Command start

The start command begin a new capture session and blocks until the capture session is stopped with SIGINT (Ctrl+C).

Listen on interfaces

By default, fluxzy will listen to all loopback interface (IPv4 and IPv6) on port 44344.

You can specify multiple interfaces to listen to with the -l option. This option is expecting as argument an ip endpoint (IP address and port separated by a : or a /).

fluxzy start -l "" -l "[::1]:44344"

Additionally the following option are shortcuts for common listen endpoint

  • --llo : listen to IPv4 loopback on port 44344
  • --lany: listen on all interfaces on port 44344 (equivalent of -l

Save to a file

-o options specify the output file. The file format will be infered from the extension. .har for http archive, .fxzy for fluxzy archive.

fluxzy start -o /path/to/file.fxzy

Save to a directory

-d options specify the dump directory. You can use simultaneously -o and -d options.

fluxzy start -d "/path/to/dump-folder"

Act as system proxy

-sp options make fluxzy act as system proxy.

fluxzy start -sp
  • When the -sp option is used, fluxzy can only revert back the system proxy settings when SIGINT (Ctrl+C) is received. If the process is killed by other means, you will have to manually revert back the system proxy settings.
  • This option doesn't act on global environment variables for setting proxy (e.g. HTTP_PROXY, HTTPS_PROXY, NO_PROXY). Only the default system proxy of running OS UI is changed.

Install CA certificate

You can force certificate installation by using --install-cert option.

fluxzy start --install-cert
  • This option needs administrator privileges. In linux and macOS, you will have to run the CLI with sudo command.
  • This option updates only the default certificate store of the running OS. Specific user store, like curl certificate store on linux and macOS, are not updated.

Use a rule file

The '-r' option allows you to specify a rule file to use.

The following sample add a rule to update the user-agent header of all requests by appending " - Relayed by fluxzy" to the original value of the header.

cat << EOF
  - filter: 
      typeKind: AnyFilter        
    action : 
      typeKind: UpdateRequestHeaderAction
      headerName: user-agent
      # previous reference the original value of the user-agent header
      headerValue: "{{previous}} - Relayed by fluxzy"
EOF > rule-file.json
fluxzy start -r "rule-file.json" -sp

Use a custom CA

The option --cert-file and --cert-password allows you to specify a PKCS12 certificate to use as root certificate. Note : you can create a root certificate the fluxzy CLI, Check command fxzy cert create.

fluxzy start --cert-file "/path/to/cert.pfx" --cert-password "password"

No SSL decryption

The option --no-cert-cache allows you to disable SSL decryption. This option disable all filters and rules that depends on clear text content of the request or response.