Overview of GOREPLAY source code analysis

Others 2022-05-23 11:43:11 views: 0
GOREPLAY is an application for network traffic forwarding. The previous name was GOR. The author on GITHUB introduced it. More precisely, it should be HTTP traffic forwarding. The author's goal should be the forwarding of WEB-type applications on the intranet, because HTTP is an application It has a wide range of protocols and is standard, so forwarding applications written from this perspective can be used in most scenarios. This will also bring certain problems. Suppose we want to forward other protocol types. At this time, we need to encode and identify the boundary of the protocol before forwarding.
GOREPLAY is written in GO language and uses a series of GO tools, such as operating pcap, kafka, etc. The premise of running goreplay also needs to install tools such as pcap, and you need to be rooted to open the promiscuous mode of the network card and monitor all tcp packets on the specified port. The workflow of GOREPLAY:
1. Use the go interface of pcap, use bpf (Berkeley Packet Filter) to set the filter expression of the specified port, bpf can refer to the expression of the tcpdump tool, and bpf is also used behind the tcpdump command.
2. After intercepting the tcp message, assemble the message according to the network quintuple (another noun, <source IP, source port, destination IP, destination port, protocol>, the protocol field is not used in the actual program) as the key. Because HTTP is based on the TCP protocol, the integrity of a call packet is identified according to the ACK and SEQ in the TCP protocol. If you want to understand the code, you need to have a certain understanding of the TCP protocol message format and the HTTP protocol format. In addition to ordinary HTTP protocol messages, you also need to understand the relatively rare messages such as CHUNKED.
3. After assembling one or more TCP packets of an HTTP call, if it is recognized that the HTTP protocol packets have ended, you can enter the forwarding stage. After forwarding, the data segments in these packets are assembled, and the data is directly sent to the command line. The specified port sends TCP packets to complete the forwarding.

Guess you like

Origin http://10.200.1.11:23101/article/api/json?id=326747102&siteId=291194637
Recommended
The “35-year-old curse” of Chinese coders
蘭雅 CorelDRAW 插件 2024.5.1 国际劳动节版,免费下载
Ranking
Methods and Practices of Manufacturing Data Quality Improvement
Serial port upgrade program for efficient transmission of large firmware
Use KITTI to run LIOSAM and complete the EVO evaluation
Calling methods on string literals (Java)
ActiveMQ and Spring integration (4)
You have to know the HTTPS! ! !
PAT whether Structures and Algorithms 7-4 with a binary search tree (40 rows streamlined structure)
el-upload brings request background
UVA - 1204 Fun Game-like pressure dp
2019-12-28
Daily
More
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)

Code World

© 2018 codetd.com