jbittel / httpry Goto Github PK

.. the IP on which the httpry was installed, Not able to see from other devices connected.

Is it possible to intercept an http request using httpry and respond with a previously saved response?

I want a way to get integration tests running quicker and less dependent on external services. Basically I want to run tests once, record all the responses of external http requests and then the next time the tests are run just return these saved responses instead of going off to the network.

Something similar to https://github.com/myronmarston/vcr but at a lower level?

running httpry -p -i eth0 on a host but cannot capture incoming requests, only the outgoing requests can be captured.
incoming requests are from another host in the same LAN. using tcpdump can capture the requests.
please tell me how to give further information about this problem.

I didn't see any mention in doc/format-string of fields for request & response bodies...

Is it possible to print them?

running make fails on:
~/programs/httpry-0.1.8 ⌚ 12:14:21
$ make
gcc -Wall -O3 -funroll-loops -I/usr/include/pcap -I/usr/local/include/pcap -o httpry httpry.c format.c methods.c utility.c rate.c -lpcap -lm -pthread
httpry.c:14:18: fatal error: pcap.h: No such file or directory
compilation terminated.
Makefile:21: recipe for target 'httpry' failed
make: *** [httpry] Error 1

running linux mint:4.4.0-66-generic #87-Ubuntu SMP Fri Mar 3 15:29:05 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
using the downloaded zip, same error on the git version though

I'm trying to debug an issue with our caching servers and httpry doesn't appear to be able to grab PURGE requests even if I specify it using the -m flag.

In prepare_capture(), pcap_open_live() is called with the third argument, which is the timeout, being 0.

The pcap man page says:

   read timeout
          If, when capturing,  packets  are  delivered  as  soon  as  they
          arrive,  the  application capturing the packets will be woken up
          for each packet as it arrives, and might have  to  make  one  or
          more calls to the operating system to fetch each packet.

          If,  instead,  packets are not delivered as soon as they arrive,
          but are delivered after a short delay (called a "read timeout"),
          more  than  one packet can be accumulated before the packets are
          delivered, so that a single wakeup would be  done  for  multiple
          packets,  and  each  set  of  calls made to the operating system
          would supply multiple packets,  rather  than  a  single  packet.
          This reduces the per-packet CPU overhead if packets are arriving
          at a high rate, increasing the number of packets per second that
          can be captured.

          The  read  timeout is required so that an application won't wait
          for the operating system's capture  buffer  to  fill  up  before
          packets are delivered; if packets are arriving slowly, that wait
          could take an arbitrarily long period of time.

          Not all platforms support a  read  timeout;  on  platforms  that
          don't,  the read timeout is ignored.  A zero value for the time-
          out, on platforms that support a read timeout, will cause a read
          to wait forever to allow enough packets to arrive, with no time-
          out.

This means that on several platforms, including all the BSDs and OS X, httpry will not see any packets until enough packets arrive to fill BPF's buffer.

A non-zero value should be specified here; the value should probably be between 1 and 1000.

Like tcpdump -e option, do we have a way to show the mac address of the source packet?

Should this work on OS X? tcpdump gives me tons of output but httpry never shows anything at all... but does give a package count when quitting such as:

95 packets received, 0 packets dropped, 0 http packets parsed

Any chance you could support listening on a ppp interface?

I know that the proper fix is to implement stream-based packet capture, but a simple truncation method for requests greater than the packet MTU would be much better than simply ignoring the request. Can this be added?

Hello,

I love httpry for copper interfaces. I recently purchased a 10g EndaceDAG Data Capture Card and attempted to make httpry look at the dag0 interface without success (error below). I'm able to get this to work with bro and tcpdump without issue. Any ideas on how I can get httpry to recognize this device like bro/tcpdump does? I suspect it lies somewhere in the libpcap module but thats outside my capabilities at the moment. Looking to see if anyone else has ideas or has experienced a similar issue. Redhat 6.5 OS.

"httpry version 0.1.8 -- HTTP logging and information retrieval tool
Copyright (c) 2005-2014 Jason Bittel [email protected]
Error: Cannot open live capture on 'dag0': dag0: No such device exists (SIOCGIFHWADDR: No such device)
Caught SIGINT, shutting down..."

"tcpdump -i dag0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on dag0, link-type EN10MB (Ethernet), capture size 262144 bytes
...
73 packets captured
73 packets received by filter
0 packets dropped by kernel"

Card reference:
http://www.endace.com/products/endacedag-data-capture-cards/features/

Thanks!

Hello,

I have installed httpry-0.1.8-1.el7.x86_64.rpm on CentOS and i am running httpry in the following way:

sudo httpry -d -s -i eth0 'tcp dst port 3000' -o pry.txt

I want to have HTTP request per second display mode in that pry.txt output.

It creates the file with the following content:

[centos@nifi1-qa ~]$ cat pry
# httpry version 0.1.8
# Fields: host

but, unfortunately, no other output like:
"```
2018-09-07 11:25:59 127.0.0.1:3000 466 rps
2018-09-07 11:25:59 totals 468.40 rps

Hi,
Is it possible to log websocket traffic ?

With the -f format option,I could select which header to output,but what should I do if I want to show all the headers send and receive?