Menu Home

Docker Proxies and DNS containers

In the docker ecosystem it is possible to find images for pretty much anything you can imaging.

I have been investigating building a service, that would rely on web proxy technology and a custom DNS server to build a more kids friendly version of Youtube. Unfortunately, Youtube for most part only works if run on the youtube.com domain, and they have HTTP public key pinning enabled, so doing a man-in-the-middle proxy turned out to not be a viable solution. So I had to give up on my original the approach of filtering out the bad youtube content inside of a proxy.

During my investigation I came across a few useful docker containers, that for a windows developer like myself, wasn’t not on my radar, but can prove to be quite useful in other projects.

Your own DNS server

Mostly when I need to play around with DNS I can do what I need in the hosts file or using my DNS registrars server, but actually with the dockerized version of BIND (which is apparently one of the most used DNS servers), it seems quite silly to do hosts files changes when you can run you own DNS server and easily do the changes you need using the web management interface that comes with it.

I ended up using the following guide to get started with BIND, http://www.damagehead.com/blog/2015/04/28/deploying-a-dns-server-using-docker/, which uses the image (sameersbn/bind:latest) also the official documentation on the web interface is quite useful:
https://doxfer.webmin.com/Webmin/BIND_DNS_Server.

Web Proxies

I played around with a few different web proxies, to find something that worked well.

First i started with a the node module express-http-proxy that allows you to run a reverse proxy inside of a express application. I also took the following two docker containers for a spin sameersbn/squid and jmcn/anyproxy-docker. Squid is a production ready proxy server while anyproxy is a node proxy server that is a bit easier to customize, but also less production ready. Anyproxy is a quite interesting project, if you want to do man-in-the-middle attacks as it can change SSL certificates on the fly, and it also comes as a node module, if you want to integrate it into something.

Categories: docker

Simon J.K. Pedersen

1 reply

Leave a Reply

Your email address will not be published. Required fields are marked *