Introduce support for pcap traffic capturing of network traffic#4260
Introduce support for pcap traffic capturing of network traffic#4260geoand wants to merge 1 commit intoeclipse-vertx:masterfrom
Conversation
|
we should have it also on NetSocket as it remains useful for other parts of vertx stack like MQTT or SQL client that use NetSocket |
|
Good point. I'll have a look on Monday |
geoand
changed the title
|
Capturing also add to the |
|
I think that the option declaration could simply be in |
|
Indeed, PR updated |
|
Very cool! |
|
@vietj is there anything else that this PR needs, or should I mark it ready for review? |
|
I need to make a final review for this |
geoand
force-pushed
the
pcap
branch
2 times, most recently
from
d9803c3 to
7f41d10
Compare
While exploring how to introduce PCAP support into Vert.x and Quarkus based on Netty's PcapWriteHandler, I noticed that in server pipelines, the capture has the source and destination ports reversed for server pipelines. This can be seen in the screenshot from eclipse-vertx/vert.x#4260 (comment), where a browser is requesting data from a REST API built with Quarkus listening on port 8080. In the screenshot you can see that initial HTTP request has the ports reversed.
Motivation: While exploring how to introduce PCAP support into Vert.x and Quarkus based on Netty's PcapWriteHandler, I noticed that in server pipelines, the capture has the source and destination ports reversed for server pipelines. This can be seen in the screenshot from eclipse-vertx/vert.x#4260 (comment), where a browser is requesting data from a REST API built with Quarkus listening on port 8080. In the screenshot you can see that initial HTTP request has the ports reversed. Modification: This change makes sure that source and destination ports are always properly determined no matter what type of pipeline is being used Result: Correct port is used
src/main/java/io/vertx/core/datagram/impl/DatagramSocketImpl.java
Outdated
Show resolved
Hide resolved
|
I did a quick review of the
Overall this seems to come from the fact that we haven't properly defined the lifecycle of the pcap files and therefore we should first define how this should be used. e.g the pcap file could be created when the HTTP server is starting and closed when the HTTP server is closed, etc... |
|
One very large benefit is that you can use this to capture TLS traffic which is really hard to do with a normal capture |
|
I can confirm that analysis of tls traffic is very difficult in production environments |
8 participants
Motivation:
The idea here is to allow users to analyze HTTP traffic consumed and produced via Vert.x using Wireshark.
This capabity relies on Netty's
io.netty.handler.pcap.PcapWriteHandlerand has also been mentioned in vert-x3/issues#566.P.S. I tested this by also patching Quarkus to use this change and tried an application that uses RESTEasy Reactive and the Reactive REST Client.
Here is what the Wireshark screenshot looks like: