TcpCopy信息

  TcpCopy版本号：0.9.9
  内核版本号：2.6.18-164.el5
  安装规则：
  ./configure --prefix=/usr/local/tcpcopy --enable-single
  启动命令：/usr/local/tcpcopy/bin/intercept
  iptables设置：
  
  *filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 36524 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT

日志打印[error_intercept.log]：

2014/05/15 16:13:26 +451 [notice] intercept version:0.9.9
2014/05/15 16:13:26 +451 [notice] intercept internal version:5
2014/05/15 16:13:26 +451 [notice] TCPCOPY_SINGLE mode
2014/05/15 16:13:26 +451 [notice] INTERCEPT_COMBINED mode
2014/05/15 16:13:26 +451 [notice] msg listen socket:4
2014/05/15 16:13:26 +451 [notice] firewall socket:5
2014/05/15 16:13:56 +454 [notice] total resp packs:0, all:0, route:0
2014/05/15 16:14:26 +454 [notice] total resp packs:0, all:0, route:0
2014/05/15 16:14:51 +368 [notice] it adds fd:6
2014/05/15 16:14:51 +368 [notice] it adds fd:7
2014/05/15 16:14:56 +455 [notice] total resp packs:0, all:0, route:0
2014/05/15 16:15:14 +423 [notice] recv length 0,fd:7
2014/05/15 16:15:14 +423 [notice] release tunnel related resources, fd:7
2014/05/15 16:15:14 +423 [notice] crazy here, combined is null, fd:7
2014/05/15 16:15:14 +423 [notice] enter tc_event_destroy:7
2014/05/15 16:15:14 +423 [notice] destroy event:7
2014/05/15 16:15:14 +423 [notice] recv length 0,fd:6
2014/05/15 16:15:14 +423 [notice] release tunnel related resources, fd:6
2014/05/15 16:15:14 +423 [notice] crazy here, combined is null, fd:6
2014/05/15 16:15:14 +423 [notice] enter tc_event_destroy:6
2014/05/15 16:15:14 +423 [notice] destroy event:6
2014/05/15 16:15:21 +346 [warn] sig 2 received
2014/05/15 16:15:21 +346 [notice] release_resources begin
2014/05/15 16:15:21 +346 [notice] tc_select_destroy, close fd:4
2014/05/15 16:15:21 +346 [notice] tc_select_destroy, close fd:5
2014/05/15 16:15:21 +346 [notice] release_resources end except log file


Gryphon信息

  TcpCopy版本号：0.2.0
  内核版本号：2.6.18-164.el5
  安装规则：
  ./configure --enable-single
  启动命令：/usr/local/bin/gryphon -x 80-10.16.15.118:80 -f ./118.pcap -s 10.16.15.122 -u 100 -c 10.16.15.*
  
  日志打印[error_gryphon.log]：
  
2014/05/15 16:14:51 +363 [notice] gryphon version:0.2.0
2014/05/15 16:14:51 +363 [notice] target:80-10.16.15.118:80
2014/05/15 16:14:51 +363 [notice] GRYPHON_SINGLE mode
2014/05/15 16:14:51 +363 [notice] keepalive timeout:120
2014/05/15 16:14:51 +363 [notice] set global port for gryphon
2014/05/15 16:14:51 +363 [notice] parallel connections per target:2
2014/05/15 16:14:51 +363 [notice] throughput factor: 1,interval:0 ms
2014/05/15 16:14:51 +363 [notice] init connections speed:1024
2014/05/15 16:14:51 +363 [notice] s parameter:10.16.15.122
2014/05/15 16:14:51 +363 [notice] set only ip for gryphon
2014/05/15 16:14:51 +363 [info] connect to remote server(10.16.15.122:36524)
2014/05/15 16:14:51 +363 [info] connect to remote server(10.16.15.122:36524)
2014/05/15 16:14:51 +363 [notice] add dr tunnels for exchanging info:2047807498:36524
2014/05/15 16:14:51 +363 [notice] read over from file:./118.pcap
2014/05/15 16:14:51 +363 [notice] pool size:72900718
2014/05/15 16:14:51 +363 [notice] stop, null from pcap_next
2014/05/15 16:14:51 +363 [info] total packets: 992007, needed packets:495965
2014/05/15 16:14:51 +363 [notice] pool used:61630692
2014/05/15 16:14:51 +363 [info] enter tc_build_users
2014/05/15 16:14:51 +363 [notice] users:100, sessions:99178, total packets needed sent:400
2014/05/15 16:14:51 +363 [info] leave tc_build_users
2014/05/15 16:14:52 +865 [notice] total is larger than size of users
2014/05/15 16:14:56 +364 [notice] active conns:0
2014/05/15 16:14:56 +364 [notice] reject:0, reset recv:0,fin recv:0
2014/05/15 16:14:56 +364 [notice] reset sent:0, fin sent:0
2014/05/15 16:14:56 +364 [notice] conns:0,resp packs:0,c-resp packs:0
2014/05/15 16:14:56 +364 [notice] syn sent cnt:100,clt packs sent :100,clt cont sent:0
2014/05/15 16:15:01 +367 [notice] active conns:0
2014/05/15 16:15:01 +367 [notice] reject:0, reset recv:0,fin recv:0
2014/05/15 16:15:01 +367 [notice] reset sent:0, fin sent:0
2014/05/15 16:15:01 +367 [notice] conns:0,resp packs:0,c-resp packs:0
2014/05/15 16:15:01 +367 [notice] syn sent cnt:100,clt packs sent :100,clt cont sent:0
2014/05/15 16:15:06 +369 [notice] active conns:0
2014/05/15 16:15:06 +369 [notice] reject:0, reset recv:0,fin recv:0
2014/05/15 16:15:06 +369 [notice] reset sent:0, fin sent:0
2014/05/15 16:15:06 +369 [notice] conns:0,resp packs:0,c-resp packs:0
2014/05/15 16:15:06 +369 [notice] syn sent cnt:100,clt packs sent :100,clt cont sent:0
2014/05/15 16:15:11 +371 [notice] active conns:0
2014/05/15 16:15:11 +371 [notice] reject:0, reset recv:0,fin recv:0
2014/05/15 16:15:11 +371 [notice] reset sent:0, fin sent:0
2014/05/15 16:15:11 +371 [notice] conns:0,resp packs:0,c-resp packs:0
2014/05/15 16:15:11 +371 [notice] syn sent cnt:100,clt packs sent :100,clt cont sent:0
2014/05/15 16:15:14 +406 [warn] sig 2 received
2014/05/15 16:15:14 +406 [notice] active conns:0
2014/05/15 16:15:14 +406 [notice] reject:0, reset recv:0,fin recv:0
2014/05/15 16:15:14 +406 [notice] reset sent:0, fin sent:0
2014/05/15 16:15:14 +406 [notice] conns:0,resp packs:0,c-resp packs:0
2014/05/15 16:15:14 +406 [notice] syn sent cnt:100,clt packs sent :100,clt cont sent:0
2014/05/15 16:15:14 +406 [notice] remove timer over
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] connection fails:32768
2014/05/15 16:15:14 +406 [notice] send 100 reset packs to release tcp resources
2014/05/15 16:15:14 +406 [notice] valid sessions:99126
2014/05/15 16:15:14 +406 [notice] tc_event_loop_finish over

补充信息：
intercept安装在 10.16.15.122
gryphon安装在 10.16.15.113
测试服务器是 10.16.15.118