⚠️ Project moved
Active development now happens in Stigix:
👉 https://github.com/jsuzanne/stigix
This repository is kept read‑only for legacy users and old versions.
A modern web-based SD-WAN traffic generator with real-time monitoring, customizable traffic patterns, and comprehensive security testing. Perfect for testing SD-WAN deployments, network QoS policies, and application performance.
- Features
- Screenshots Gallery
- Platform Support
- Prerequisites
- Quick Start
- Verify Installation
- What Happens on First Start?
- Usage
- Configuration
- Useful Commands
- Architecture
- Troubleshooting
- Security
- Key Concepts
- Docker Images
- Documentation
- Use Cases
- Contributing
- Roadmap
- License
- Support
I built this tool after years of writing one-off scripts for SD-WAN and security POCs, and never finding a single lab platform that really matched what I see in the field. With a long background in networking and security, I wanted something that could generate realistic mixes of web/SaaS, voice and IoT traffic, tie in security use cases, and still be simple enough for engineers, partners and customers to run on their own. This project is my way to turn all that lab and demo experience into an open-source tool that helps people design, validate and troubleshoot modern SASE/SD-WAN deployments more effectively.
- 67 Pre-configured Applications - Popular SaaS apps (Google, Microsoft 365, Salesforce, Zoom, etc.).
- Realistic Traffic Patterns - Authentic HTTP requests with proper headers, User-Agents, and Referers
- Real-time Dashboard - Live traffic visualization, metrics, and status monitoring
- Weighted Distribution - Configure application traffic ratios using a visual Group/App percentage system
- Traffic Rate Control - Dynamically adjust generation speed from 0.1s to 5s delay via a slider
- Protocol & IP Flexibility - Support for explicit
http://orhttps://and full IP address identification - Multi-interface Support - Bind to specific network interfaces
- Voice Simulation (RTP) - Simulate real-time voice calls (G.711, G.729) with Scapy-based packet forging. Read more
- Speedtest (XFR): High-performance throughput and latency validation with real-time telemetry. Learn more about XFR testing. 🚀
- IoT/SaaS Emulation: Pre-populated application targets for SD-WAN policy verification.
- IoT Simulation - Simulate a variety of IoT devices (Cameras, Sensors) with Scapy-based DHCP and ARP support for "Real-on-the-Wire" physical network presence. Includes Security Testing / Attack Mode to validate malicious behavior detection (DNS Flood, C2 Beacon, Port Scan, Data Exfiltration). Read more
- Prisma SD-WAN Integration - Automatic discovery of sites and LAN interfaces via API for "Zero-Config" connectivity probes and path validation. Read more
- Convergence Lab (Performance) - High-precision UDP failover monitoring (up to 100 PPS) to measure SD-WAN tunnel transition times. Read more
- Smart Networking - Auto-detection of default gateways and interfaces (enp2s0, eth0) for a "Zero-Config" experience on physical Linux boxes. Read more
- VyOS Control - Orchestrate network events and perturbations (latency, loss, rate-limiting, ip blocking) on VyOS routers via Vyos API. Read more
- Target Site Mode - Standalone container acting as a branch/hub target with HTTP, Voice, Failover tests and Bandwidth services (IPerf AND XFR speedtest). Read more
- URL Filtering Tests - Validate 66 different URL categories (malware, phishing, gambling, adult content, etc.)
- DNS Security Tests - Test DNS security policies with 24 domains (malware, phishing, DGA, etc.)
- Threat Prevention - EICAR file download testing for IPS validation
- Scheduled Testing - Automated security tests at configurable intervals
- EDL - IP, URL, DNS urls with sequential or random execution
- Test Results History - Persistent logging with search, filtering, and export
- Real-time Logs - Live log streaming with WebSocket updates
- Statistics Dashboard - Success/failure rates, latency metrics, bandwidth tracking
- Persistent Logging - JSONL storage with 7-day retention and auto-rotation
- Search & Filter - Find specific tests quickly with powerful search
- Export Capabilities - Download results in JSON, CSV, or JSONL format
- Auto-detection - Automatically detects network interfaces on first start
- Auto-generated Config - Creates
applications-config.jsonwith 67 apps automatically - One-liner Install - Ready in 30 seconds with single command (Linux/macOS). Supports Dashboard or Target Site modes.
- Docker-based - Pre-built multi-platform images (AMD64 + ARM64).
- Export/Import config capability - to clone appplications, probes, IOT , Vyos configurations
- One-Click Upgrade (Beta) - Built-in maintenance UI to pull latest images and restart services with a single click.
- JWT Authentication - Secure login with token-based auth
- Log Rotation - Automatic cleanup with configurable retention
- Health Monitoring - Built-in healthchecks and dependency management
- Resource Limits - Optional CPU and memory constraints
The project is evolving rapidly with new features and refinements added in every release.
- Speedtest (XFR): High-performance throughput and latency validation with real-time telemetry and searchable history.
- IoT Security Testing: Bad behavior simulation for IoT devices (DNS Flood, C2 Beacon, Port Scan).
- Site Discovery: Automatic discovery of Prisma SD-WAN LAN interfaces for path validation.
- Traffic Volume History: Persistent metrics storage and historical visualization in the dashboard.
View full changelog with all version details →
Explore the application interface organized by feature area. Each category contains detailed screenshots showcasing the functionality.
Real-time monitoring, traffic control, and system health overview.
View all Main Dashboard screenshots → (2 images)
Network interfaces, traffic distribution, synthetic probes, and application management.
View all Configuration screenshots → (2 images)
Traffic volume charts, success rates, and performance metrics.
View all Statistics screenshots → (1 image)
URL filtering, DNS security, threat prevention validation, and test results history.
View all Security screenshots → (7 images)
Connectivity performance, synthetic probes, and endpoint health tracking.
View all Performance screenshots → (5 images)
Layer-2/3 device simulation with DHCP and ARP support.
View all IoT screenshots → (6 images)
RTP packet generation, QoS analytics, and MOS scoring.
View all Voice screenshots → (3 images)
High-precision UDP failover monitoring and convergence testing.
View all Failover screenshots → (3 images)
Network impairment orchestration (latency, loss, rate-limiting) on VyOS routers.
View all VyOS Control screenshots → (5 images)
This application runs on:
- 🐧 Linux - Docker Engine (Ubuntu, Debian, CentOS, etc.)
- 🍎 macOS - Docker Desktop for Mac (macOS 11+)
- 🪟 Windows - Docker Desktop with WSL 2 (Windows 10/11)
Windows Users: The one-liner installation script is not supported in PowerShell.
Please follow the Windows Installation Guide for step-by-step instructions.
This application runs in Docker containers. You must have Docker installed and running before installation.
- Install Docker Desktop for Mac
- Download from: https://www.docker.com/products/docker-desktop/
- Requires macOS 11 or later
- Important: Launch Docker Desktop and wait until it's running (🐳 icon in menu bar)
- Alternatives: OrbStack or Colima (lightweight alternatives for macOS)
- Install Docker Desktop for Windows with WSL 2
- Complete guide: Windows Installation Guide
- Requires Windows 10/11 64-bit
- Important: WSL 2 must be enabled and Docker Desktop must be running
- Install Docker Engine
- Follow official guide: https://docs.docker.com/engine/install/ubuntu/
- Or quick install:
curl -fsSL https://get.docker.com -o get-docker.sh sudo sh get-docker.sh sudo usermod -aG docker $USER # Logout and login again
# Check Docker is running
docker --version
docker ps
# Expected output:
# Docker version 24.x.x or later
# CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMESRequirements: Docker must be running (see Prerequisites above)
Full Dashboard (Default):
curl -sSL https://raw.githubusercontent.com/jsuzanne/sdwan-traffic-generator-web/main/install.sh | bashTarget Site Only:
curl -sSL https://raw.githubusercontent.com/jsuzanne/sdwan-traffic-generator-web/main/install.sh | bash -s -- --targetWhat to expect (macOS Example):
🚀 SD-WAN Traffic Generator - Installation
==========================================
✅ Docker is running.
🍎 Platform: macOS detected. (Host Mode has limitations on macOS)
📌 Installing Full Dashboard (use --target flag for Target Site only)
🖥️ Mode: Full Dashboard
🍎 macOS detected - Using bridge mode (Host mode not supported on macOS)
📦 Downloading configuration (docker-compose.example.yml)...
🔧 Pulling images and starting services...
[+] pull 61/61
✔ Image jsuzanne/sdwan-voice-gen:stable Pulled 22.9s
✔ Image jsuzanne/sdwan-voice-echo:stable Pulled 21.1s
✔ Image jsuzanne/sdwan-web-ui:stable Pulled 29.0s
✔ Image jsuzanne/sdwan-traffic-gen:stable Pulled 21.2s
✅ Created .env with auto-start traffic enabled
🔧 Starting services...
[+] up 5/5
✔ Network sdwan-traffic-gen_sdwan-network Created 0.0s
✔ Container sdwan-voice-echo Created 0.3s
✔ Container sdwan-web-ui Healthy 5.9s
✔ Container sdwan-voice-gen Created 0.0s
✔ Container sdwan-traffic-gen Created 0.0s
⏳ Waiting for containers to be ready...
🔍 [INSTALLER] Detecting network interface from container...
✅ Installation complete! Access dashboard at: http://localhost:8080
This will:
- ✅ Check if Docker is installed and running
- ✅ Let you choose between Full Dashboard or Target Site
- ✅ Download the correct docker-compose.yml
- ✅ Pull pre-built images from Docker Hub
- ✅ Start services automatically
- ✅ Auto-generate configuration
Access: http://localhost:8080
Credentials: admin / admin (change after first login)
Note: This method is not supported on Windows. Windows users should use Option 2 below or follow the Windows Installation Guide.
Full Dashboard (Interactive):
# Download docker-compose.yml
curl -sSL -o docker-compose.yml https://raw.githubusercontent.com/jsuzanne/sdwan-traffic-generator-web/main/docker-compose.host.yml
# Start services
docker compose up -d
# Access dashboard
open http://localhost:8080# Download docker-compose.yml
curl -sSL -o docker-compose.yml https://raw.githubusercontent.com/jsuzanne/sdwan-traffic-generator-web/main/docker-compose.example.yml
# Start services
docker compose up -d
# Access dashboard
open http://localhost:8080Target Site Only:
# Create directory
mkdir -p sdwan-target && cd sdwan-target
# Download target docker-compose.yml
curl -sSL -o docker-compose.yml https://raw.githubusercontent.com/jsuzanne/sdwan-traffic-generator-web/main/docker-compose.target.yml
# Start services
docker compose up -d
# Verify (Echo responder on port 6200/UDP)
docker compose psWindows (PowerShell):
# Create directory
mkdir C:\sdwan-traffic-gen
cd C:\sdwan-traffic-gen
# Download docker-compose.yml (note: curl.exe, not curl)
curl.exe -L https://raw.githubusercontent.com/jsuzanne/sdwan-traffic-generator-web/main/docker-compose.example.yml -o docker-compose.yml
# Start services
docker compose up -d
# Access dashboard in browser
# http://localhost:8080Default credentials: admin / admin
For detailed Windows instructions, see Windows Installation Guide
# go to directory
cd sdwan-traffic-gen/
# Check containers status
docker compose ps
# Check logs (should be clean, no [ERROR] messages)
docker compose logs -f
# Check health endpoint
curl http://localhost:8080/api/health
# Expected: {"status":"healthy","version":"1.1.0-patch.7"}
# Check auto-generated config
ls -la config/
cat config/interfaces.txt # Your auto-detected interface
jq '.applications[]' config/applications-config.json | head -5 # 67 applicationsExpected: No [ERROR] messages in logs ✅
The system auto-generates everything you need:
config/applications-config.json- 67 popular SaaS applications (Google, Microsoft 365, Salesforce, etc.) and traffic control settings.config/interfaces.txt- Auto-detected network interface (eth0, en0, ens4, etc.)config/users.json- Default admin user with bcrypt-hashed password
No manual configuration needed! 🎉
Simply start the containers and access the dashboard at http://localhost:8080
- Login to the web dashboard at
http://localhost:8080 - Dashboard Tab: View real-time statistics and control traffic generation
- Configuration Tab:
- Add network interfaces (e.g.,
eth0,wlan0) - Adjust traffic distribution percentages for different application categories
- Use explicit
http://orhttps://prefixes for internal or specific servers
- Add network interfaces (e.g.,
- Logs Tab: View real-time traffic logs and statistics
- Security Tab: Run URL filtering, DNS security, and threat prevention tests
- Start/Stop: Use the toggle button on the dashboard
Navigate to the Security tab to:
- Test URL categories (malware, phishing, gambling, etc.)
- Validate DNS security policies
- Test IPS/threat prevention with EICAR downloads
- Schedule automated tests
- View and export test results
The tool supports auto-detection of your Prisma SD-WAN site name for lab visibility.
- Create a service account in Prisma SASE (TSG) with Read Only permissions.
- Add the following to your
.envfile:PRISMA_SDWAN_CLIENT_ID=your-client-id@tsgid.iam.panserviceaccount.com PRISMA_SDWAN_CLIENT_SECRET=your-client-secret PRISMA_SDWAN_TSG_ID=your-tsg-id
- Restart the container. The detected site name will appear in the dashboard header.
# docker-compose.yml
ports:
- "8081:8080" # Use port 8081 instead of 8080Or use environment variables:
echo "WEB_UI_PORT=8081" > .env# docker-compose.yml - web-ui environment section
environment:
# HTTP/HTTPS endpoints
- CONNECTIVITY_HTTP_1=Production-App:https://myapp.company.com
- CONNECTIVITY_HTTP_2=Staging-App:https://staging.company.com
# PING tests (ICMP)
- CONNECTIVITY_PING_1=HQ-Gateway:10.0.0.1
- CONNECTIVITY_PING_2=Branch-Gateway:192.168.100.1
# TCP port checks
- CONNECTIVITY_TCP_1=SSH-Bastion:10.0.0.100:22
- CONNECTIVITY_TCP_2=Database:10.0.0.50:3306# docker-compose.yml - traffic-gen environment section
environment:
- SLEEP_BETWEEN_REQUESTS=2 # 1 request every 2 seconds (0.5 req/sec)# docker-compose.yml - web-ui environment section
environment:
- LOG_RETENTION_DAYS=30 # Keep logs for 30 days
- LOG_MAX_SIZE_MB=500 # Max 500 MB per log file# View logs in real-time
docker compose logs -f
# View logs for a specific service
docker compose logs -f web-ui
docker compose logs -f traffic-gen
# Restart services
docker compose restart
# Stop services
docker compose stop
# Stop and remove containers
docker compose down
# Rebuild after code changes
docker compose up -d --build
# Check resource usage
docker stats sdwan-web-ui sdwan-traffic-gen
# Access container shell
docker compose exec web-ui sh
docker compose exec traffic-gen sh
# Export logs
docker compose logs --no-color > logs-export.txt┌─────────────────────────────────────────────────────────────┐
│ User Browser │
│ http://localhost:8080 │
└────────────────────────┬────────────────────────────────────┘
│
▼
┌────────────────────────────────────────┐
│ Web Dashboard (React) │
│ - Authentication (JWT) │
│ - Real-time logs │
│ - Statistics & monitoring │
│ - Configuration UI │
│ - Security testing │
│ Port: 8080 │
└────────────┬───────────────────────────┘
│
│ API Calls
▼
┌────────────────────────────────────────┐
│ Backend API (Node.js/Express) │
│ - Config management │
│ - Log aggregation │
│ - Connectivity testing │
│ - Stats calculation │
│ - Security test execution │
└────────────┬───────────────────────────┘
│
│ Shared Volumes
▼
┌────────────────────────────────────────┐
│ Traffic Generator (Python) │
│ - HTTP/HTTPS requests │
│ - Multi-threading │
│ - Realistic headers │
│ - Network interface binding │
└────────────┬───────────────────────────┘
│
│ Network Traffic
▼
┌────────────────────────────────────────┐
│ Internet / SD-WAN │
│ (Google, Microsoft 365, etc.) │
└────────────────────────────────────────┘
Shared Volumes:
• config/ - Unified configuration files (applications-config.json, vyos-config.json, etc.)
• logs/ - Traffic logs, test results, statistics
Error: Cannot connect to the Docker daemon
Solution:
- macOS/Windows: Launch Docker Desktop and wait until the 🐳 icon appears
- Linux:
sudo systemctl start docker - Windows specific issues: See Windows Installation Guide
Error: context deadline exceeded
Solution:
# Retry the pull
docker compose pull
# Or manually pull images
docker pull jsuzanne/sdwan-web-ui:stable
docker pull jsuzanne/sdwan-traffic-gen:stable# Change port in docker-compose.yml
ports:
- "8081:8080"Or:
echo "WEB_UI_PORT=8081" > .env
docker compose up -d# Check containers are running
docker compose ps
# Check logs for errors
docker compose logs web-ui
docker compose logs traffic-gen
# Check firewall (Linux)
sudo ufw allow 8080/tcp# Check network interface configuration
docker compose exec traffic-gen cat /opt/sdwan-traffic-gen/config/interfaces.txt
# Should show your interface (eth0, en0, ens4, etc.)
# If incorrect, edit config/interfaces.txt and restart
docker compose restartThis error should NOT appear in v1.1.0-patch.7 or later. If you see it:
# Update to latest version
docker compose pull
docker compose down
docker compose up -d# Reduce retention in docker-compose.yml
environment:
- LOG_RETENTION_DAYS=3
- LOG_MAX_SIZE_MB=50- Check that network interfaces are configured in the Configuration tab
- Verify traffic generation is started (green "Active" status on dashboard)
- Check logs:
docker compose logs -f traffic-gen
- Change default admin password (Dashboard → Settings)
- Set strong JWT_SECRET in docker-compose.yml
- Use HTTPS with a reverse proxy (nginx, Traefik, Caddy)
- Restrict access with firewall rules
- Enable Docker resource limits
- Review and customize application list
- Set appropriate log retention policies
# docker-compose.yml - web-ui environment
environment:
- JWT_SECRET=your-super-secure-random-string-hereGenerate a secure secret:
openssl rand -base64 32The SD-WAN Traffic Generator has two separate systems:
| Feature | Traffic Generator | Security Tests |
|---|---|---|
| Purpose | Simulate user traffic | Test security policies |
| Source | config/applications-config.json |
Hardcoded test URLs |
| Execution | Continuous background | On-demand or scheduled |
| Logs | /var/log/sdwan-traffic-gen/traffic.log |
test-results.jsonl |
| Examples | google.com, office365.com | urlfiltering.paloaltonetworks.com |
Traffic Generator creates realistic application traffic for SD-WAN demos.
Security Tests validate URL filtering, DNS security, and threat prevention policies.
Pre-built images are available on Docker Hub:
- Web UI:
jsuzanne/sdwan-web-ui:stable - Traffic Generator:
jsuzanne/sdwan-traffic-gen:stable - Voice Generator:
jsuzanne/sdwan-voice-gen:stable - Voice Echo:
jsuzanne/sdwan-voice-echo:stable
Images are automatically built for AMD64 and ARM64 architectures.
Comprehensive guides organized by your journey with the SD-WAN Traffic Generator.
- Installation Guide - Complete setup instructions with troubleshooting
- Windows Installation Guide - Step-by-step guide for Windows 10/11
- Quick Start Guide - Get up and running in 5 minutes
- Configuration Guide - Advanced configuration options
- Traffic Generator Guide - Configure
applications-config.jsonand traffic weights. - Security Testing Guide - Comprehensive security testing documentation
- Security Quick Reference - Quick reference for security tests
- Security FAQ - Frequently asked questions
- Connectivity Endpoints - System health monitoring and synthetic probes
- Voice Simulation Guide - RTP packet forging and MOS scoring theory
- IoT Simulation Guide - Layer-2/3 device simulation and Scapy networking
- Convergence Lab Guide - High-precision failover & RX/TX loss theory
- VyOS Control Guide - Orchestrating SD-WAN impairments on VyOS nodes
- Smart Networking Guide - Host Mode and auto-detection architecture
- Target Capabilities - Standalone target site deployment
- Persistent Logging - Test results storage, search, and export
- Maintenance & Update Guide - How to update via UI, script, or manually
- Remote Access Guide - Guidelines for Tailscale, Cloudflare Tunnels, and Reverse Proxies
- Troubleshooting Guide - Common issues and solutions
- MCP Server - Model Context Protocol integration
- Architecture Overview - System architecture and design
- Technical Diagram - Visual architecture diagrams
- SD-WAN Testing - Validate traffic routing, QoS policies, and failover scenarios
- Security Policy Testing - Test URL filtering, DNS security, and threat prevention
- Network Performance - Measure latency, bandwidth, and reliability
- Firewall Validation - Verify firewall rules and application awareness
- Load Testing - Generate sustained traffic for capacity planning
- Demo & Training - Educational tool for network engineers and sales demonstrations
- Compliance - Verify network policies and application access controls
Contributions are welcome! Please feel free to submit a Pull Request.
# Clone repository
git clone https://github.com/jsuzanne/sdwan-traffic-generator-web.git
cd sdwan-traffic-generator-web
# Install web dashboard dependencies
cd web-dashboard
npm install
# Run in development mode
npm run dev
# Build for production
npm run build- Multi-region deployment support
- Advanced traffic patterns (burst, gradual ramp-up)
- Custom protocol support (DNS, FTP, SMTP, etc.)
- Grafana/Prometheus integration
- API for programmatic control
- Traffic replay from PCAP files
- Cloud provider integrations (AWS, Azure, GCP)
- WebRTC and video streaming simulation
- Custom security test categories
- PowerShell installation script for Windows
This is a personal, community-driven project maintained in my own name. It is not an official Palo Alto Networks product, feature, or tool, and it is not supported by Palo Alto Networks in any way.
All opinions, configurations, and examples in this repository are my own and do not represent the views of my employer. Use this software at your own risk and always validate behavior in a lab environment before using it in production.
This project is provided "as is", without any warranty of any kind, express or implied, including but not limited to fitness for a particular purpose or non-infringement.
This project is licensed under the MIT License - see the LICENSE file for details.
- Documentation: INSTALLATION.md | Windows Guide
- Issues: GitHub Issues
- Discussions: GitHub Discussions
- Built with React, TypeScript, and Vite
- UI components from shadcn/ui
- Icons from Lucide
- Traffic generation powered by Python requests
Made with ❤️ for SD-WAN testing and demonstrations
For detailed installation instructions, see INSTALLATION.md
For Windows-specific setup, see Windows Installation Guide