README
¶
NET.PROXY
net.proxy is a commandline tool that offers creation of one or several HTTP reverse proxies, in order to gather Netcap audit records from them.
Description
A file for each proxy will be created that contains HTTP audit records. Multiple proxies can be configured with a YAML config file.
The naming scheme is HTTP[remoteURL].ncap.gz, e.g: HTTP[github.com].ncap.gz
Read more about this tool in the documentation: https://docs.netcap.io
Usage examples
Use a single reverse proxy:
$ net.proxy -local 127.0.0.1:4444 -remote https://github.com
Specify maximum number of idle connections:
$ net.proxy -local 127.0.0.1:4444 -remote https://github.com -maxIdle 300
Dump audit records while capturing:
$ net.proxy -local 127.0.0.1:4444 -remote https://github.com -dump
Help
$ net.proxy -h
-config string
set config file path (default "net.proxy-config.yml")
-debug
set debug mode
-dialTimeout int
seconds until dialing to the backend times out (default 30)
-dump
dumps audit record as JSON to stdout
-format
format when dumping JSON (default true)
-idleConnTimeout int
seconds until a connection times out (default 90)
-local string
set local endpoint
-maxIdle int
maximum number of idle connections (default 120)
-remote string
set remote endpoint
-skipTlsVerify
skip TLS verification
-tlsTimeout int
seconds until a TLS handshake times out (default 15)
-trace
trace HTTP requests to retrieve additional information (default true)
Documentation
¶
Index ¶
- Constants
- Variables
- func ConfigureLogger(debug bool, outputPath string)
- func DumpHTTPRequest(req *http.Request, proxyName string)
- func DumpHTTPResponse(resp *http.Response, proxyName string, rawbody []byte)
- func GetCommand() *cobra.Command
- func TrimPortIPv4(addr string) string
- type Config
- type NetcapTransport
- type ReverseProxy
- type ReverseProxyConfig
Constants ¶
const LogFileName = "net.proxy.log"
LogFileName holds name of the logfile
Variables ¶
var ( // Log instance Log *zap.Logger )
Functions ¶
func ConfigureLogger ¶
ConfigureLogger configures the logging instance
func DumpHTTPRequest ¶
DumpHTTPRequest dumps an http.Request for debugging purposes
func DumpHTTPResponse ¶
DumpHTTPResponse dumps an http.Response for debugging purposes
func GetCommand ¶
func TrimPortIPv4 ¶
TrimPortIPv4 trims the port number from an IPv4 address string
Types ¶
type Config ¶
type Config struct {
// Proxies map holds all reverse proxies
Proxies map[string]ReverseProxyConfig `yaml:"proxies"`
// CertFile for TLS secured connections
CertFile string `yaml:"certFile"`
// KeyFile for TLS secured connections
KeyFile string `yaml:"keyFile"`
// Logdir is used as destination for the logfile
Logdir string `yaml:"logdir"`
}
Config represents the proxy configuration
func ParseConfiguration ¶
ParseConfiguration reads the config file and returns a config instance
type NetcapTransport ¶
type NetcapTransport struct {
// contains filtered or unexported fields
}
NetcapTransport contains a http.Transport for RoundTrips and the target URL of the associated reverse proxy
type ReverseProxy ¶
type ReverseProxy struct {
Name string
// contains filtered or unexported fields
}
ReverseProxy represents a named reverse proxy that uses a custom http.Transport to export netcap audit records
func NewReverseProxy ¶
func NewReverseProxy(proxyName string, targetURL *url.URL) *ReverseProxy
NewReverseProxy creates a ReverseProxy instance for the given target URL and sets the specified name
func (*ReverseProxy) ServeHTTP ¶
func (p *ReverseProxy) ServeHTTP(w http.ResponseWriter, r *http.Request)
ServeHTTP implements the http.Handler interface
type ReverseProxyConfig ¶
type ReverseProxyConfig struct {
// Remote endpoint address
Remote string `yaml:"remote"`
// Local endpoint address
Local string `yaml:"local"`
// TLS for local endpoint
TLS bool `yaml:"tls"`
}
ReverseProxyConfig represents the configuration of a single reverse proxy if the TLS field is set to true paths to the cert and key files must be specified
Source Files