From 56a34e833e5aea44616044c8e0c794393bcae895 Mon Sep 17 00:00:00 2001 From: OCram85 Date: Thu, 13 Jul 2023 13:42:46 +0200 Subject: [PATCH] upate example docs --- README.md | 6 +- examples/1-minimal.yml | 35 ++ docker-compose.yml => examples/2-upstream.yml | 8 +- examples/3-external.yml | 101 +++++ examples/Readme.md | 402 ++++++++++++++++++ 5 files changed, 543 insertions(+), 9 deletions(-) create mode 100644 examples/1-minimal.yml rename docker-compose.yml => examples/2-upstream.yml (92%) create mode 100644 examples/3-external.yml create mode 100644 examples/Readme.md diff --git a/README.md b/README.md index 416567a..05ade0d 100644 --- a/README.md +++ b/README.md @@ -112,11 +112,9 @@ services: - proxy ``` -### 3. 🚀 Full example - -You can find a full example containing a fake upstream, swarmproxy and workload container in the -[docker-compose.yml](docker-compose.yml) file. +## 🚀 Examples +See the [Readme](./examples/README.md) docs in the examples folder... ## 💣 Known Issues diff --git a/examples/1-minimal.yml b/examples/1-minimal.yml new file mode 100644 index 0000000..becd6c7 --- /dev/null +++ b/examples/1-minimal.yml @@ -0,0 +1,35 @@ +version: "3.8" + +networks: + egress: + attachable: true + backend: + internal: true + +services: + swarmproxy: + image: gitea.ocram85.com/ocram85/swarmproxy:latest + deploy: + replicas: 1 + environment: + - LOGLEVEL=Info + networks: + egress: + aliases: + - proxy + + curl: + image: curlimages/curl:8.1.2 + command: ["-I", "-x", "proxy:8888", "https://google.com"] + depends_on: + - swarmproxy + deploy: + replicas: 1 + restart_policy: + condition: on-failure + delay: 10s + max_attempts: 5 + window: 120s + networks: + - backend + - egress diff --git a/docker-compose.yml b/examples/2-upstream.yml similarity index 92% rename from docker-compose.yml rename to examples/2-upstream.yml index 135cab2..878c4b1 100644 --- a/docker-compose.yml +++ b/examples/2-upstream.yml @@ -1,11 +1,9 @@ version: "3.8" - # Setting up 3 default networks to act as dummy: # - backend : internal only network # - dmz : dmz network with connections allowed from internal and external # - egress : dummy egress zone with fake upstream proxy - networks: egress: attachable: true @@ -36,8 +34,8 @@ services: deploy: replicas: 1 environment: - - UPSTREAM_PROXY=upstream:8888 - LOGLEVEL=Info + - UPSTREAM_PROXY=upstream:8888 networks: dmz: aliases: @@ -45,7 +43,7 @@ services: - proxy egress: - # container workload example whicht tries to communicate through our swarmproxy instance + # container workload example which tries to communicate through our swarmproxy instance # http request / response: # [curl container] <---|req/res|---> [swarmproxy] <---|req/res|---> [upstream] <---|req/res|---> [target] curl: @@ -57,7 +55,7 @@ services: deploy: replicas: 1 restart_policy: - condition: any + condition: on-failure delay: 10s max_attempts: 5 window: 120s diff --git a/examples/3-external.yml b/examples/3-external.yml new file mode 100644 index 0000000..e7d866d --- /dev/null +++ b/examples/3-external.yml @@ -0,0 +1,101 @@ +version: "3.8" + +# IMPORTANT: Run the following command to add the required filter config file: +# echo "google.com" | docker config create filter_file - +configs: + filter_file: + external: true + +# IMPORTANT: Run the following command to add the required filter config file: +# echo "upstream:8888" | docker secret create upstream-proxy - +secrets: + upstream-proxy: + external: true + +# Setting up 3 default networks to act as dummy: +# - backend : internal only network +# - dmz : dmz network with connections allowed from internal and external +# - egress : dummy egress zone with fake upstream proxy +networks: + egress: + attachable: true + dmz: + attachable: true + backend: + internal: true + +services: + # Creating a fake upstream proxy + upstream: + image: gitea.ocram85.com/ocram85/swarmproxy:latest + deploy: + replicas: 1 + environment: + - LOGLEVEL=Info + networks: + egress: + aliases: + - upstream + + # Creating our swarmproxy instance to use the external upstream proxy + swarmproxy: + # Do not use the `latest` tag in production! + image: gitea.ocram85.com/ocram85/swarmproxy:latest + depends_on: + - upstream + deploy: + replicas: 1 + environment: + - LOGLEVEL=Info + #- UPSTREAM_PROXY=upstream:8888 + - UPSTREAM_PROXY_FILE=/run/secrets/upstream-proxy + - FILTER_FILE=/app/filter + configs: + - source: filter_file + target: /app/filter + secrets: + - upstream-proxy + networks: + dmz: + aliases: + - swarmproxy + - proxy + egress: + + # container workload example whicht tries to communicate through our swarmproxy instance + # http request / response: + # [curl container] <---|req/res|---> [swarmproxy] <---|req/res|---> [upstream] <---|req/res|---> [target] + curl: + image: curlimages/curl:8.1.2 + command: ["-I", "-x", "proxy:8888", "https://google.com"] + depends_on: + - upstream + - swarmproxy + deploy: + replicas: 1 + restart_policy: + condition: on-failure + delay: 10s + max_attempts: 5 + window: 120s + networks: + - backend + - dmz + + # Example for blocked request if there is no matching domain in the filter file. + curl-blocked: + image: curlimages/curl:8.1.2 + command: ["-I", "-x", "proxy:8888", "https://amazon.com"] + depends_on: + - upstream + - swarmproxy + deploy: + replicas: 1 + restart_policy: + condition: on-failure + delay: 10s + max_attempts: 5 + window: 120s + networks: + - backend + - dmz diff --git a/examples/Readme.md b/examples/Readme.md new file mode 100644 index 0000000..3536088 --- /dev/null +++ b/examples/Readme.md @@ -0,0 +1,402 @@ +# 📘 Examples + +This folder contains some examples you can use to start building your Swarmproxy stack. + +## Basic example `(1-minimal.yml)` + +### Source + +> 🗄️ File: [1-minimal.yml](1-minimal.yml) + +### Description + +This is the mos basic example. It contains the Swarmproxy service and curl als helper. Just deploy the stack and +inspect the logs form the containers. + +### Usage + +```bash +docker stack deploy -c 1-minimal.yml swarmproxy-mini +``` + +### Container Logs + +- Swarmproxy: + +``` +🦁 FILTER_FILE not found or set. +🦁 Final Swarmproxy config 🦁 + +3 +Group 5123 + +8 +Timeout 600 +DefaultErrorFile "/usr/share/tinyproxy/default.html" +StatHost "tinyproxy.stats" +StatFile "/usr/share/tinyproxy/stats.html" +LogLevel Info +MaxClients 600 +ViaProxyName "Swarmproxy" +Allow 127.0.0.1/8 +Allow 10.0.0.0/8 +🦁 Starting Tinyproxy... +args count: 3 +args value: -c /app/proxy.conf -d +NOTICE Jul 13 11:10:23.360 [1]: Initializing tinyproxy ... +NOTICE Jul 13 11:10:23.360 [1]: Reloading config file +INFO Jul 13 11:10:23.360 [1]: Stathost set to "tinyproxy.stats" +INFO Jul 13 11:10:23.360 [1]: Setting "Via" header to 'Swarmproxy' +NOTICE Jul 13 11:10:23.360 [1]: Reloading config file finished +INFO Jul 13 11:10:23.360 [1]: listen_sock called with addr = '(NULL)' +INFO Jul 13 11:10:23.360 [1]: trying to listen on host[0.0.0.0], family[2], socktype[1], proto[6] +INFO Jul 13 11:10:23.360 [1]: listening on fd [3] +INFO Jul 13 11:10:23.360 [1]: trying to listen on host[::], family[10], socktype[1], proto[6] +INFO Jul 13 11:10:23.360 [1]: listening on fd [4] +INFO Jul 13 11:10:23.360 [1]: Not running as root, so not changing UID/GID. +INFO Jul 13 11:10:23.360 [1]: Setting the various signals. +INFO Jul 13 11:10:23.360 [1]: Starting main loop. Accepting connections. +CONNECT Jul 13 11:10:29.845 [1]: Connect (file descriptor 5): 10.0.35.4 +CONNECT Jul 13 11:10:29.845 [1]: Request (file descriptor 5): CONNECT google.com:443 HTTP/1.1 +INFO Jul 13 11:10:29.845 [1]: No upstream proxy for google.com +INFO Jul 13 11:10:29.845 [1]: opensock: opening connection to google.com:443 +INFO Jul 13 11:10:29.955 [1]: opensock: getaddrinfo returned for google.com:443 +CONNECT Jul 13 11:10:29.959 [1]: Established connection to host "google.com" using file descriptor 6. +INFO Jul 13 11:10:29.959 [1]: Not sending client headers to remote machine +INFO Jul 13 11:10:30.033 [1]: Closed connection between local client (fd:5) and remote client (fd:6) +``` + +- Curl: + +``` + % Total % Received % Xferd Average Speed Time Time Time Current + Dload Upload Total Spent Left Speed +HTTP/1.0 200 Connection established + + 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 + 0 220 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 +Proxy-agent: tinyproxy/1.11.1 + +HTTP/2 301 +location: https:xt/html; charset=UTF-8 +content-security//www.google.com/ +content-type: te-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-gEktpIC_xSqk9njjM0KANA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp +date: Thu, 13 Jul 2023 11:10:29 GMT +expires: Thu, 13 Jul 2023 11:10:29 GMT +cache-control: private, max-age=2592000 + +server: gws +content-length: 220 +x-xss-protection: 0 +x-frame-options: SAMEORIGIN +set-cookie: CONSENT=PENDING+663; expires=Sat, 12-Jul-2025 11:10:29 GMT; path=/; domain=.google.com; Secure +p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." +alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 +``` + +## Upstream proxy example `(2-upstream.yml)` + +### Source + +> 🗄️ File: [2-upstream.yml](2-upstream.yml) + +### Description + +The upstream example contains another Swarmproxy instance as fake upstream proxy. The client connects to it's +configured Swarmproxy instance which forwards the query to the upstream. + +### Usage + +```bash +docker stack deploy -c 2-upstream.yml swarmproxy-upstream +``` + +### Container Logs + +- Upstream + +``` +🦁 FILTER_FILE not found or set. +🦁 Final Swarmproxy config 🦁 + +3 +Group 5123 +8 +Timeout 600 +DefaultErrorFile "/usr/share/tinyproxy/default.html" +StatHost "tinyproxy.stats" +StatFile "/usr/share/tinyproxy/stats.html" +LogLevel Info +MaxClients 600 +ViaProxyName "Swarmproxy" +Allow 127.0.0.1/8 +Allow 10.0.0.0/8 +🦁 Starting Tinyproxy... +args count: 3 +args value: -c /app/proxy.conf -d +NOTICE Jul 13 11:18:50.279 [1]: Initializing tinyproxy ... +NOTICE Jul 13 11:18:50.279 [1]: Reloading config file +INFO Jul 13 11:18:50.279 [1]: Stathost set to "tinyproxy.stats" +INFO Jul 13 11:18:50.279 [1]: Setting "Via" header to 'Swarmproxy' +NOTICE Jul 13 11:18:50.279 [1]: Reloading config file finished +INFO Jul 13 11:18:50.279 [1]: listen_sock called with addr = '(NULL)' +INFO Jul 13 11:18:50.279 [1]: trying to listen on host[0.0.0.0], family[2], socktype[1], proto[6] +INFO Jul 13 11:18:50.279 [1]: listening on fd [3] +INFO Jul 13 11:18:50.279 [1]: trying to listen on host[::], family[10], socktype[1], proto[6] +INFO Jul 13 11:18:50.279 [1]: listening on fd [4] +INFO Jul 13 11:18:50.279 [1]: Not running as root, so not changing UID/GID. +INFO Jul 13 11:18:50.279 [1]: Setting the various signals. +INFO Jul 13 11:18:50.279 [1]: Starting main loop. Accepting connections. +``` + +- Swarmproxy + +``` +🦁 FILTER_FILE not found or set. +🦁 Final Swarmproxy config 🦁 +3 +Group 5123 +8 +Timeout 600 +DefaultErrorFile "/usr/share/tinyproxy/default.html" +StatHost "tinyproxy.stats" +StatFile "/usr/share/tinyproxy/stats.html" +LogLevel Info +MaxClients 600 +ViaProxyName "Swarmproxy" +Allow 127.0.0.1/8 +Allow 10.0.0.0/8 +Upstream http upstream:8888 +🦁 Starting Tinyproxy... +args count: 3 +args value: -c /app/proxy.conf -d +NOTICE Jul 13 11:22:46.583 [1]: Initializing tinyproxy ... +NOTICE Jul 13 11:22:46.583 [1]: Reloading config file +INFO Jul 13 11:22:46.583 [1]: Stathost set to "tinyproxy.stats" +INFO Jul 13 11:22:46.583 [1]: Setting "Via" header to 'Swarmproxy' +INFO Jul 13 11:22:46.583 [1]: Added upstream http upstream:8888 for [default] +NOTICE Jul 13 11:22:46.583 [1]: Reloading config file finished +INFO Jul 13 11:22:46.583 [1]: listen_sock called with addr = '(NULL)' +INFO Jul 13 11:22:46.583 [1]: trying to listen on host[0.0.0.0], family[2], socktype[1], proto[6] +INFO Jul 13 11:22:46.583 [1]: listening on fd [3] +INFO Jul 13 11:22:46.583 [1]: trying to listen on host[::], family[10], socktype[1], proto[6] +INFO Jul 13 11:22:46.583 [1]: listening on fd [4] +INFO Jul 13 11:22:46.583 [1]: Not running as root, so not changing UID/GID. +INFO Jul 13 11:22:46.583 [1]: Setting the various signals. +INFO Jul 13 11:22:46.583 [1]: Starting main loop. Accepting connections. +CONNECT Jul 13 11:23:02.916 [1]: Connect (file descriptor 5): 10.0.38.4 +CONNECT Jul 13 11:23:02.916 [1]: Request (file descriptor 5): CONNECT google.com:443 HTTP/1.1 +INFO Jul 13 11:23:02.916 [1]: Found upstream proxy http upstream:8888 for google.com +INFO Jul 13 11:23:02.916 [1]: opensock: opening connection to upstream:8888 +INFO Jul 13 11:23:02.916 [1]: opensock: getaddrinfo returned for upstream:8888 +CONNECT Jul 13 11:23:02.917 [1]: Established connection to upstream proxy "upstream" using file descriptor 6. +INFO Jul 13 11:23:03.182 [1]: Closed connection between local client (fd:5) and remote client (fd:6) +``` + +- Curl + +``` + % Total % Received % Xferd Average Speed Time Time Time Current + Dload Upload Total Spent Left Speed +HTTP/1.0 200 Connection established + + 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 + 0 220 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 +Via: 1.1 Swarmproxy (tinyproxy/1.11.1) +Proxy-agent: tinyproxy/1.11.1 + +HTTP/2 301 +location: https://www.google.com/ +content-type: text/html; charset=UTF-8 +content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-g1lolRpzk2b93t4bhY80uA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp +date: Thu, 13 Jul 2023 11:23:03 GMT +expires: Thu, 13 Jul 2023 11:23:03 GMT +cache-control: private, max-age=2592000 + +server: gws +content-length: 220 +x-xss-protection: 0 +x-frame-options: SAMEORIGIN +set-cookie: CONSENT=PENDING+481; expires=Sat, 12-Jul-2025 11:23:03 GMT; path=/; domain=.google.com; Secure +p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." +alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 +``` + +## Fullstack example with external secrets and config `(3-external.yml)` + +### Source + +> 🗄️ File: [3-upstream.yml](3-upstream.yml) + +### Description + +This stack is based on the previous upstream example. It's modified to show these additional features: + +- Using external docker secret to set up an upstream proxy. Should be used when upstream needs authentication +- Mounting a docker config as filter file +- filtering queries by domains +- added curl-blocked service to show output if target domain is not in whitelist + +### Usage + +```bash +echo "google.com" | docker config create filter_file - +echo "upstream:8888" | docker secret create upstream-proxy - +docker stack deploy -c 1-minimal.yml swarmproxy-mini +``` + +### Container Logs + +- Upstream + +``` +🦁 FILTER_FILE not found or set. +🦁 Final Swarmproxy config 🦁 + +3 +Group 5123 + +8 +Timeout 600 +DefaultErrorFile "/usr/share/tinyproxy/default.html" +StatHost "tinyproxy.stats" +StatFile "/usr/share/tinyproxy/stats.html" +LogLevel Info +MaxClients 600 +ViaProxyName "Swarmproxy" +Allow 127.0.0.1/8 +Allow 10.0.0.0/8 +🦁 Starting Tinyproxy... +args count: 3 +args value: -c /app/proxy.conf -d +NOTICE Jul 13 11:37:47.554 [1]: Initializing tinyproxy ... +NOTICE Jul 13 11:37:47.554 [1]: Reloading config file +INFO Jul 13 11:37:47.554 [1]: Stathost set to "tinyproxy.stats" +INFO Jul 13 11:37:47.554 [1]: Setting "Via" header to 'Swarmproxy' +NOTICE Jul 13 11:37:47.554 [1]: Reloading config file finished +INFO Jul 13 11:37:47.554 [1]: listen_sock called with addr = '(NULL)' +INFO Jul 13 11:37:47.554 [1]: trying to listen on host[0.0.0.0], family[2], socktype[1], proto[6] +INFO Jul 13 11:37:47.554 [1]: listening on fd [3] +INFO Jul 13 11:37:47.554 [1]: trying to listen on host[::], family[10], socktype[1], proto[6] +INFO Jul 13 11:37:47.554 [1]: listening on fd [4] +INFO Jul 13 11:37:47.554 [1]: Not running as root, so not changing UID/GID. +INFO Jul 13 11:37:47.554 [1]: Setting the various signals. +INFO Jul 13 11:37:47.554 [1]: Starting main loop. Accepting connections. +CONNECT Jul 13 11:38:22.698 [1]: Connect (file descriptor 5): 10.0.40.4 +CONNECT Jul 13 11:38:22.699 [1]: Request (file descriptor 5): CONNECT google.com:443 HTTP/1.1 +INFO Jul 13 11:38:22.699 [1]: No upstream proxy for google.com +INFO Jul 13 11:38:22.699 [1]: opensock: opening connection to google.com:443 +INFO Jul 13 11:38:26.704 [1]: opensock: getaddrinfo returned for google.com:443 +CONNECT Jul 13 11:38:26.708 [1]: Established connection to host "google.com" using file descriptor 6. +INFO Jul 13 11:38:26.708 [1]: Not sending client headers to remote machine +INFO Jul 13 11:38:26.785 [1]: Closed connection between local client (fd:5) and remote client (fd:6) +``` + +- Swarmproxy + +``` +🦁 Final Swarmproxy config 🦁 + +3 +Group 5123 + +8 +Timeout 600 +DefaultErrorFile "/usr/share/tinyproxy/default.html" +StatHost "tinyproxy.stats" +StatFile "/usr/share/tinyproxy/stats.html" +LogLevel Info +MaxClients 600 +ViaProxyName "Swarmproxy" +Allow 127.0.0.1/8 +Allow 10.0.0.0/8 +Upstream http upstream:8888 +Filter "/app/filter" +FilterURLs Off +FilterCaseSensitive Off +FilterDefaultDeny Yes +🦁 Starting Tinyproxy... +args count: 3 +args value: -c /app/proxy.conf -d +NOTICE Jul 13 11:37:57.704 [1]: Initializing tinyproxy ... +NOTICE Jul 13 11:37:57.704 [1]: Reloading config file +INFO Jul 13 11:37:57.704 [1]: Stathost set to "tinyproxy.stats" +INFO Jul 13 11:37:57.704 [1]: Setting "Via" header to 'Swarmproxy' +INFO Jul 13 11:37:57.704 [1]: Added upstream http upstream:8888 for [default] +NOTICE Jul 13 11:37:57.704 [1]: Reloading config file finished +INFO Jul 13 11:37:57.704 [1]: listen_sock called with addr = '(NULL)' +INFO Jul 13 11:37:57.704 [1]: trying to listen on host[0.0.0.0], family[2], socktype[1], proto[6] +INFO Jul 13 11:37:57.704 [1]: listening on fd [3] +INFO Jul 13 11:37:57.704 [1]: trying to listen on host[::], family[10], socktype[1], proto[6] +INFO Jul 13 11:37:57.704 [1]: listening on fd [4] +INFO Jul 13 11:37:57.704 [1]: Not running as root, so not changing UID/GID. +INFO Jul 13 11:37:57.704 [1]: Setting the various signals. +INFO Jul 13 11:37:57.704 [1]: Starting main loop. Accepting connections. +CONNECT Jul 13 11:38:00.361 [1]: Connect (file descriptor 5): 10.0.39.4 +CONNECT Jul 13 11:38:00.361 [1]: Request (file descriptor 5): CONNECT amazon.com:443 HTTP/1.1 +NOTICE Jul 13 11:38:00.361 [1]: Proxying refused on filtered domain "amazon.com" +CONNECT Jul 13 11:38:14.022 [1]: Connect (file descriptor 5): 10.0.39.4 +CONNECT Jul 13 11:38:14.022 [1]: Request (file descriptor 5): CONNECT amazon.com:443 HTTP/1.1 +NOTICE Jul 13 11:38:14.022 [1]: Proxying refused on filtered domain "amazon.com" +CONNECT Jul 13 11:38:22.698 [1]: Connect (file descriptor 5): 10.0.39.4 +CONNECT Jul 13 11:38:22.698 [1]: Request (file descriptor 5): CONNECT google.com:443 HTTP/1.1 +INFO Jul 13 11:38:22.698 [1]: Found upstream proxy http upstream:8888 for google.com +INFO Jul 13 11:38:22.698 [1]: opensock: opening connection to upstream:8888 +INFO Jul 13 11:38:22.698 [1]: opensock: getaddrinfo returned for upstream:8888 +CONNECT Jul 13 11:38:22.698 [1]: Established connection to upstream proxy "upstream" using file descriptor 6. +CONNECT Jul 13 11:38:25.064 [1]: Connect (file descriptor 7): 10.0.39.4 +CONNECT Jul 13 11:38:25.064 [1]: Request (file descriptor 7): CONNECT amazon.com:443 HTTP/1.1 +NOTICE Jul 13 11:38:25.064 [1]: Proxying refused on filtered domain "amazon.com" +INFO Jul 13 11:38:26.785 [1]: Closed connection between local client (fd:5) and remote client (fd:6) +CONNECT Jul 13 11:38:36.285 [1]: Connect (file descriptor 5): 10.0.39.4 +CONNECT Jul 13 11:38:36.285 [1]: Request (file descriptor 5): CONNECT amazon.com:443 HTTP/1.1 +NOTICE Jul 13 11:38:36.285 [1]: Proxying refused on filtered domain "amazon.com" +``` + +- Curl + +``` + % Total % Received % Xferd Average Speed Time Time Time Current + Dload Upload Total Spent Left Speed +HTTP/1.0 200 Connection established + + 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 + 0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0 + 0 0 0 0 0 0 0 0 --:--:-- 0:00:02 --:--:-- 0 + 0 0 0 0 0 0 0 0 --:--:-- 0:00:03 --:--:-- 0 + 0 0 0 0 0 0 0 0 --:--:-- 0:00:04 --:--:-- 0 + 0 220 0 0 0 0 0 0 --:--:-- 0:00:04 --:--:-- 0 +Via: 1.1 Swarmproxy (tinyproxy/1.11.1) +Proxy-agent: tinyproxy/1.11.1 + +HTTP/2 301 +location: https://www.google.com/ +content-type: text/html; charset=UTF-8 +content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-UGtC_QXXA9WxUVfYPZJkJA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp +date: Thu, 13 Jul 2023 11:38:26 GMT +expires: Thu, 13 Jul 2023 11:38:26 GMT +cache-control: private, max-age=2592000 + +server: gws +content-length: 220 +x-xss-protection: 0 +x-frame-options: SAMEORIGIN +set-cookie: CONSENT=PENDING+670; expires=Sat, 12-Jul-2025 11:38:26 GMT; path=/; domain=.google.com; Secure +p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." +alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 +``` + +- Curl-blocked + +``` + % Total % Received % Xferd Average Speed Time Time Time Current + Dload Upload Total Spent Left Speed + + 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 + 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 +HTTP/1.1 403 Filtered +curl: (56) CONNECT tunnel failed, response 403 +Server: tinyproxy/1.11.1 +Content-Type: text/html +Connection: close +```