gor是一款流量复制回放工具,gor工具的官网:https://goreplay.org/
1、对某个端口的http流量进行打印
./gor --input-raw :8000 --output-stdout
2、对流量实时转发,把81端口流量转发到192.168.3.221:80端口
./gor --input-raw :81--output-http="http://192.168.3.221:80"3、把抓取到的流量以文件的形式存储到磁盘上
./gor --input-raw :8000 --output-file=requests.gor4、对抓取到的流量进行回放
#流量回放到192.168.3.221:80
./gor --input-file requests.gor --output-http="http://192.168.3.221:80"
#流量回放打印到屏幕上
./gor --input-file requests.gor --output-stdout5、快速开一个静态服务器
./gor file-server :80006、gor的运行参数如下:
Gor is a simple http traffic replication tool written in Go. Its main goal is to replay traffic from production servers to staging and dev environments.
Project page: https://github.com/buger/gor
Author: <Leonid Bugaev> leonsbox@gmail.com
Current Version: v1.3.0-copy-buffer-size valueSet the buffer size for an individual request (default 5MB)-cpuprofile stringwrite cpu profile to file-exit-after durationexit after specified duration-http-allow-header valueA regexp to match a specific header against. Requests with non-matching headers will be dropped:gor --input-raw :8080 --output-http staging.com --http-allow-header api-version:^v1-http-allow-method valueWhitelist of HTTP methods to replay. Anything else will be dropped:gor --input-raw :8080 --output-http staging.com --http-allow-method GET --http-allow-method OPTIONS-http-allow-url valueA regexp to match requests against. Filter get matched against full url with domain. Anything else will be dropped:gor --input-raw :8080 --output-http staging.com --http-allow-url ^www.-http-basic-auth-filter valueA regexp to match the decoded basic auth string against. Requests with non-matching headers will be dropped:gor --input-raw :8080 --output-http staging.com --http-basic-auth-filter "^customer[0-9].*"-http-disallow-header valueA regexp to match a specific header against. Requests with matching headers will be dropped:gor --input-raw :8080 --output-http staging.com --http-disallow-header "User-Agent: Replayed by Gor"-http-disallow-url valueA regexp to match requests against. Filter get matched against full url with domain. Anything else will be forwarded:gor --input-raw :8080 --output-http staging.com --http-disallow-url ^www.-http-header-limiter valueTakes a fraction of requests, consistently taking or rejecting a request based on the FNV32-1A hash of a specific header:gor --input-raw :8080 --output-http staging.com --http-header-limiter user-id:25%-http-original-hostNormally gor replaces the Host http header with the host supplied with --output-http. This option disables that behavior, preserving the original Host header.-http-param-limiter valueTakes a fraction of requests, consistently taking or rejecting a request based on the FNV32-1A hash of a specific GET param:gor --input-raw :8080 --output-http staging.com --http-param-limiter user_id:25%-http-pprof :8181Enable profiling. Starts http server on specified port, exposing special /debug/pprof endpoint. Example: :8181-http-rewrite-header valueRewrite the request header based on a mapping:gor --input-raw :8080 --output-http staging.com --http-rewrite-header Host: (.*).example.com,$1.beta.example.com-http-rewrite-url valueRewrite the request url based on a mapping:gor --input-raw :8080 --output-http staging.com --http-rewrite-url /v1/user/([^\/]+)/ping:/v2/user/$1/ping-http-set-header valueInject additional headers to http request:gor --input-raw :8080 --output-http staging.com --http-set-header 'User-Agent: Gor'-http-set-param valueSet request url param, if param already exists it will be overwritten:gor --input-raw :8080 --output-http staging.com --http-set-param api_key=1-input-dummy valueUsed for testing outputs. Emits 'Get /' request every 1s-input-file valueRead requests from file: gor --input-file ./requests.gor --output-http staging.com-input-file-dry-runSimulate reading from the data source without replaying it. You will get information about expected replay time, number of found records etc.-input-file-loopLoop input files, useful for performance testing.-input-file-max-wait durationSet the maximum time between requests. Can help in situations when you have too long periods between request, and you want to skip them. Example: --input-raw-max-wait 1s-input-file-read-depth intGoReplay tries to read and cache multiple records, in advance. In parallel it also perform sorting of requests, if they came out of order. Since it needs hold this buffer in memory, bigger values can cause worse performance (default 100)-input-kafka-host stringSend request and response stats to Kafka:gor --output-stdout --input-kafka-host '192.168.0.1:9092,192.168.0.2:9092'-input-kafka-json-formatIf turned on, it will assume that messages coming in JSON format rather than GoReplay text format.-input-kafka-topic stringSend request and response stats to Kafka:gor --output-stdout --input-kafka-topic 'kafka-log'-input-raw valueCapture traffic from given port (use RAW sockets and require *sudo* access):# Capture traffic from 8080 portgor --input-raw :8080 --output-http staging.com-input-raw-allow-incompleteIf turned on Gor will record HTTP messages with missing packets-input-raw-bpf-filter stringBPF filter to write custom expressions. Can be useful in case of non standard network interfaces like tunneling or SPAN port. Example: --input-raw-bpf-filter 'dst port 80'-input-raw-buffer-size valueControls size of the OS buffer which holds packets until they dispatched. Default value depends by system: in Linux around 2MB. If you see big package drop, increase this value.-input-raw-buffer-timeout durationset the pcap timeout. for immediate mode don't set this flag-input-raw-engine libpcapIntercept traffic using libpcap (default), `raw_socket` or `pcap_file`-input-raw-expire durationHow much it should wait for the last TCP packet, till consider that TCP message complete. (default 2s)-input-raw-monitorenable RF monitor mode-input-raw-override-snaplenOverride the capture snaplen to be 64k. Required for some Virtualized environments-input-raw-promiscenable promiscuous mode-input-raw-protocol valueSpecify application protocol of intercepted traffic. Possible values: http, binary-input-raw-realip-header stringIf not blank, injects header with given name and real IP value to the request payload. Usually this header should be named: X-Real-IP-input-raw-statsenable stats generator on raw TCP messages-input-raw-timestamp-type stringPossible values: PCAP_TSTAMP_HOST, PCAP_TSTAMP_HOST_LOWPREC, PCAP_TSTAMP_HOST_HIPREC, PCAP_TSTAMP_ADAPTER, PCAP_TSTAMP_ADAPTER_UNSYNCED. This values not supported on all systems, GoReplay will tell you available values of you put wrong one.-input-raw-track-responseIf turned on Gor will track responses in addition to requests, and they will be available to middleware and file output.-input-tcp valueUsed for internal communication between Gor instances. Example: # Receive requests from other Gor instances on 28020 port, and redirect output to staginggor --input-tcp :28020 --output-http staging.com-input-tcp-certificate stringPath to PEM encoded certificate file. Used when TLS turned on.-input-tcp-certificate-key stringPath to PEM encoded certificate key file. Used when TLS turned on.-input-tcp-secureTurn on TLS security. Do not forget to specify certificate and key files.-kafka-tls-ca-cert stringCA certificate for Kafka TLS Config:gor --input-raw :3000 --output-kafka-host '192.168.0.1:9092' --output-kafka-topic 'topic' --kafka-tls-ca-cert cacert.cer.pem --kafka-tls-client-cert client.cer.pem --kafka-tls-client-key client.key.pem-kafka-tls-client-cert stringClient certificate for Kafka TLS Config (mandatory with to kafka-tls-ca-cert and kafka-tls-client-key)-kafka-tls-client-key stringClient Key for Kafka TLS Config (mandatory with to kafka-tls-client-cert and kafka-tls-client-key)-memprofile stringwrite memory profile to this file-middleware stringUsed for modifying traffic using external command-output-binary valueForwards incoming binary payloads to given address.# Redirect all incoming requests to staging.com address gor --input-raw :80 --input-raw-protocol binary --output-binary staging.com:80-output-binary-debugEnables binary debug output.-output-binary-timeout durationSpecify HTTP request/response timeout. By default 5s. Example: --output-binary-timeout 30s-output-binary-track-responseIf turned on, Binary output responses will be set to all outputs like stdout, file and etc.-output-binary-workers intGor uses dynamic worker scaling by default. Enter a number to run a set number of workers.-output-file valueWrite incoming requests to file: gor --input-raw :80 --output-file ./requests.gor-output-file-appendThe flushed chunk is appended to existence file or not. -output-file-buffer stringThe path for temporary storing current buffer: gor --input-raw :80 --output-file s3://mybucket/logs/%Y-%m-%d.gz --output-file-buffer /mnt/logs (default "/tmp")-output-file-flush-interval durationInterval for forcing buffer flush to the file, default: 1s. (default 1s)-output-file-max-size-limit valueMax size of output file, Default: 1TB-output-file-queue-limit intThe length of the chunk queue. Default: 256 (default 256)-output-file-size-limit valueSize of each chunk. Default: 32mb-output-http valueForwards incoming requests to given http address.# Redirect all incoming requests to staging.com address gor --input-raw :80 --output-http http://staging.com-output-http-elasticsearch stringSend request and response stats to ElasticSearch:gor --input-raw :8080 --output-http staging.com --output-http-elasticsearch 'es_host:api_port/index_name'-output-http-queue-len intNumber of requests that can be queued for output, if all workers are busy. default = 1000 (default 1000)-output-http-redirects intEnable how often redirects should be followed.-output-http-response-buffer valueHTTP response buffer size, all data after this size will be discarded.-output-http-skip-verifyDon't verify hostname on TLS secure connection.-output-http-statsReport http output queue stats to console every N milliseconds. See output-http-stats-ms-output-http-stats-ms intReport http output queue stats to console every N milliseconds. default: 5000 (default 5000)-output-http-timeout durationSpecify HTTP request/response timeout. By default 5s. Example: --output-http-timeout 30s (default 5s)-output-http-track-responseIf turned on, HTTP output responses will be set to all outputs like stdout, file and etc.-output-http-worker-timeout durationDuration to rollback idle workers. (default 2s)-output-http-workers intGor uses dynamic worker scaling. Enter a number to set a maximum number of workers. default = 0 = unlimited.-output-http-workers-min intGor uses dynamic worker scaling. Enter a number to set a minimum number of workers. default = 1.-output-kafka-host stringRead request and response stats from Kafka:gor --input-raw :8080 --output-kafka-host '192.168.0.1:9092,192.168.0.2:9092'-output-kafka-json-formatIf turned on, it will serialize messages from GoReplay text format to JSON.-output-kafka-topic stringRead request and response stats from Kafka:gor --input-raw :8080 --output-kafka-topic 'kafka-log'-output-nullUsed for testing inputs. Drops all requests.-output-stdoutUsed for testing inputs. Just prints to console data coming from inputs.-output-tcp valueUsed for internal communication between Gor instances. Example: # Listen for requests on 80 port and forward them to other Gor instance on 28020 portgor --input-raw :80 --output-tcp replay.local:28020-output-tcp-response-buffer valueTCP response buffer size, all data after this size will be discarded.-output-tcp-secureUse TLS secure connection. --input-file on another end should have TLS turned on as well.-output-tcp-skip-verifyDon't verify hostname on TLS secure connection.-output-tcp-statsReport TCP output queue stats to console every 5 seconds.-output-tcp-stickyUse Sticky connection. Request/Response with same ID will be sent to the same connection.-output-tcp-workers intNumber of parallel tcp connections, default is 10 (default 10)-prettify-httpIf enabled, will automatically decode requests and responses with: Content-Encoding: gzip and Transfer-Encoding: chunked. Useful for debugging, in conjunction with --output-stdout-recognize-tcp-sessions[PRO] If turned on http output will create separate worker for each TCP session. Splitting output will session based as well.-split-output trueBy default each output gets same traffic. If set to true it splits traffic equally among all outputs.-statsTurn on queue stats output-verbose intset the level of verbosity, if greater than zero then it will turn on debug output
