在部分架构上tcpcopy适用于将线上流量对测试环境进行压力测试,亦或使用tcpcopy来分析网络流量,比如WAF监控。
环境准备:
客户: 192.168.2.201
线上服务器: 192.168.2.206
测试服务器: 192.168.2.24
辅助服务器: 192.168.2.245 ---截断服务器
1.安装辅助服务器(192.168.2.245)
辅助服务器最好选择CentOS 6操作系统,CentOS 5需要自行编译libpcap,CentOS 7不支持ip_queue
yum -y install libpcap-devel gcc wget https://codeload.github.com/session-replay-tools/intercept/zip/master unzip master cd intercept-master ./configure && gmake && gmake install ln -s /usr/local/intercept/sbin/intercept /usr/local/sbin/ 启动辅助服务器(CentOS6) intercept -F 'tcp and src host 192.168.2.24 and src port 80' -d netstat -ntlup |grep 36524 #关闭路由转发 echo "0">/proc/sys/net/ipv4/ip_forward modprobe ip_queue lsmod |grep ip_queue iptables -I OUTPUT -p tcp --sport 80 -j QUEUE
如果无法,查看日志文件
/usr/local/intercept/logs/error_intercept.log
如果在启动intercept的时候出现
2017/03/01 10:12:00 +854 [warn] lookupnet:SIOCGIFADDR: nflog: No such device
2017/03/01 10:12:00 +854 [error] couldn't parse filter from eth0 and tcp and src host 192.168.2.24 and src port 80: syntax error
2017/03/01 10:12:00 +854 [warn] device could not work:nflog
2017/03/01 10:12:00 +854 [notice] pcap open,device:lo
2017/03/01 10:12:00 +854 [notice] pcap_set_buffer_size:16777216
2017/03/01 10:12:00 +854 [error] couldn't parse filter from eth0 and tcp and src host 192.168.2.24 and src port 80: syntax error
2017/03/01 10:12:00 +854 [warn] device could not work:lo
2017/03/01 10:12:00 +854 [error] no device available for snooping packets
则指定网卡端口
intercept -F 'tcp and src host 192.168.2.24 and src port 80' -d -i eth0
2.线上服务器安装tcpcopy
服务端安装 wget https://github.com/session-replay-tools/tcpcopy/archive/master.zip unzip master cd tcpcopy-master ./configure && gmake && gmake install ln -s /usr/local/tcpcopy/sbin/tcpcopy /usr/local/sbin/ #启动tcpcopy,要先启动辅助服务器,否则可能报错 tcpcopy -x 192.168.2.206:80-192.168.2.24:80 -s 192.168.2.245 -c 192.168.2.201 -d -n 5 -x 指定复制到的服务器 -s 指定辅助服务器 -c 指定客户端IP -d 以服务方式运行 -n 以多少倍的流量,加大测试流量
3.测试服务器,添加静态路由
Windows
route add 192.168.2.201 mask 255.255.255.255 192.168.2.245
Linux
route add -net 192.168.2.201/32 gw 192.168.2.245
转载于:https://blog.51cto.com/fengwan/1901948