Passthrough implementation

[namay26]

Resolves #172 :
Adds a passthrough handler, which acts like a proxy and sets up two go routines to listen to and log the information passed between the client and the destination.

[Copilot]

Pull Request Overview

This PR introduces a new “passthrough” rule type that proxies TCP connections between clients and real targets, logging bidirectional traffic.

• Adds Passthrough to the rule enum and exposes RuleType
• Implements HandlePassThrough in protocols/tcp/passthrough.go with two goroutines for source→target and target→source streaming
• Registers the new handler in protocols/protocols.go and adds a sample rule in config/rules.yaml

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 4 comments.

File	Description
rules/rules.go	Export RuleType, add Passthrough constant and init case
protocols/tcp/passthrough.go	New handler to proxy TCP streams and log data
protocols/protocols.go	Register "passthrough" handler
config/rules.yaml	Add sample passthrough rule

Comments suppressed due to low confidence (2)

protocols/tcp/passthrough.go:26

• [nitpick] The comment is unclear and contains informal shorthand ('w/o', 'w it'). Consider rephrasing to explain the function’s purpose clearly, e.g., “HandlePassThrough opens a TCP connection to the real target and proxies traffic bidirectionally without modifying payloads.”

// Dial to the source ip, acting as a proxy between the client and real source by piping the data back and forth w/o interfering w it.

protocols/tcp/passthrough.go:1

• The new passthrough handler doesn’t have any associated unit or integration tests. Adding tests would help ensure correct proxy behavior under various scenarios and catch regressions.

package tcp

[namay26]

Made traffic capture configurable via config.yaml. You can now enable or disable payload capturing by toggling the capture_traffic boolean.
Also extended rules.yaml support for host:port targets. These are now automatically routed to the passthrough handler, similar to how Freki handles them.
@glaslos

[glaslos]

Some minor comments. Did you consider adding some tests?

[furusiyya]

@glaslos Just for the info, here is a summary of our last two meetings:

Mid-term Review Meeting Minutes:
Test the proxy against SSH and other protocols currently supported in Glutton and write corresponding test cases.

July Week 5 Sync:
Namay found some issues in payload parsing with protocols like SMTP and FTP and resolved them. He is currently writing test cases and will share an updated version of the code along with documentation soon.

[namay26]

In the latest commit :
-> Added unit tests to cover most of the functions using a Mock setup.
-> Divided the main function into smaller functions to enable better testing and readability.

Also, I have tested the passthrough implementation with various protocols (SMTP, SSH etc). I will be writing some more tests to increase the code coverage.

cc. @glaslos @furusiyya

[glaslos]

@furusiyya what is needed to get this over the finish line? In case @namay26 is not available anymore, I can get the PR ready to be merged.

[furusiyya]

@glaslos thanks for the follow-up. There is blocker from @namay26. It’s just me couldn't find time to get this over the finish line. I will merge it soon.