tcpreplay 快速入门使用

TCPREPLAY
tcpreplay是一系列工具的集合。包括(tcpprep、tcprewrite、tcpreplay和tcpbridge)
其中tcpreplay是真正实现流量回放功能的工具,其他几个工具可以看作tapreplay的辅助工具,作为流量重放前期的准备工作,比如
tcpprep可以划分哪些包是client的, 哪些是server的, 一会发包的时候client的包从一个网卡发, server的包可能从另一个网卡发。
tcprewrite可以就是修改2层, 3层, 4层报文头部,也就是可以将IP,MAC等信息修改为你期望的值。

官网: http://tcpreplay.appneta.com/

1. 安装
CentOS环境下直接:yum -y install tcpreplay 即可
其他环境不再赘述。

查看安装是否成功:

tcpreplay -V

tcpreplay version: 4.2.5 (build git:v4.2.5)
Copyright 2013-2017 by Fred Klassen <tcpreplay at appneta dot com> - AppNeta
Copyright 2000-2012 by Aaron Turner <aturner at synfin dot net>
The entire Tcpreplay Suite is licensed under the GPLv3
Cache file supported: 04
Not compiled with libdnet.
Compiled against libpcap: 1.5.3
64 bit packet counters: enabled
Verbose printing via tcpdump: enabled
Packet editing: disabled
Fragroute engine: disabled
Injection method: PF_PACKET send()
Not compiled with netmap

 


帮助文档:

tcpreplay -h

tcpreplay (tcpreplay) - Replay network traffic stored in pcap files
Usage: tcpreplay [ -<flag> [<val>] | --<name>[{=| }<val>] ]... <pcap_file(s)>

-q, --quiet Quiet mode
-T, --timer=str Select packet timing mode: select, ioport, gtod, nano
--maxsleep=num Sleep for no more then X milliseconds between packets
-v, --verbose Print decoded packets via tcpdump to STDOUT
-A, --decode=str Arguments passed to tcpdump decoder
-K, --preload-pcap Preloads packets into RAM before sending
-c, --cachefile=str Split traffic via a tcpprep cache file
-2, --dualfile Replay two files at a time from a network tap
-i, --intf1=str Client to server/RX/primary traffic output interface
-I, --intf2=str Server to client/TX/secondary traffic output interface
--listnics List available network interfaces and exit
-l, --loop=num Loop through the capture file X times
--loopdelay-ms=num Delay between loops in milliseconds
--pktlen Override the snaplen and use the actual packet len
-L, --limit=num Limit the number of packets to send
--duration=num Limit the number of seconds to send
-x, --multiplier=str Modify replay speed to a given multiple
-p, --pps=str Replay packets at a given packets/sec
-M, --mbps=str Replay packets at a given Mbps
-t, --topspeed Replay packets as fast as possible
-o, --oneatatime Replay one packet at a time for each user input
--pps-multi=num Number of packets to send for each time interval
--unique-ip Modify IP addresses each loop iteration to generate unique flows
--unique-ip-loops=str Number of times to loop before assigning new unique ip
--no-flow-stats Suppress printing and tracking flow count, rates and expirations
--flow-expiry=num Number of inactive seconds before a flow is considered expired
-P, --pid Print the PID of tcpreplay at startup
--stats=num Print statistics every X seconds, or every loop if '0'
-V, --version Print version information
-h, --less-help Display less usage information and exit
-H, --help display extended usage information and exit
-!, --more-help extended usage information passed thru pager
--save-opts[=arg] save the option state to a config file
--load-opts=str load options from a config file

Options are specified by doubled hyphens and their name or by a single
hyphen and the flag character.
tcpreplay is a tool for replaying network traffic from files saved with
tcpdump or other tools which write pcap(3) files.

Please send bug reports to: <tcpreplay-users@lists.sourceforge.net>

 


2. 使用
2.1 快速使用

tcpreplay -i eth0 p.pcap

 

快速使用: 其中 p.pcap 是用wireshark或者tcpdump抓取的流量包

2.2 高阶使用

查看本机网卡信息,可以 看到网卡信息。

tcpreplay --listnics

Available network interfaces:
eth0
eth1
any

 

将 p.pcap 文件进行 tcpprep 操作,制作 cache 文件。

 tcpprep -an client -i p.pcap -o p.cache –v

 


原文链接:https://blog.csdn.net/makenothing/article/details/105277614

posted @ 2022-01-24 18:54  超级宝宝11  阅读(1963)  评论(0编辑  收藏  举报