Inject packets from PCAP-format

Leave a reply

tcpreplay / tcprewrite

$ sudo apt-get install tcpreplay
$ tcpreplay -t -L <limit> -i <interface> <file.cap>

Options:
-i string, --intf1=string      Server/primary traffic output interface.
-I string, --intf2=string      Client/secondary traffic output interface.
-L number, --limit=number      Limit the number of packets to send.

-M float , --mbps=float        Replay packets at a given Mbps. Specify a floating point value.
-t,        --topspeed          Replay packets as fast as possible. 
-p number, --pps=number        Replay packets at a given packets/sec.
without -t or -p               Send out packets as in the timestamp of each packet of the PCAP file.

tcpreplay.synfin.net Wiki: tcpreplay
tcpreplay.synfin.net Wiki: tcprewrite
How to capture and replay network traffic on Linux

ostinato

packeth

$ sudo apt-get install packeth
$ sudo packeth
Load -> PCAP

netdude

Netdude 0.5.1 and libnetdude 0.12 released
Edit PCAP files in a GUI.
Netdude Homepage
Netdude Source

mergecap

Merges two or more capture files into one

mergecap [ -a ] [ -v ] -w <outfile> <infile> [<infile> ...]
-a             Causes the frame timestamps to be ignored. 
               When -a is not specified, the contents of the input files are merged
               in chronological order based on each frame's timestamp.
-v             Causes mergecap to print a number of messages while it's working.
-w  <outfile>  Sets the output filename.

capinfos

Prints information about capture files

-a    Displays the start time of the capture.
-e    Displays the end time of the capture.
-c    Displays the number of packets in the capture file.
-u    Displays the capture duration, in seconds.
-S    Display the start and end times as seconds (unixtime)

editcap

Edit and/or translate the format of capture files

-A  <start time>               Saves only the packets whose timestamp is on or after start time. 
-B  <stop time>                Saves only the packets whose timestamp is before stop time.
-t  <time adjustment>          Sets the time adjustment to use on selected packets.
                               The adjustment is specified as [-]seconds[.fractional seconds].
-S  <strict time adjustment>   Time adjust selected packets to insure strict chronological order.
                               The value represents relative seconds specified as [-]seconds[.fractional seconds].
                               If the value is 0 or greater then only packets with a timestamp less than the previous packet will be adjusted.
                               If the value is specified as a negative value, then the timestamp values of all packets will be adjusted
                               to be equal to the timestamp value of the previous packet plus the absolute value of the value

Leave a Reply

Your email address will not be published. Required fields are marked *