Evil proxy for testing client/server interaction

Asked 30/3, 2012 at 22:49 Answered 12/4, 2012 at 5:10

Solved macos testing network-programming client-server

I'm writing a client that talks to a remote server over HTTP. I would like to place an evil proxy between the client and the server that would (randomly?) affect the traffic on the wire.

Some things that I would like to happen:

arbitrary delays for the response
arbitrary HTTP errors
this scenario is hard to imagine with TCP but what the hell: truncated responses (ie malformed data)
temporary unavailability (though that seems hard given that this would have to be done at the lower network level).
predefined custom errors (eg: every request comes back with a service error)

Basically I want to simulate a range of networking conditions that the users of this software are going to experience out in the real world and make sure the client handles them gracefully.

I suspect (hope) that something like that already exists. Please point me in the right direction!

Thanks

Concision answered 30/3, 2012 at 22:49 Comment(6)

IIRC some companies built similar modules for internal testing... I do not know of any free or commercial proxy allowing for that much control... basically you would start with an existing opensource proxy and modify/extend it for your needs... – Pinnatiped 5/4, 2012 at 5:57

Yeah, I found Mallory. It supports plugins but I want to see if there's something out there already, before I invest time into learning Python. – Concision 5/4, 2012 at 6:42

I think the better choice is to mock network interaction classes, so you could easily describe such scenarios in the test case code, otherwise it would be quite difficult to manage such system. – Graceless 5/4, 2012 at 10:40

Yeah you're right that would be the preferable way. Unfortunately the network code wasn't architected in a way that would facilitate testing. I believe it's quite solid anyway but a real life test would be better than no testing. – Concision 6/4, 2012 at 17:15

Writing a proxy like that is straightforward in a scripting language like perl or python - as Yahia says it's commonly done internally for testing. – Allow 11/4, 2012 at 21:2

Why would I want to reinvent the wheel? – Concision 11/4, 2012 at 22:37

HTTP Test Tool (htt) seems like what you need here. It has the ability to operate as a proxy and a reverse-proxy for testing those cases specifically, when a mock framework is insufficient to the task.

For a truly evil proxy, consider using Squid in conjunction with the Metasploit Framework and some of the tools in BackTrack Linux. That seems to be a bit beyond your project scope, though!

(Additional tools to consider, plus one more)

Recruitment answered 6/4, 2012 at 6:39 Comment(0)

Fiddler1 is a scriptable traffic viewer/proxy.

Wallie answered 6/4, 2012 at 7:2 Comment(0)

You could try fiddler - everything you wrote can be simulated using that tool. It's also great for debugging communication issues between your application and the server. Saved me a lot of work when I was implementing XML-RPC.

There are some great extensions that can help you and you can even write your own if you need something really special.

[EDIT] Since this is mac question, you can try webscarab or charles (the second one is paid). But you can still run the proxy on any machine - even virtual. So if you have spare win license...

Gobetween answered 11/4, 2012 at 18:38 Comment(1)

@Concision as I doubt that fiddler will run on mono, I've edited my answer and added links to tools that will run on mac. – Gobetween 11/4, 2012 at 23:6

Since you're on a Mac, you have ipfw built in to your system. From a terminal, man ipfw for information.

ipfw manages firewall rules, including a set of rules called "Dummynet" which can be used to introduce packet loss and latency. This doesn't address ALL your concerns, but it allows you to affect your traffic at the network level without involving an extra piece of software.

I found an article on WaterRoof which appears to be a GUI ipfw rule editor that supports Dummynet. There are probably others.

Also have a look at this AFP548 article on traffic shaping with Dummynet. If you're fairly comfy at a command line, you should be good to go.

Note that Dummynet does NOT provide tools for all the things you listed in your question; it only lets you simulate a number of network problems like latency and packet loss. For anything involving alteration of data at the HTTP level, I agree with others that fiddler is probably the tool to use.

Also learn about Chrome/Chromium's "Inspect Element" tool. (Right-click, then select it from the bottom of most context menus.) It provides a detailed look at HTTP client and server headers, along with the ability to modify hidden form variables, record entire sessions for later viewing, etc. Very handy stuff.

Tuberculous answered 12/4, 2012 at 5:10 Comment(0)

Recommended topics

Hot tags