write PCAP handler #46
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
SUPER WIP, but wireshark kind of understands what's going on already :) |
weissi
force-pushed
the
jw-pcap-handler
branch
5 times, most recently
from
b06ee81
to
947d8ae
Compare
|
it actually works properly now. Also supports IPv6 now and even Unix Domain Sockets (using fake IP addresses :) ) |
|
@Lukasa / @tomerd I would love to test this but the best testing strategy (short of writing a PCAP parser (which I won't be doing 😬)) is to also add the bash integration test framework from Any better ideas? |
weissi
force-pushed
the
jw-pcap-handler
branch
4 times, most recently
from
200e93b
to
0f9e042
Compare
|
I think that idea is fine tbh. |
Lukasa
requested changes
Apr 10, 2019
Motivation: Especially with TLS but also without, in real production environments it can be handy to be able to write pcap files from NIO directly. Modifications: add a ChannelHandler that can write a PCAP trace from what's going on in the ChannelPipeline. Result: easier debugging in production
Lukasa
approved these changes
Apr 12, 2019
weissi
added
the
🔼 needs-minor-version-bump
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation:
Especially with TLS, but also for example if you don't have the privileges to dump network traffic using
tcpdumpin production, it can be handy to be able to write.pcapfiles from NIO directly. With this PR, SwiftNIO synthesises TCP over IPv4/6 packets as if they were real packets so you can inspect them in Wireshark/tcpdump -r. This is also super useful for Unix Domain Sockets because there are no sniffing/dumping tools, in the Unix Domain Socket case we'll just use fake IPv4 addresses. WithNIOWritePCAPHandlerthat you can insert into yourChannelPipelinewhere ever you send bytes around.Modifications:
add a ChannelHandler that can write a PCAP trace from what's going on in
the ChannelPipeline.
Result:
easier debugging in production