如何记录/查看加密前/后通过隧道的流量?

如何记录/查看加密前/后通过隧道的流量?

因此,我正在使用 stunnel 与 SSL 服务器通信。我希望在发送的消息被加密之前查看它们,更重要的是,我希望在解密之后查看我收到的消息。

我打开了调试日志记录(级别 7),但仍然看不到消息。详细信息如下:

隧道配置文件

output = coinsetter.log

[remote]
client = yes
accept = 8888
connect = 198.61.189.25:5001
debug = 7

隧道输出:

2015.09.23 23:11:17 LOG5[ui]: stunnel 5.18 on x86_64-apple-darwin13.4.0 platform
2015.09.23 23:11:17 LOG5[ui]: Compiled/running with OpenSSL 1.0.1c 10 May 2012
2015.09.23 23:11:17 LOG5[ui]: Threading:PTHREAD Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI
2015.09.23 23:11:17 LOG5[ui]: Reading configuration from file coinsetter.conf
2015.09.23 23:11:17 LOG5[ui]: UTF-8 byte order mark not detected
2015.09.23 23:11:17 LOG5[ui]: FIPS mode disabled
2015.09.23 23:11:17 LOG4[ui]: Authentication is needed to prevent MITM attacks
2015.09.23 23:11:17 LOG5[ui]: Configuration successful


2015.09.23 23:11:40 LOG7[0]: Service [remote] started
2015.09.23 23:11:40 LOG5[0]: Service [remote] accepted connection from 127.0.0.1:57261
2015.09.23 23:11:40 LOG6[0]: failover: round-robin
2015.09.23 23:11:40 LOG6[0]: s_connect: connecting 198.61.189.25:5001
2015.09.23 23:11:40 LOG7[0]: s_connect: s_poll_wait 198.61.189.25:5001: waiting 10 seconds
2015.09.23 23:11:40 LOG5[0]: s_connect: connected 198.61.189.25:5001
2015.09.23 23:11:40 LOG5[0]: Service [remote] connected remote server from 192.168.0.12:57262
2015.09.23 23:11:40 LOG7[0]: Remote socket (FD=9) initialized
2015.09.23 23:11:40 LOG6[0]: SNI: sending servername: staging-fix.coinsetter.com
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): before/connect initialization
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv2/v3 write client hello A
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 read server hello A
2015.09.23 23:11:40 LOG6[0]: Certificate verification disabled
2015.09.23 23:11:40 LOG6[0]: Certificate verification disabled
2015.09.23 23:11:40 LOG6[0]: Certificate verification disabled
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 read server certificate A
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 read server key exchange A
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 read server done A
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 write client key exchange A
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 write change cipher spec A
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 write finished A
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 flush data
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 read finished A
2015.09.23 23:11:40 LOG7[0]:      1 client connect(s) requested
2015.09.23 23:11:40 LOG7[0]:      1 client connect(s) succeeded
2015.09.23 23:11:40 LOG7[0]:      0 client renegotiation(s) requested
2015.09.23 23:11:40 LOG7[0]:      0 session reuse(s)
2015.09.23 23:11:40 LOG6[0]: SSL connected: new session negotiated
2015.09.23 23:11:40 LOG7[0]: Peer certificate was cached (871 bytes)
2015.09.23 23:11:41 LOG6[0]: Negotiated TLSv1.2 ciphersuite DHE-RSA-AES256-SHA256 (256-bit encryption)
2015.09.23 23:11:41 LOG7[0]: Compression: null, expansion: null

答案1

你可以这样做索卡特甚至更好的是,你可以抛弃 stunnel,让 socat 为你执行 SSL,例如,

socat -v TCP4-LISTEN:8888 SSL:198.61.189.25:5001

相关内容