#1 2018-01-15 14:22:02

edwinsn
Member
Registered: 2010-07-02
Posts: 1,218

http.sys traffic capturing?

Has anybody successfully setup tracking of the mORMot http/WebSockets traffic between the client and the http.sys server, with well-known tools such as fiddle, fiddleCap or WireShark?

Today I tried all the three without luck. it seems that fiddle and fiddleCap (really helpful if it works) captures WinInet only, so  the two work with the tracffic of IE which uses WinINet.

Anybody has any hints? Thanks.


Delphi XE4 Pro on Windows 7 64bit.
Lazarus trunk built with fpcupdelux on Windows with cross-compile for Linux 64bit.

Offline

#2 2018-01-15 15:21:50

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,669
Website

Re: http.sys traffic capturing?

Http.sys works in kernel mode for best performance.
So it bypasses the socket layer on the server side.

On the client side the plain socket client will work for sure with capture tools.

Offline

#3 2018-01-15 16:33:57

mpv
Member
From: Ukraine
Registered: 2012-03-24
Posts: 1,571
Website

Re: http.sys traffic capturing?

WireShark must intercept all traffic - it replace (add a minifilter driver as far as I understand) low level network layer calls. Just allow Wireshark to install a driver during installing WireShark and reboot server. But I usually debug a plain socket client side using Fiddler since it's more user friendly

Offline

#4 2018-01-20 15:07:48

edwinsn
Member
Registered: 2010-07-02
Posts: 1,218

Re: http.sys traffic capturing?

@mpv, thanks for the info. I my previous testing Fiddler  captures only some of the http traffics but not the mORMot client traffics. Not sure why, but will try again next time.


Delphi XE4 Pro on Windows 7 64bit.
Lazarus trunk built with fpcupdelux on Windows with cross-compile for Linux 64bit.

Offline

#5 2018-01-21 08:32:25

mpv
Member
From: Ukraine
Registered: 2012-03-24
Posts: 1,571
Website

Re: http.sys traffic capturing?

Fiddler Setup itself as a proxy on windows level,  so you should configure a mOrmot client to use a default system proxy

Offline

#6 2018-01-21 09:24:15

edwinsn
Member
Registered: 2010-07-02
Posts: 1,218

Re: http.sys traffic capturing?

@mpv, oh yes, through a new firewall I installed yesterday, I noticed the 'proxy changed' notification upon fiddle4 starting and closing.

But, how to " configure a mOrmot client to use a default system proxy"?

I noticed the aProxyServer and aProxyByPass parameters for TSQLHttpClient.Create(), as I understand, I can specify a proxy server to use, and specify which hosts to not use the proxy.

Thanks again smile


Delphi XE4 Pro on Windows 7 64bit.
Lazarus trunk built with fpcupdelux on Windows with cross-compile for Linux 64bit.

Offline

#7 2018-01-21 11:19:47

mpv
Member
From: Ukraine
Registered: 2012-03-24
Posts: 1,571
Website

Re: http.sys traffic capturing?

If you use a TWinHTTP based client ( I think you do) just configure your browser to use a default system proxy settings (any browser - all of them write the setting to the same place) and setup a WinHTTP to use proxy settings from IE: `netsh winhttp import proxy source=ie`

Offline

#8 2018-01-21 15:35:50

edwinsn
Member
Registered: 2010-07-02
Posts: 1,218

Re: http.sys traffic capturing?

@mpv,

I can confirm I'm using the TWinHTTP-based clients.

Looks my computer is a bit in a mess - the button for going into the proxy settings UI in th eInternet Options window is grayed out, at the moment I don't have the time to handle it, so at the end I resorted to this approach - specify "127.0.0.1:8888" as the proxy server (which is Fiddler4's listening port) when creating the TSQLHttpClient connection.

Thanks for the help!

Last edited by edwinsn (2018-01-21 15:36:20)


Delphi XE4 Pro on Windows 7 64bit.
Lazarus trunk built with fpcupdelux on Windows with cross-compile for Linux 64bit.

Offline

Board footer

Powered by FluxBB