Webench是一款轻量级的网站测压工具,最多可以对网站模拟3w左右的并发请求,可以控制时间、是否使用缓存、是否等待服务器回复等等,且对中小型网站有明显的效果,基本上可以测出中小型网站的承受能力,对于大型的网站如百度、淘宝这些巨型网站则没有太大意义,因为大型网站的承受能力非常大。同时测试结果也受自身网速、以及自身主机的性能与内存的限制,性能好、内存大的主机可以模拟的并发就明显要多(主要还是该测试方法主要使用fork多进程进行测试)。
Webbench能测试处在相同硬件上,不同服务的性能以及不同硬件上同一个服务的运行状况。webbench的标准测试可以向我们展示服务器的两项内容:每秒钟相应请求数和每秒钟传输数据量。webbench不但能具有便准静态页面的测试能力,还能对动态页面(ASP,PHP,JAVA,CGI)进 行测试的能力。还有就是他支持对含有SSL的安全网站例如电子商务网站进行静态或动态的性能测试。
Webbench实现的核心原理是:
socket.c
/* $Id: socket.c 1.1 1995/01/01 07:11:14 cthuang Exp $
*
* This module has been modified by Radim Kolar for OS/2 emx
*/
/***********************************************************************
module: socket.c
program: popclient
SCCS ID: @(#)socket.c 1.5 4/1/94
programmer: Virginia Tech Computing Center
compiler: DEC RISC C compiler (Ultrix 4.1)
environment: DEC Ultrix 4.3
description: UNIX sockets code.
***********************************************************************/
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
int Socket(const char *host, int clientPort)
{
int sock;
unsigned long inaddr;
struct sockaddr_in ad;
struct hostent *hp;
memset(&ad, 0, sizeof(ad));
ad.sin_family = AF_INET;
//将host字符串转换成点分十进制的IP地址,
//字符串不是合法的IP地址,则返回INADDR_NONE
inaddr = inet_addr(host);
if (inaddr != INADDR_NONE) //转换成功,
memcpy(&ad.sin_addr, &inaddr, sizeof(inaddr));
else
{
//转换失败,表示host是一个域名,通过gethostbyname()函数获取IP地址
hp = gethostbyname(host);
if (hp == NULL)
return -1;
memcpy(&ad.sin_addr, hp->h_addr, hp->h_length);
}
ad.sin_port = htons(clientPort);
//创建socket套接字
sock = socket(AF_INET, SOCK_STREAM, 0);
if (sock < 0)
return sock;
if (connect(sock, (struct sockaddr *)&ad, sizeof(ad)) < 0)//建立连接
return -1;
return sock;
}
webbench.c
/*
* (C) Radim Kolar 1997-2004
* This is free software, see GNU Public License version 2 for
* details.
*
* Simple forking WWW Server benchmark:
*
* Usage:
* webbench --help
*
* Return codes:
* 0 - sucess
* 1 - benchmark failed (server is not on-line)
* 2 - bad param
* 3 - internal error, fork failed
*
*/
#include "socket.c"
#include
#include
#include
#include
#include
#include
#include
/* values */
volatile int timerexpired=0;
int speed=0;
int failed=0;
int bytes=0;
/* globals */
//所用http协议版本
int http10=1; /* 0 - http/0.9, 1 - http/1.0, 2 - http/1.1 */
/* Allow: GET, HEAD, OPTIONS, TRACE */
//http请求方式
#define METHOD_GET 0
#define METHOD_HEAD 1
#define METHOD_OPTIONS 2
#define METHOD_TRACE 3
#define PROGRAM_VERSION "1.5"
//相关参数选项的默认值
int method=METHOD_GET;
int clients=1;
int force=0; //默认需要等待服务器响应
int force_reload=0; //默认不重新发送请求
int proxyport=80; //默认访问80端口,http测试惯例
char *proxyhost=NULL; //默认无代理服务器,因此初值为空
int benchtime=30; //默认模拟请求时间
/* internal */
//用于父子进程通信的管道
int mypipe[2];
//存放目标服务器的网络地址
char host[MAXHOSTNAMELEN];
//存放请求报文的字节流
#define REQUEST_SIZE 2048
char request[REQUEST_SIZE];
//构造长选项和短选项的对应
static const struct option long_options[]=
{
{"force",no_argument,&force,1},
{"reload",no_argument,&force_reload,1},
{"time",required_argument,NULL,'t'},
{"help",no_argument,NULL,'?'},
{"http09",no_argument,NULL,'9'},
{"http10",no_argument,NULL,'1'},
{"http11",no_argument,NULL,'2'},
{"get",no_argument,&method,METHOD_GET},
{"head",no_argument,&method,METHOD_HEAD},
{"options",no_argument,&method,METHOD_OPTIONS},
{"trace",no_argument,&method,METHOD_TRACE},
{"version",no_argument,NULL,'V'},
{"proxy",required_argument,NULL,'p'},
{"clients",required_argument,NULL,'c'},
{NULL,0,NULL,0}
};
/* prototypes */
static void benchcore(const char* host,const int port, const char *request);
static int bench(void);
static void build_request(const char *url);
static void alarm_handler(int signal)
{
timerexpired=1;
}
static void usage(void)
{
fprintf(stderr,
"webbench [option]... URL\n"
" -f|--force Don't wait for reply from server.\n"
" -r|--reload Send reload request - Pragma: no-cache.\n"
" -t|--time Run benchmark for seconds. Default 30.\n"
" -p|--proxy Use proxy server for request.\n"
" -c|--clients Run HTTP clients at once. Default one.\n"
" -9|--http09 Use HTTP/0.9 style requests.\n"
" -1|--http10 Use HTTP/1.0 protocol.\n"
" -2|--http11 Use HTTP/1.1 protocol.\n"
" --get Use GET request method.\n"
" --head Use HEAD request method.\n"
" --options Use OPTIONS request method.\n"
" --trace Use TRACE request method.\n"
" -?|-h|--help This information.\n"
" -V|--version Display program version.\n"
);
}
int main(int argc, char *argv[])
{
int opt=0;
int options_index=0;
char *tmp=NULL;
if(argc==1)
{
usage();
return 2;
}
while((opt=getopt_long(argc,argv,"912Vfrt:p:c:?h",long_options,&options_index))!=EOF )
{
switch(opt)
{
case 0 : break;
case 'f': force=1;break;
case 'r': force_reload=1;break;
case '9': http10=0;break;
case '1': http10=1;break;
case '2': http10=2;break;
case 'V': printf(PROGRAM_VERSION"\n");exit(0);
case 't': benchtime=atoi(optarg);break;
case 'p':
/* proxy server parsing server:port */
tmp=strrchr(optarg,':');
proxyhost=optarg;
if(tmp==NULL)
{
break;
}
if(tmp==optarg)
{
fprintf(stderr,"Error in option --proxy %s: Missing hostname.\n",optarg);
return 2;
}
if(tmp==optarg+strlen(optarg)-1)
{
fprintf(stderr,"Error in option --proxy %s Port number is missing.\n",optarg);
return 2;
}
*tmp='\0';
proxyport=atoi(tmp+1);break;
case ':':
case 'h':
case '?': usage();return 2;break;
case 'c': clients=atoi(optarg);break;
}
}
if(optind==argc) { //缺少待测试的URL
fprintf(stderr,"webbench: Missing URL!\n");
usage();
return 2;
}
if(clients==0) clients=1;
if(benchtime==0) benchtime=30;
/* Copyright */
fprintf(stderr,"Webbench - Simple Web Benchmark "PROGRAM_VERSION"\n"
"Copyright (c) Radim Kolar 1997-2004, GPL Open Source Software.\n"
);
build_request(argv[optind]);//解析URL
// print request info ,do it in function build_request
/*printf("Benchmarking: ");
switch(method)
{
case METHOD_GET:
default:
printf("GET");break;
case METHOD_OPTIONS:
printf("OPTIONS");break;
case METHOD_HEAD:
printf("HEAD");break;
case METHOD_TRACE:
printf("TRACE");break;
}
printf(" %s",argv[optind]);
switch(http10)
{
case 0: printf(" (using HTTP/0.9)");break;
case 2: printf(" (using HTTP/1.1)");break;
}
printf("\n");
*/
printf("Runing info: ");
if(clients==1)
printf("1 client");
else
printf("%d clients",clients);
printf(", running %d sec", benchtime);
if(force) printf(", early socket close");
if(proxyhost!=NULL) printf(", via proxy server %s:%d",proxyhost,proxyport);
if(force_reload) printf(", forcing reload");
printf(".\n");
return bench();//创建子进程进行测试
}
void build_request(const char *url)
{
char tmp[10];
int i;
//bzero(host,MAXHOSTNAMELEN);
//bzero(request,REQUEST_SIZE);
memset(host,0,MAXHOSTNAMELEN);
memset(request,0,REQUEST_SIZE);
if(force_reload && proxyhost!=NULL && http10<1) http10=1;
if(method==METHOD_HEAD && http10<1) http10=1;
if(method==METHOD_OPTIONS && http10<2) http10=2;
if(method==METHOD_TRACE && http10<2) http10=2;
switch(method)
{
default:
case METHOD_GET: strcpy(request,"GET");break;
case METHOD_HEAD: strcpy(request,"HEAD");break;
case METHOD_OPTIONS: strcpy(request,"OPTIONS");break;
case METHOD_TRACE: strcpy(request,"TRACE");break;
}
strcat(request," ");
if(NULL==strstr(url,"://"))
{
fprintf(stderr, "\n%s: is not a valid URL.\n",url);
exit(2);
}
if(strlen(url)>1500)
{
fprintf(stderr,"URL is too long.\n");
exit(2);
}
if (0!=strncasecmp("http://",url,7))
{
fprintf(stderr,"\nOnly HTTP protocol is directly supported, set --proxy for others.\n");
exit(2);
}
/* protocol/host delimiter */
i=strstr(url,"://")-url+3;
if(strchr(url+i,'/')==NULL) {
fprintf(stderr,"\nInvalid URL syntax - hostname don't ends with '/'.\n");
exit(2);
}
if(proxyhost==NULL)
{
/* get port from hostname */
if(index(url+i,':')!=NULL && index(url+i,':')0)
strcat(request,"User-Agent: WebBench "PROGRAM_VERSION"\r\n");
if(proxyhost==NULL && http10>0)
{
strcat(request,"Host: ");
strcat(request,host);
strcat(request,"\r\n");
}
if(force_reload && proxyhost!=NULL)
{
strcat(request,"Pragma: no-cache\r\n");
}
if(http10>1)
strcat(request,"Connection: close\r\n");
/* add empty line at end */
if(http10>0) strcat(request,"\r\n");
printf("\nRequest:\n%s\n",request);
}
/* vraci system rc error kod */
static int bench(void)
{
int i,j,k;
pid_t pid=0;
FILE *f;
/* check avaibility of target server */
i=Socket(proxyhost==NULL?host:proxyhost,proxyport);
if(i<0) {
fprintf(stderr,"\nConnect to server failed. Aborting benchmark.\n");
return 1;
}
close(i);
/* create pipe */
if(pipe(mypipe))
{
perror("pipe failed.");
return 3;
}
/* not needed, since we have alarm() in childrens */
/* wait 4 next system clock tick */
/*
cas=time(NULL);
while(time(NULL)==cas)
sched_yield();
*/
/* fork childs */
for(i=0;i0)
{
/* fprintf(stderr,"Correcting failed by signal\n"); */
failed--;
}
return;
}
s=Socket(host,port);
if(s<0) { failed++;continue;}
if(rlen!=write(s,req,rlen)) {failed++;close(s);continue;}
if(http10==0)
if(shutdown(s,1)) { failed++;close(s);continue;}
if(force==0)
{
/* read all available data from socket */
while(1)
{
if(timerexpired) break;
i=read(s,buf,1500);
/* fprintf(stderr,"%d\n",i); */
if(i<0)
{
failed++;
close(s);
goto nexttry;
}
else
if(i==0) break;
else
bytes+=i;
}
}
if(close(s)) {failed++;continue;}
speed++;
}
}
从GitHub上下载开源代码 WebBench
使用:
sudo make && sudo make install PREFIX=your_path_to_webbench
在执行时可使用如下命令行选项:
短参 | 长参数 | 作用 |
---|---|---|
-f | –force | 不需要等待服务器响应 |
-r | –reload | 发送重新加载请求 |
-t | –time | 运行多长时间,单位:秒" |
-p | –proxy server:port | 使用代理服务器来发送请求 |
-c | –clients | 创建多少个客户端,默认1个" |
-9 | –http09 | 使用 HTTP/0.9 |
-1 | –http10 | 使用 HTTP/1.0 协议 |
-2 | –http11 | 使用 HTTP/1.1 协议 |
–get | 使用 GET请求方法 | |
–head | 使用 HEAD请求方法 | |
–options | 使用 OPTIONS请求方法 | |
–trace | 使用 TRACE请求方法 | |
-?/-h | –help | 打印帮助信息 |
-V | –version | 显示版本号 |
关于使用方面的总结:
1)webbench 做压力测试时,该软件自身也会消耗CPU和内存资源,为了测试准确,请将 webbench 安装在别的服务器上。
2)压力测试工作应该放到产品上线之前,而不是上线以后
3)测试时并发应当由小逐渐加大,比如并发100时观察一下网站负载是多少、打开页面是否流畅,并发200时又是多少、网站打开缓慢时并发是多少、网站打不开时并发又是多少;
4)更详细的进行某个页面测试,如电商网站可以着重测试购物车、推广页面等,因为这些页面占整个网站访问量比重较大。
都说Webbench 是一个可怕的东西,但是可怕在哪些方面呢
首先,它仅属于发送 GET 命令、所以无论是 CDN 还是自身防火墙都不会将它当做是 DDOS 或 CC 看待,也就意味着不会起到防御的功能。这样的压力测试工具还包括有 Apache Bench 等比较常见(只要有 SSH 的网站主机、几乎都可以使用)
解决办法未必管用,即时你拒绝该测试发起着 IP 的访问、顶多只是起到了缓解的效果。因为你的错误页足够让它成千上万的测试数量吃饱喝足。
使用过于简单,对于繁杂且使用人数越来越少的 TFN2K 之类较为专业的工具、Webbench 只要是一个有 VPS 的小白即可使用,带宽越大、性能越好的 VPS 可以起到越大的“攻击”效应