The problem I had to solve was I had a network problem only visible in one part of the internet, that had to be fixed by a cloud provider present on another part of the internet who could not see the problem, and I was fighting a lot of technology designed to work around problems that hid things and in so doing downplayed the seriousness of the problem.
What does it do?
- Connectcap is an RFC9110 http CONNECT proxy; that - Gets libpcap to record each connection through the proxy and save it as a separate pcap file for analysis by tcpdump or wireshark; then - Optionally emails a summary and the pcap file back to the user who used the proxy.
What does it not do?
- Connectcap makes no attempt to compensate for broken network behaviour; like - Trying a different server if the first connection failed; or - Falling back to IPv4 if IPv6 failed (no Happy Eyeballs).
Why not just tcpdump?
It can be difficult to predict what server you will connect to, and in turn what to record. Couple this with a cloud provider in another region or timezone needing to collaborate to generate the traffic, and life becomes very difficult.
Instead, deploy a connectcap proxy on the network giving trouble, and provide login details to the cloud provider, who can see the problem for themselves at their convenience, and receive all the diagnostics they need without waiting.
What about other proxies?
Many proxies try hard to compensate for broken networks, broken servers and so on. A diagnostic tool needs to do the complete opposite, not compensate for problems at all, and be completely clear this is the case.