HACKTTPSERVER

Inspiration

The original goal was to build a hardware-integrated network switch using a Teensy 4.1 microcontroller and W5500 ethernet modules. I wanted to explore low-level networking by creating physical hardware that could manage traffic. However, when the hardware didn't arrive in time, and a backup Raspberry Pi proved to be non-functional, I pivoted to the most powerful tool I had available: my own Mac. This shift allowed me to focus entirely on the software architecture, moving from a hardware switch to a high-performance C-based application server.

What it does

HACKTTPSERVER is a custom HTTP/1.1 engine that operates directly at the Application Layer. It serves static files (HTML, CSS, JS) and handles high-bandwidth MP4 video streaming. Beyond standard file serving, it acts as a live telemetry dashboard. By querying the macOS kernel, it broadcasts real-time CPU and memory statistics, along with a global request log that geolocates every visitor hitting the server from anywhere in the world.

How we built it

The Core Engine: Built in C using raw TCP sockets and POSIX threads to handle concurrent connections.

Video Logic: Implemented HTTP 206 Partial Content support, allowing the server to parse Range headers and use fseek to stream specific byte offsets for instantaneous video seeking.

Networking & Security: Connected the local environment to the public internet via a Cloudflare Tunnel, routing traffic from a custom domain to the local process without opening firewall ports.

Telemetry Pipeline: Developed a "Push" model using Server-Sent Events (SSE) to broadcast system data sourced via sysctl.

Frontend: Created a dashboard that uses an EventSource to synchronize live stats and incoming traffic logs.

Challenges we ran into

Hardware Setbacks: Dealing with missing hardware and broken components forced a total architectural pivot early in the hackathon.

IP Transparency: When using the Cloudflare Tunnel, the server initially saw the proxy's IP. I had to implement logic to parse the X-Forwarded-For header to recover the visitor’s true IP.

IPv6 Truncation: Handling long IPv6 addresses caused buffer truncation issues, requiring a refactor to use INET6_ADDRSTRLEN for proper string management.

SSE Buffering: Getting real-time streams to work over a tunnel required specific header tuning (like X-Accel-Buffering: no) to prevent Cloudflare from buffering the events.

Accomplishments that we're proud of

Byte-Range Seeking: Successfully implemented manual file-pointer manipulation so that video scrubbing feels as responsive as a local file.

Low-Level Integration: Bridging the gap between the macOS kernel (system data) and the web browser in real-time.

Global Access: Achieving a secure, public-facing server that can be accessed globally while running entirely on a local development machine.

What we learned

I gained a deep understanding of the HTTP/1.1 protocol and the importance of MIME-type headers for browser parsing. I learned how to manage thread-safe broadcasts in C and how to handle the nuances of proxy headers and IPv6 networking. Most importantly, I learned how to adapt when hardware fails by leveraging software to solve the same fundamental networking problems.

What's next for HACKTTPSERVER

The next step is to move from volatile live logs to a persistent database, likely using PostgreSQL to track long-term traffic trends. I also plan to harden the server by implementing a custom Web Application Firewall (WAF) at the parsing layer and eventually porting the code to a dedicated Linux environment or a high-speed ARM edge device.

Built With

• c
• css
• html
• javascript