for packets to arrive. The payload of packets going from the server to the client will passed on to the function infunc. Likewise packets going from the client to the original server are passed on to outfunc. The return value of infunc and outfunc will be taken as the new payload in that direction.


This is a very simple example, more complex things are of course possible: This is a transparent proxy bound to localhost port 7777. Since host and port of the destination are left out, the final destination and port will be taken out of the original request. For this you have to add to your firewall config. On FreeBSD you can do:

ipfw add 100 fwd localhost,7777 tcp from [client] to [dest] 1234 (in via [iface])


    use Net::ProxyMod;

    # create a new proxy object
    $p = Net::ProxyMod->new(localhost, 7777, "", 0, 1);

    # wait for connections

    # for packets going from the server to the client:
    sub infunc
        my($data) = @_;
        # increase a number
        $data =~/ (10) /;
        $num = $1 + rand(10);
        $data =~ s/ 10 / $num/g;


    # for packets going from the client to the server:
        my($data) = @_;

        # adjust the payload, something real simple:
        $data =~ s/index.html/foobar.html/;



If you run the transparent proxy on the same machine as the client request, be careful not to create infinite loops. This can happen if the outgoing request from the proxy hits the forward rule as well.

ProxyMod is not programmed for efficiency, but as a quick test tool. Right now this only proxies TCP connections. If you need UDP you can use Net::Divert.


Stephanie Wehner,


perl(1), ipfw(8), Net::Divert

1 POD Error

The following errors were encountered while parsing the POD:

Around line 496:

You forgot a '=back' before '=head1'