Tcpreplay 3.0 Beta11 review
DownloadTcpreplay is a suite of BSD licensed tools written by Aaron Turner for *NIX operating systems which gives you the ability to use prev
|
|
Tcpreplay is a suite of BSD licensed tools written by Aaron Turner for *NIX operating systems which gives you the ability to use previously captured traffic in libpcap format to test a variety of network devices.
Tcpreplay allows you to classify traffic as client or server, rewrite Layer 2, 3 and 4 headers and finally replay the traffic back onto the network and through other devices such as switches, routers, firewalls, NIDS and IPS's.
Here are some key features of "Tcpreplay":
tcpprep - multi-pass pcap file pre-processor which determines packets as client or server and creates cache files used by tcpreplay and tcprewrite
tcprewrite - pcap file editor which rewrites TCP/IP and Layer 2 packet headers
tcpreplay - replays pcap files at arbitrary speeds onto the network
tcpbridge - bridge two network segments with the power of tcprewrite
flowreplay - emulates a network client using a pcap file as the basis of a TCP or UDP connection (currently in alpha)
Generally speaking, most people would first run tcpprep against a pcap file to create a cache file which splits traffic between client and server if they are testing an inline device like a firewall or IPS.
Then depending on their network setup and where the pcap was captured, they would use tcprewrite to edit the packets so that the device under test will examine them properly. Finally, tcpreplay is used to replay the pcap onto the network to do the test.
What's New in This Release:
Fix distribution to ship missing src/tcpr.h (#73)
Add support to tcprewrite to alter output file DLT (#74)
Fix errors in 'make test' (little endian still broken) (#77)
Tweak Autogen .def files documentation (#78)
Tcpreplay 3.0 Beta11 keywords