is it able to sniff connections established before grpcudmp launch?

rmedvedev / grpcdump

Tool for capture and parse grpc traffic

MIT License

154 stars 23 forks source link

is it able to sniff connections established before grpcudmp launch? #8

Open jizhilong opened 3 years ago

jizhilong commented 3 years ago

Hi dear maintainer, My experiment shows the following 2 cases:

launch grpcdump, then launch a grpc client and invoke a grpc call -> The request/response is dumped to the console.
launch a grpc client and invoking grpc calls(unary call) regularly, then launch grpcdump -> No request/response is dumped to the console.

so the question in this issue title arises. If the answer is negative, is it possible to support sniff established connections in the future?

jizhilong commented 3 years ago

After some digging into grpcdump and gopacket, I realized the main blocker is hpack-as headers in HTTP2 are compressed with hpack, it's not possible to sniff their actual content if we skip the initial requests in which the compression tables were established.

jschwinger233 commented 2 years ago

I've written my version of grpcdump to workaround this issue, have a try: https://github.com/jschwinger233/grpcdump