Intercept Network Traffic Transparently

This guide will walk you through enabling lueur's stealth mode to capture network traffic without modifying your application.

Info

This feature is only available on Linux as it relies on a kernel advanaced capability called ebpf.

Prerequisites

Install lueur

If you haven’t installed lueur yet, follow the installation instructions.

Capture HTTPS Traffic

Start the proxy in stealth mode with a normal distribution latency

lueur run \
    --stealth \ # (1)!
    --capture-process curl \ # (2)!
    --with-latency \ # (3)!
    --latency-mean 300 \
    --latency-stddev 40

Enable stealth mode
Stealth mode will focus only on processes named curl
Enable the latency fault support

Send traffic

curl \
    -4 \ # (1)!
    -I \ # (2)!
    -o /dev/null -s \ # (3)!
    -w "Connected IP: %{remote_ip}\nTotal time: %{time_total}s\n" \ # (4)!
    https://www.google.com

lueur can only intercept IPv4 traffic
Let's only focus on a HEAD request for brevety
Discard any returned output
Display statistics about the call

Apply Latency to a PostgreSQL Connection

Install lueur's ebpf dependencies

Follow the procedure to install the eBPF programs on your machine.
Start a local PostgreSQL server using a container
```
docker run \
    --name demo-db \ # (1)!
    -e POSTGRES_USER=demo \ # (2)!
    -e POSTGRES_PASSWORD=demo \ # (3)!
    -e POSTGRES_DB=demo \ # (4)!
    --rm -it \ # (5)!
    -p 5432:5432 \ # (6)!
    postgres
```
1. Name of the container, useful to identify and delete it later on
2. Default basic user named {demo}
3. Password set to {demo} for the user {demo}
4. Default database name
5. Release all resources once we stop the container
6. Expose the database port onto the host

Start the proxy in stealth mode with a normal distribution latency

lueur run \
    --stealth \ # (1)!
    --capture-process curl \ # (2)!
    --with-latency \ # (3)!
    --latency-mean 300 \
    --latency-stddev 40

Enable stealth mode
Stealth mode will focus only on processes named curl
Enable the latency fault support

Communicate with your PostgreSQL server

First, install uv to run the demonstration script below. Follow the instructions from the uv documentation.

Let's use the following basic Python script:
connect-to-pgsql.py
```
import time

import psycopg


def query_database_server_time(url: str) -> None:
    start = time.time()

    with psycopg.Connection.connect(url) as conn: # (1)!
        cur = conn.execute("select now()")
        print(cur.fetchone()[0])

    print(f"Time taken {time.time() - start}")


if __name__ == "__main__":
    connection_url = "postgresql://demo:demo@localhost:5432/demo" # (2)!

    query_database_server_time(connection_url)
```
1. We are using a context manager which closes the connection automatically
2. This should reflect the address of your PostgreSQL database
Run the script using uv.
```
uv run \ # (1)!
    --with psycopg[binary] \  # (2)!
    python connect-to-pgsql.py
```
1. Use uv to run the script with the required dependency
2. Install the required dependency on the fly. Here the psycopg driver
This should output something such as:
```
2025-03-08 13:06:16.968350+00:00
Time taken 0.30957818031311035  # (1)!
```
1. This shows the impact of the latency injected by lueur into the exchange
Info

We use uv to ease the management of the Python environment for this particular script. When we run the script this way, the actual process executing the script is indeed python. This is why lueur captures the network traffic from the python process, not from uv.