Capturing-and-replaying-traffic
Last updated
Was this helpful?
Last updated
Was this helpful?
Think about Gor more like a network analyzer or tcpdump on steroids, it is not a proxy and does not affect your app anyhow. You specify application port, and it will capture and replay incoming data.
Simplest setup will be:
It will record and replay traffic from the same machine. However, it is possible to use [[Aggregator-forwarder setup]], when Gor on your web machines forward traffic to Gor aggregator instance running on the separate server.
You may notice that it require
sudo
: to analyze network Gor need permissions which available only to root users. However, it is possible to configure Gor .
You can forward traffic to multiple endpoints.
By default, it will send same traffic to all outputs, but you have options to equally split it (round-robin) using --split-output
option.
By default input-raw
does not intercept responses, only requests. You can turn response tracking using --input-raw-track-response
option. When enable you will be able to access response information in middleware and output-file
.
By default, Gor will use libpcap
for intercepting traffic, it should work in most cases. If you have any troubles with it, you may try alternative engine: raw_socket
.
You can read more about [[Replaying HTTP traffic]].
You can use --input-raw-realip-header
option to specify header name: If not blank, injects header with given name and real IP value to the request payload. Usually, this header should be named: X-Real-IP
, but you can specify any name.
gor --input-raw :80 --input-raw-realip-header "X-Real-IP" ...
Also you may want to know about [[Rate limiting]], [[Request rewriting]] and [[Request filtering]]