Open strictlymike opened 7 years ago
The proxy listener adds a new layer of complexity to this which should be included in the design and implementation of this feature. Specifically, the proxy listener causes traffic to exist twice in the same pcap, and where SSL/TLS is used, it means the traffic will appear both encrypted and decrypted within the same pcap.
FakeNet-NG currently records datagrams at various intermediate stages within the pcap it creates:
Users would like to be able to configure FakeNet-NG to omit some of the duplicate (modified) datagrams. It is easy to imagine that users might want at least these three pre-set modes of behavior:
Furthermore, users may foreseeably wish to configure FakeNet-NG to write multiple pcaps, selecting the mode (from the above) for each.