[ale] Tool to feed with captured tcp traffic

Jerry Yu jjj863 at gmail.com
Thu Oct 16 09:39:12 EDT 2008 

I read the man page of tcpreplay. It does not sound it will do exactly what
I wanted, unless the man page does not tell the whole story.  I do not have
FC9 at work.

An ideal tool for me would play it back to a different set of client server
(C+ D). It ought behaves as a different Server ( C ). It plays back the
packets from the server when client D connects to Server B.
This of course, may require A+B IP addresses replaced with C+D IP addresses
in the captured. If that's difficult due to internal checksum and such, I
can set up C+D in a lab to have A+C's IP address instead.

The man page sounds like it will work ok with the original client/server set
( Server A + Client C)

2008/10/15 Michael H. Warfield <mhw at wittsend.com>

> On Wed, 2008-10-15 at 11:05 -0400, Jerry Yu wrote:
> > A month ago I stumbled into a blurb saying a small utility tool can
> > feed or play back captured tcp traffic to any arbitrary 'consumer'
> > application.  I couldn't find the link any more. :(
> > I'd imagine it listens to a socket and feeds the captured packets to a
> > cliient connected to this socket (triggered by request or arbitrary
> > playback w/o trigger or ctrl)
>
>         Might you be thinking of tcpreplay?
>
> yum info tcpreplay
>
> Name       : tcpreplay
> Arch       : i386
> Version    : 3.3.2
> Release    : 1.fc9
> Size       : 317 k
> Repo       : updates-newkey
> Summary    : Replay captured network traffic
> URL        : http://tcpreplay.synfin.net/trac/
> License    : BSD
> Description: Tcpreplay is a tool to replay captured network traffic.
> Currently,
>           : tcpreplay supports pcap (tcpdump) and snoop capture formats.
> Also
>           : included, is tcpprep a tool to pre-process capture files to
> allow
>           : increased performance under certain conditions as well as
> capinfo
>           : which provides basic information about capture files.
>
>        Mike
> --
> Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
>   /\/\|=mhw=|\/\/          | (678) 463-0932 |
> http://www.wittsend.com/mhw/
>   NIC whois: MHW9          | An optimist believes we live in the best of
> all
>  PGP Key: 0xDF1DD471        | possible worlds.  A pessimist is sure of it!
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20081016/094b54da/attachment.html

More information about the Ale mailing list