LWP User Agent - SPOOF IP in req header

Bill has asked for the wisdom of the Perl Monks concerning the following question:

Replies are listed 'Best First'.
Re: LWP User Agent - SPOOF IP in req header by dws (Chancellor) on Oct 12, 2002 at 05:13 UTC
How can you spoof the IPaddr in the HTTP request header using LWP::User Agent? The IP address you want to set is in the TCP/IP envelope that the HTTP request header arrives in. You can't get at this from LWP. To forge an IP address, you may need some way to build and ship your own TCP/IP packets. Perhaps someone with more knowledge of network protocol stacks can speak to how you might do this. Details will vary depending on what OS you're using.	[reply]
•Re: LWP User Agent - SPOOF IP in req header by merlyn (Sage) on Oct 12, 2002 at 14:57 UTC
You can't get to it with the request. You'll need to adjust the parameters that IO::Socket::INET creates the connection socket, adding `LocalAddr` to be something like one of the other addresses aliases for your host. Be aware that you can only set this to one of the addresses that your host understands: you won't be able to set it to an address that would not have been routed to your host in the first place. (And that is as it should be: the TCP protocol is a two-way street, and the packets have to come back to you with a valid return address.) I see some code in LWP::Protocol::http in the `_newsocket` subroutine that looks like it could be hooked in to add the appropriate values to the `IO::Socket::INET` call. But I've not used it directly. It might be as simple as setting `@LWP::Protocol::http::EXTRA_SOCK_OPTS` to `("LocalAddr", $yourhostalias)` just before you issue each request. But again, that would have to be some address that is `ifconfig`'ed as being one of your IPs. -- Randal L. Schwartz, Perl hacker	[reply]