Rewrite outbound HTTP request on DD-WRT

1

I'm running a DD-WRT router (v24SP2-MULTI (11/04/12) std) on my home network and would like to rewrite all outgoing HTTP requests. Specifically, I'd like all requests made for xxx.example.org to be rewritten as a request for zzz.example.org at the router level.

Now, I realize how complex it would be to do this, so I've tried to tackle this at a more simpler level by using DNSMasq to set an absolute address for the domain by using the address directive like so: address=/xxx.example.org/1.2.3.4

While this works, the obvious problem I have is that the IP address could change. I'd be satisfied if I were able to tell DNSMasq to perform a lookup for a different domain instead of having to supply an absolute address, but I don't see that as possible according to the man pages.

My question boils down to: Using a DD-WRT router, can I have all internal to external HTTP requests for a specific domain actually leave the router to a different domain?

DDWRT In Seattle

Posted 2014-02-05T07:37:39.020

Reputation: 11

Answers

0

If you change just the IP resolution it is a half solution since the HTTP headers will still contain the information about the original query.

What you could do is install on the router a small proxy (for example Privoxy) and then do URL rewriting there (using REDIRECT and CLIENT-HEADER-FILTER if we talk about Privoxy).

Then you can point the browser to Privoxy or eventually use iptables to do transparent proxy so client doesn't even need to know about it. (for example see here for an idea on how to do it)

fede.evol

Posted 2014-02-05T07:37:39.020

Reputation: 1 718

Thanks for this recommendation. It looks like I have a lot of reading to do before I can even start on installing Privoxy. The problem with this is that the browser will get a 302 response each time, which will very slightly slow down the total request time. Not a big deal though. – DDWRT In Seattle – 2014-02-05T09:43:57.670

0

If you want to rewrite all outgoing HTTP request at the router, the "best practice" way of doing this would be to install a transparent proxy]1 on the router. You would need to set up a basic redirector (or here) under squid as well in order to get it to work.

I do point out that, depending on what you are trying to do, if you can use an IP address rather then host name, you should be able to achieve this with a single IPTABLES rule to rewrite the target address (DNAT) using something like iptables -t nat -A PREROUTING -p tcp --dport 80 -i (INTERNALIF) -s old.ip.addr.ess -j DNAT --to new.ip.addr.ess

davidgo

Posted 2014-02-05T07:37:39.020

Reputation: 49 152

Asked: 2014-02-05T07:37:39.020

Viewed: 984 times

Active: 2014-02-05T09:08:09.543