code_public/ja4-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8beed18eea867edf0d5fe97be00cc7963fc6afce
ja4-platform/tests/integration
History
Jacquin Antoine 36b5065a0a feat(e2e): add multi-IP endpoint architecture with dedicated traffic VM 
Replace single-service-per-endpoint with all-ips mode running nginx, apache,
and hitch+varnish simultaneously on 3 dedicated IPs per VM (eth1 alias IPs).
Add a dedicated traffic VM with curl-impersonate for realistic TLS fingerprints,
parallelized traffic generation, and paired SNI_HOSTS/TARGET_IPS lists for
per-VM per-service hostname identification (e.g. rocky9-nginx-platform.test).

Key changes:
- run-tests-vm.sh: add setup_all_ips(), IP-specific Listen/bind directives
  with reset-before-apply pattern, graceful service availability checks
- run-e2e-test.sh: traffic VM architecture, all-ips mode, eth1 network,
  paired IP/SNI lists, updated cleanup for alias IPs
- generate-traffic.sh: parallel background jobs, curl-impersonate detection,
  auto source interface detection via ip route get, Host header in HTTP traffic
- Vagrantfile: add traffic VM with provision-traffic.sh
- provision-traffic.sh: install curl-impersonate and httpx for traffic gen
- test-rpm.sh: multi-interface TC check, updated ja4ebpf config
- clickhouse-init.sh: load CSV stubs for Anubis/bot-networks dictionaries
- Remove obsolete correlator/sentinel/mod-reqin-log docs
- Add h2_settings_ack column to http_logs schema
- Upgrade Go toolchain to 1.25.0

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-16 14:25:24 +02:00
..
apache
feat: pipeline L7 HTTP complet + infrastructure tests VM
2026-04-12 02:37:00 +02:00
hitch-varnish
feat: pipeline L7 HTTP complet + infrastructure tests VM
2026-04-12 02:37:00 +02:00
lib
feat: pipeline L7 HTTP complet + infrastructure tests VM
2026-04-12 02:37:00 +02:00
nginx
feat: pipeline L7 HTTP complet + infrastructure tests VM
2026-04-12 02:37:00 +02:00
nginx-varnish
feat: pipeline L7 HTTP complet + infrastructure tests VM
2026-04-12 02:37:00 +02:00
platform
feat(e2e): add multi-IP endpoint architecture with dedicated traffic VM
2026-04-16 14:25:24 +02:00
traffic-gen
feat: pipeline L7 HTTP complet + infrastructure tests VM
2026-04-12 02:37:00 +02:00
README.md
chore: suppression des services obsolètes (sentinel, correlator, mod-reqin-log)
2026-04-12 01:48:14 +02:00
run-all-stacks.sh
fix(ja4ebpf): split bpf2go generate into Ja4Tc + Ja4Ssl, fix RPM systemd-rpm-macros
2026-04-11 23:21:11 +02:00
run-distro-matrix.sh
fix(ja4ebpf): split bpf2go generate into Ja4Tc + Ja4Ssl, fix RPM systemd-rpm-macros
2026-04-11 23:21:11 +02:00

README.md

Tests d'intégration — ja4-platform

Architecture de test

Chaque stack lance deux containers Docker :

  • platform : serveur web (Apache/nginx/varnish/hitch) + agent ja4ebpf (eBPF CO-RE)
  • clickhouse : base ClickHouse locale avec le schéma complet

Le générateur de trafic envoie 300 requêtes HTTPS et vérifie que la chaîne complète fonctionne : TC ingress (L3/L4) → uprobe SSL (L7) → http_logs_raw → MV → http_logs.

Stacks disponibles

Stack Serveur TLS Backend
apache Apache httpd + mod_ssl + mod_http2
nginx nginx + HTTP/2
nginx-varnish nginx (TLS) Varnish (-p feature=+http2)
hitch-varnish hitch (TLS offload, ALPN h2) Varnish (-p feature=+http2)

Commandes

# Stack unique (Rocky Linux 9)
make test-apache
make test-nginx
make test-nginx-varnish
make test-hitch-varnish

# Toutes les stacks (Rocky Linux 9)
make test-all-stacks

# Matrice multi-distro (el8 / el9 / el10)
make test-matrix
make test-matrix MATRIX_STACKS=nginx,nginx-varnish MATRIX_DISTROS=el9

Matrice de compatibilité

Stack el8 (AlmaLinux 8) el9 (Rocky Linux 9) el10 (AlmaLinux 10)
apache