Last active
August 29, 2015 14:01
-
-
Save jqlblue/766f41b8a6ccef01aa10 to your computer and use it in GitHub Desktop.
在传统架构下,64位linux系统上使用gryphon时遇到的问题。测试请求没有抵达nginx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| TcpCopy信息 | |
| TcpCopy版本号:0.9.9 | |
| 内核版本号:2.6.18-164.el5 | |
| 安装规则: | |
| ./configure --prefix=/usr/local/tcpcopy --enable-single | |
| 启动命令:/usr/local/tcpcopy/bin/intercept | |
| iptables设置: | |
| *filter | |
| :INPUT ACCEPT [0:0] | |
| :FORWARD ACCEPT [0:0] | |
| :OUTPUT ACCEPT [0:0] | |
| :RH-Firewall-1-INPUT - [0:0] | |
| -A INPUT -j RH-Firewall-1-INPUT | |
| -A FORWARD -j RH-Firewall-1-INPUT | |
| -A RH-Firewall-1-INPUT -i lo -j ACCEPT | |
| -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT | |
| -A RH-Firewall-1-INPUT -p 50 -j ACCEPT | |
| -A RH-Firewall-1-INPUT -p 51 -j ACCEPT | |
| -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT | |
| -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT | |
| -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT | |
| -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT | |
| -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT | |
| -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT | |
| -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 36524 -j ACCEPT | |
| -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited | |
| COMMIT | |
| 日志打印[error_intercept.log]: | |
| 2014/05/15 16:13:26 +451 [notice] intercept version:0.9.9 | |
| 2014/05/15 16:13:26 +451 [notice] intercept internal version:5 | |
| 2014/05/15 16:13:26 +451 [notice] TCPCOPY_SINGLE mode | |
| 2014/05/15 16:13:26 +451 [notice] INTERCEPT_COMBINED mode | |
| 2014/05/15 16:13:26 +451 [notice] msg listen socket:4 | |
| 2014/05/15 16:13:26 +451 [notice] firewall socket:5 | |
| 2014/05/15 16:13:56 +454 [notice] total resp packs:0, all:0, route:0 | |
| 2014/05/15 16:14:26 +454 [notice] total resp packs:0, all:0, route:0 | |
| 2014/05/15 16:14:51 +368 [notice] it adds fd:6 | |
| 2014/05/15 16:14:51 +368 [notice] it adds fd:7 | |
| 2014/05/15 16:14:56 +455 [notice] total resp packs:0, all:0, route:0 | |
| 2014/05/15 16:15:14 +423 [notice] recv length 0,fd:7 | |
| 2014/05/15 16:15:14 +423 [notice] release tunnel related resources, fd:7 | |
| 2014/05/15 16:15:14 +423 [notice] crazy here, combined is null, fd:7 | |
| 2014/05/15 16:15:14 +423 [notice] enter tc_event_destroy:7 | |
| 2014/05/15 16:15:14 +423 [notice] destroy event:7 | |
| 2014/05/15 16:15:14 +423 [notice] recv length 0,fd:6 | |
| 2014/05/15 16:15:14 +423 [notice] release tunnel related resources, fd:6 | |
| 2014/05/15 16:15:14 +423 [notice] crazy here, combined is null, fd:6 | |
| 2014/05/15 16:15:14 +423 [notice] enter tc_event_destroy:6 | |
| 2014/05/15 16:15:14 +423 [notice] destroy event:6 | |
| 2014/05/15 16:15:21 +346 [warn] sig 2 received | |
| 2014/05/15 16:15:21 +346 [notice] release_resources begin | |
| 2014/05/15 16:15:21 +346 [notice] tc_select_destroy, close fd:4 | |
| 2014/05/15 16:15:21 +346 [notice] tc_select_destroy, close fd:5 | |
| 2014/05/15 16:15:21 +346 [notice] release_resources end except log file | |
| Gryphon信息 | |
| TcpCopy版本号:0.2.0 | |
| 内核版本号:2.6.18-164.el5 | |
| 安装规则: | |
| ./configure --enable-single | |
| 启动命令:/usr/local/bin/gryphon -x 80-10.16.15.118:80 -f ./118.pcap -s 10.16.15.122 -u 100 -c 10.16.15.* | |
| 日志打印[error_gryphon.log]: | |
| 2014/05/15 16:14:51 +363 [notice] gryphon version:0.2.0 | |
| 2014/05/15 16:14:51 +363 [notice] target:80-10.16.15.118:80 | |
| 2014/05/15 16:14:51 +363 [notice] GRYPHON_SINGLE mode | |
| 2014/05/15 16:14:51 +363 [notice] keepalive timeout:120 | |
| 2014/05/15 16:14:51 +363 [notice] set global port for gryphon | |
| 2014/05/15 16:14:51 +363 [notice] parallel connections per target:2 | |
| 2014/05/15 16:14:51 +363 [notice] throughput factor: 1,interval:0 ms | |
| 2014/05/15 16:14:51 +363 [notice] init connections speed:1024 | |
| 2014/05/15 16:14:51 +363 [notice] s parameter:10.16.15.122 | |
| 2014/05/15 16:14:51 +363 [notice] set only ip for gryphon | |
| 2014/05/15 16:14:51 +363 [info] connect to remote server(10.16.15.122:36524) | |
| 2014/05/15 16:14:51 +363 [info] connect to remote server(10.16.15.122:36524) | |
| 2014/05/15 16:14:51 +363 [notice] add dr tunnels for exchanging info:2047807498:36524 | |
| 2014/05/15 16:14:51 +363 [notice] read over from file:./118.pcap | |
| 2014/05/15 16:14:51 +363 [notice] pool size:72900718 | |
| 2014/05/15 16:14:51 +363 [notice] stop, null from pcap_next | |
| 2014/05/15 16:14:51 +363 [info] total packets: 992007, needed packets:495965 | |
| 2014/05/15 16:14:51 +363 [notice] pool used:61630692 | |
| 2014/05/15 16:14:51 +363 [info] enter tc_build_users | |
| 2014/05/15 16:14:51 +363 [notice] users:100, sessions:99178, total packets needed sent:400 | |
| 2014/05/15 16:14:51 +363 [info] leave tc_build_users | |
| 2014/05/15 16:14:52 +865 [notice] total is larger than size of users | |
| 2014/05/15 16:14:56 +364 [notice] active conns:0 | |
| 2014/05/15 16:14:56 +364 [notice] reject:0, reset recv:0,fin recv:0 | |
| 2014/05/15 16:14:56 +364 [notice] reset sent:0, fin sent:0 | |
| 2014/05/15 16:14:56 +364 [notice] conns:0,resp packs:0,c-resp packs:0 | |
| 2014/05/15 16:14:56 +364 [notice] syn sent cnt:100,clt packs sent :100,clt cont sent:0 | |
| 2014/05/15 16:15:01 +367 [notice] active conns:0 | |
| 2014/05/15 16:15:01 +367 [notice] reject:0, reset recv:0,fin recv:0 | |
| 2014/05/15 16:15:01 +367 [notice] reset sent:0, fin sent:0 | |
| 2014/05/15 16:15:01 +367 [notice] conns:0,resp packs:0,c-resp packs:0 | |
| 2014/05/15 16:15:01 +367 [notice] syn sent cnt:100,clt packs sent :100,clt cont sent:0 | |
| 2014/05/15 16:15:06 +369 [notice] active conns:0 | |
| 2014/05/15 16:15:06 +369 [notice] reject:0, reset recv:0,fin recv:0 | |
| 2014/05/15 16:15:06 +369 [notice] reset sent:0, fin sent:0 | |
| 2014/05/15 16:15:06 +369 [notice] conns:0,resp packs:0,c-resp packs:0 | |
| 2014/05/15 16:15:06 +369 [notice] syn sent cnt:100,clt packs sent :100,clt cont sent:0 | |
| 2014/05/15 16:15:11 +371 [notice] active conns:0 | |
| 2014/05/15 16:15:11 +371 [notice] reject:0, reset recv:0,fin recv:0 | |
| 2014/05/15 16:15:11 +371 [notice] reset sent:0, fin sent:0 | |
| 2014/05/15 16:15:11 +371 [notice] conns:0,resp packs:0,c-resp packs:0 | |
| 2014/05/15 16:15:11 +371 [notice] syn sent cnt:100,clt packs sent :100,clt cont sent:0 | |
| 2014/05/15 16:15:14 +406 [warn] sig 2 received | |
| 2014/05/15 16:15:14 +406 [notice] active conns:0 | |
| 2014/05/15 16:15:14 +406 [notice] reject:0, reset recv:0,fin recv:0 | |
| 2014/05/15 16:15:14 +406 [notice] reset sent:0, fin sent:0 | |
| 2014/05/15 16:15:14 +406 [notice] conns:0,resp packs:0,c-resp packs:0 | |
| 2014/05/15 16:15:14 +406 [notice] syn sent cnt:100,clt packs sent :100,clt cont sent:0 | |
| 2014/05/15 16:15:14 +406 [notice] remove timer over | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] connection fails:32768 | |
| 2014/05/15 16:15:14 +406 [notice] send 100 reset packs to release tcp resources | |
| 2014/05/15 16:15:14 +406 [notice] valid sessions:99126 | |
| 2014/05/15 16:15:14 +406 [notice] tc_event_loop_finish over | |
| 补充信息: | |
| intercept安装在 10.16.15.122 | |
| gryphon安装在 10.16.15.113 | |
| 测试服务器是 10.16.15.118 | |
| 在测试机上抓包使用的命令:tcpdump -i any tcp and port 80 -w xxx.pcap |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment