欺骗 HTTP 请求的原始 IP 地址 [英] Spoofing the origination IP address of an HTTP request
问题描述
这只需要在单个子网上工作,不能用于恶意用途.
This only needs to work on a single subnet and is not for malicious use.
我有一个用 Python 编写的负载测试工具,它基本上可以在 URL 上发送 HTTP 请求.我需要针对基于 IP 的负载平衡器运行性能测试,因此请求必须来自一系列 IP.大多数商业性能工具都提供此功能,但我想将其构建到我自己的工具中.
I have a load testing tool written in Python that basically blasts HTTP requests at a URL. I need to run performance tests against an IP-based load balancer, so the requests must come from a range of IP's. Most commercial performance tools provide this functionality, but I want to build it into my own.
该工具使用 Python 的 urllib2 进行传输.是否可以为构成请求的数据包发送带有欺骗 IP 地址的 HTTP 请求?
The tool uses Python's urllib2 for transport. Is it possible to send HTTP requests with spoofed IP addresses for the packets making up the request?
推荐答案
这是对 HTTP 的误解.HTTP 协议基于 TCP.TCP 协议依赖 3 次握手来初始化请求.
This is a misunderstanding of HTTP. The HTTP protocol is based on top of TCP. The TCP protocol relies on a 3 way handshake to initialize requests.
不用说,如果您欺骗您的原始 IP 地址,您将永远无法通过同步阶段,也不会发送任何 HTTP 信息(服务器无法将其发送到合法主机).
Needless to say, if you spoof your originating IP address, you will never get past the synchronization stage and no HTTP information will be sent (the server can't send it to a legal host).
如果您需要测试 IP 负载平衡器,这不是方法.
If you need to test an IP load balancer, this is not the way to do it.
这篇关于欺骗 HTTP 请求的原始 IP 地址的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
