Fork me on GitHub

HTTP Traffic Redirection v0.1

Nowadays, navigating the Internet with an oudated version of a browser could be harmful to your computer as many malwares spread by exploiting vulnerabilities in browers.

With Haka, we can avoid such attacks. The idea is simple and consists in redirecting http requests issued by outdated browsers by modifying the http content on the fly.

We need to create a group named 'safe_update' with two rules:

  1. The first rule will only authorise http traffic to update servers (e.g. This is done by checking the 'Host' header.
  2. safe_update:rule{
        hooks = { 'http-response' },
        eval = function (self, http)
    	local host = http.request.headers['Host'] or ''
    	for _, dom in ipairs(update_domains) do
    	    if string.find(host, dom) then
    		haka.log("Filter", "Requesting an update domain")
    		return true
  3. The second rule will redirect requests to an update server if the 'User-Agent' header is detected as obsolete. This rule shows Haka capabilities to modify http headers response on the fly in order to redirect requests.
  4. safe_update:rule{
        hooks = { 'http-response' },
        eval = function (self, http)
    	local UA = http.request.headers["User-Agent"] or "No User-Agent header"
    	haka.log("Filter", "UA detected: %s", UA)
    	local FF_UA = (string.find(UA, "Firefox/"))
    	if FF_UA then -- Firefox was detected
    	    local version = tonumber(string.sub(UA, FF_UA+8))
    	    if not version or version < last_firefox_version then
    		    description= "Firefox is outdated, please upgrade",
    		    severity= 'medium'
    		-- redirect browser to a safe place where updates will be made
    		http.response.status = "307"
    		http.response.reason = "Moved Temporarily"
    		http.response.headers["Content-Length"] = "0"
    		http.response.headers["Location"] = firefox_web_site
    		http.response.headers["Server"] = "A patchy server"
    		http.response.headers["Connection"] = "Close"
    		http.response.headers["Proxy-Connection"] = "Close"
    		-- dump the response for illustrative purpose
    	    haka.log("Filter", "Unknown or missing User-Agent")

Refer to the filter tutorial to see the full script.