发表新帖
发表新帖

Duplicate TCP traffic with a proxy

前端 未结
关注
5 685
南方客
南方客 2020-12-08 01:05

I need to send (duplicate) traffic from one machine (port) and to two different machines (ports). I need to take care of TCP session as well.

In the beginnig I used

相关标签:
5条回答
  • 梦毁少年i
    2020-12-08 01:48

    I needed something that could tee the TCP traffic as well, but being not intrusive, thus not being able to put something in-between as a reverse proxy for example.

    What I did is basically did is use the tcpdump/wireshark logic (packet sniffing) wrap it in a Go process that you can configure to do some things.

    For whom it may be helpful the code can be found here: https://github.com/RobinUS2/teecp

    0 讨论(0)
  • 生来不讨喜
    2020-12-08 01:55

    I have also written a reverse proxy / load balancer for a similar purpose with Node.js (it is just for fun, not production ready at the moment).

    https://github.com/losnir/ampel

    It is very opinionated, and currently supports:

    • GET Using round-robin selection (1:1)
    • POST Using request splitting. There is no concept of "master" and "shadow" -- the first backend that responds is the one that will serve the client request, and then all of the other responses will be discarded.

    If someone finds it useful then I can improve it to be more flexible.

    0 讨论(0)
  • 礼貌的吻别
    2020-12-08 02:00

    I have created a proxy just for this purpose.

    https://github.com/chrislusf/teeproxy

    Usage

    ./teeProxy -l :8888 -a localhost:9000 -b localhost:9001

    tee-proxy is a reverse proxy. For each incoming request, it clones the request into 2 and then forwards them to 2 servers. The results from server a is returned as usual, but the results from server b is ignored.

    tee-proxy handles both GET, POST, and other HTTP methods.

    0 讨论(0)
  • 终归单人心
    2020-12-08 02:00

    How about the iptables experimental ROUTE target? It has a "tee" option for mirroring traffic:

    http://www.netfilter.org/projects/patch-o-matic/pom-external.html#pom-external-ROUTE

    Which would let you mirror traffic with something like:

    iptables -A PREROUTING -t mangle -p tcp --dport 80 -j ROUTE --gw 1.2.3.4 --tee
iptables -A POSTROUTING -t mangle -p tcp --sport 80 -j ROUTE --gw 1.2.3.4 --tee

    The second machine would need to be on the same subnet and would either need to listen on the target IP address (and not reply to arps) or listen promiscuously.

    0 讨论(0)
  • 小蘑菇
    2020-12-08 02:00

    Try https://github.com/agnoster/duplicator.

    I tried teeproxy but got strange results with some requests other than GET's.

    0 讨论(0)
 看不清?
提交回复
热议问题