Trouble shooting

How to analyze encrypted QUIC traffic?

The TLS key log can be saved by using the --keylog-file option in example tools or by utilizing the keylog API for your own programs.

This saved key log file can then be used to decrypt QUIC traffic in Wireshark.

tip

In Wireshark, navigate to Edit-> Preferences-> Protocols-> TLS, and update the (Pre)-Master-Secret log filename preference with the path of the TLS key log.

How to analyze QUIC protocol based on qlog?

The qlog can be saved by using the --qlog-dir option in example tools or by utilizing the qlog API for your own programs.

This saved qlog file can then be used for further analysis based on qlog tools. You can use qvis tool suite, or your own tools, to further analyze qlog log.

tip

Please note that qvis does not plan to implement qlog 0.4 and will continue using 0.3 until a 1.0 RC is specced. To convert TQUIC's qlog to a qvis-compatible format, use the following command:

git clone https://github.com/tencent/tquic
cd tquic/tools/script

./tquic_qvis.sh <qlog-filename>

How to convert qlogs generated by tquic into JSON format?

The qlog file generated by TQUIC follows a streamable JSON format called JSON-SEQ. It can be converted to JSON format using the following command:

sed 's/^\x1e//' <qlog-filename> | jq -s '.[1:] as $events | .[0] | .trace.events=$events | .traces=[.trace] | del(.trace) | .qlog_format="JSON"'

tip

The installation guide for jq can be found at https://jqlang.github.io/jq/download/ .