01-26-2010

Need to decide exactly how to capture the bytes as they flow through the proxy.  Is raw bytes the best?  Do we separate client-to-server from server-to-client into separate files?  Do we time stamp each block?  This is a tough one.  Showing a time stamp and direction seems useful but that means you have to write out the data as text.  How do you show the data?  Do you try and convert into ascii as well?  Do you show just the hex codes?  Unix hex viewers do a nice job with just the raw binaries in that you can see the data in both raw hex and ascii.  it would be nice to leverage existing tools and not have to write our own.  I think this means leaving the data as raw binary and forgoing the time stamp and direction tags in the data. After watching the data that flows through an HTTP connection, I'm thinking that just keeping the raw, untagged data is best.  You can see everything but you do have to know enough about the protocol to figure out where the messages start and stop.  I guess the next question is do I want to put in an HTTP-specific proxy?