Remix clone Hacker News

I meant it is difficult relative to fingerprinting TLS and HTTP. The information is not exported by the berkeley socket API unless you use raw sockets and implement your own userland TCP stack.

▲

sneak 9 hours ago | parent [-]

Couldn’t you just monitor the inbound traffic and associate the packets to the connections? Doing your own TCP seems silly.

	▲	gruez 7 hours ago \| parent [-]
		Yeah, some sort of packet mirroring setup (eg. in iptables or at the switch level) + packet capture tool should be enough. Then you just need to join the data from the packet capture program/machine with your load balancer, using src ip + port + time.