I'm designing a developer tool that would analyse and debug arbitrary network connections, but I want to provide it as a service rather than software to be installed locally.
Ideally I would like to save all inbound and outbound packets on a per-user basis to a database.
For example:
- The developer connects the machine running his software to the VPN.
- The developer then runs his software, which may connect to arbitrary hosts.
- Traffic is routed through the VPN, where it is logged.
- The developer can then access the logs for that session.
I'm having difficulty figuring out how to address the third step.
I've read the manual, searched the web, and searched Server Fault, but I suspect I'm missing a piece of the puzzle somewhere. Do I need an additional tool to sniff the virtual interface or can OpenVPN handle this somehow?