Great project, I'd be a little cautious proxying all my production traffic through a new experimental piece of software though.<p>Another solution using only netcat and tee is described on ServerFault: <a href="http://serverfault.com/questions/309583/duplicate-incoming-tcp-traffic-on-debian-squeeze" rel="nofollow">http://serverfault.com/questions/309583/duplicate-incoming-t...</a>
It's probably a good thing that this doesn't support SSL, as you wouldn't want this application as your main contact on the outside web.<p>I'd suggest going using a frontend (such as Nginx or Apache) => Kage => Backend boxes.
This is freaking awesome, I'll be upgrading quite a big busy complex site to a new code version and this should help a lot with testing. Shame that it doesn't support SSL yet, but we can't be picky!
Good concept. But this design is insane. The shadow should be attached via a logging plugin to your trusted webserver or load balancer, so it doesn't destabilize your production system.