Transparent (redirecting) proxy with BaseHTTPServer

paul koelle paul at
Thu Jan 27 11:23:31 EST 2005

Hi list,

My ultimate goal is to have a small HTTP proxy which is able to show a 
message specific to clients name/ip/status then handle the original 
request normally either by redirecting the client, or acting as a proxy.

I started with a modified[1] version of TinyHTTPProxy postet by Suzuki 
Hisao somewhere in 2003 to this list and tried to extend it to my needs. 
It works quite well if I configure my client to use it, but using 
iptables REDIRECT feature to point the clients transparently to the 
proxy caused some issues.

Precisely, the "self.path" member variable of baseHTTPRequestHandler is 
missing the <command> and the host (i.e part of the 
request line for REDIRECTed connections:

without iptables REDIRECT:
self.path -> GET HTTP/1.1

self.path -> GET /ftp/python/contrib/ HTTP/1.1

I asked about this on the squid mailing list and was told this is normal 
and I have to reconstuct the request line from the real destination IP, 
the URL-path and the Host header (if any). If the Host header is sent 
it's an (unsafe) nobrainer, but I cannot for the life of me figure out 
where to get the "real destination IP". Any ideas?


[1] HTTP Debugging Proxy
  Modified by Xavier Defrang (

More information about the Python-list mailing list