Tcpreplay Tool Installation-configuration-instance

Tcpreplay Tool Installation-configuration-instance 

Tcpreplay is a very powerful integration tool , which mainly includes Tcpreplay,tcpprepare,tcprewrite tools , according to their specific parameters . Pcap file to make changes, and then replay the packet.

conditions of Use :Linux operating system, dual Nic

The tcpreplay tool is divided into 3 parts, the first part installs an operation Linux operating system, the second part installs the Tcpreplay as well as the related component, to lift a example to analyze the relevant parameter meanings.

A Ubuntu12 USB installation process or hard disk installation process, installed on WIN7 operating system;

1, the installation process of installing UBUNTU12 operating system using USB Image:http://www.linuxidc.com/Linux/2012-11/74695.htm;

2, using the hard disk installation ubuntu12 operating system installation process:http://www.linuxidc.com/Linux/2012-11/73500.htm;

Two Tcpreplay Preparing the installation process

First recommend a website: http://tcpreplay.synfin.net/  installation with tcpreplay packages and many documents, including manuals, man pages and faq, etc.

tcpreplay is a series of tools A generic term for the , including tcpreplay, tcprewrite and Tool , such as "\"en-us\"" >tcpprep, which can be used to unix system or linux system replay network packets. These packages are made up of tcpdump, ethereal and wireshark and other software crawled, that is, pcap format of the packet.

installation tcpreplay packages, by default, the following tools are installed , which are used to prepare the cache for the contract , rewrite the message, and so on :

(1)Tcpprep: The role of this tool is to divide the client and server, to differentiate the flow of PCAP packets, that is, the package is the client , which package is the server , the client package is sent from one network card and the other server's package may be sent from another NIC.

(2)Tcprewrite: The function of this tool is to modify the message, mainly modify the 2 layer,3 layer,4 beginning head, that is, MAC address,IP address and port address.

(3)Tcpreplay: This is the final real contract use of the tool , you can choose the main network card, from the network card, packet speed and so on.

Tcpreplay Installation conditions

Tcpreplay Some other libraries are used to implement its functions:

1) libpcap Library: Because tcpreplay relies primarily on libpcap libraries during use, so the Install tcpreplay before you need to install libpcap, otherwise install on tcpreplay will prompt you libpcap no installation and installation failed. However, if you want libpcap to work properly on linux, you must enable the kernel to support " packet "protocol, that is, when compiling the kernel   Open the configuration option  config_packet (option defaults to open

Libpcap can be downloaded from the following links:http://www.tcpdump.org/ can be installed with the source code, relatively simple.

2)tcpdump: This is not necessary, the main function of this tool is to decode the packet, under the Linux system to view the Pcap file within the packet, you can also use it to grab packets. You can choose to install the Tcpreplay when you install it or you can choose not to install it. (personal recommendations are also installed together to prevent other errors when using Tcpreplay.) )

3)Libnet Library. Nor is it necessary for a library. Tcpreplay can also use it to send packets, but due to the fact that libnet has more bugs and no longer maintenance,Tcpreplay may be able to cancel support for future releases. (The current version also requires support for this library, so it is recommended to also install )

In addition, the Linux system you are using needs to have the GCC compiler installed , or you will not be able to install all the tools .

Tcpreplay Installation process

(1) first explain how to install libpcap library (in install tcpreplay before you need to install libpcap), install libpcap before you need to install first m4, bison, Flex, otherwise an error will occur:

1) Open URL: Www.tcpdump.org/  download  libpcap-1.1.1.tar.gz (512.0KB)   software package, via command tar zxvf libpcap-1.1.1.tar.gz  Extract files, And put it in a custom installation directory.

2) Open URL: Flex.sourceforge.net/  download  flex-2.5.35.tar.gz (1.40MB)   software package, by  tar zxvf Flex-2.5.35.tar.gz   unzip the file and put it in the installation directory as described above.

Note: If you do not compile to install this file, compile install libpcap,   "Configure:error:Your operating system\ ' s Lex is insufficient to compile libpcap." The error prompt.

3) Open URL: Ftp.gnu.org/gnu/bison/  download  bison-2.4.1.tar.gz (1.9MB)   software package, by  tar zxvf bison-2.4.1.tar.gz  Unzip the file and put it in the installation directory as described above.

Note: If you do not compile to install this file, compile install libpcap,   "configure:warning:don\ ' t has both flex and bison; Reverting to LEX/YACC checking for capable lex ... insufficient " " error prompt.

4) Open URL: Ftp.gnu.org/gnu/m4/  download  m4-1.4.13.tar.gz  ( 1.2MB) package via  tar zxvfm4-1.4.13.tar.gz  unzip the file and put it in the above custom installation The directory.

Note: If you do not compile and install This file , the "Configure:error:GNU M4 1.4 is required" will appear when you compile and install bison-2.4.1 The error prompt.

Then, enter m4-1.4.13,bison-2.4.1,flex-2.5.35,libpcap-1.1.1 and execute the following command:

#./configure

# make

# make Install

After the command is complete, theLibpcap can be used normally.

(2) install finish Span lang= "\"en-us\"" >libpcap you can install tcpreplay, from this link http://tcpreplay.synfin.net/ Download tcpreplay- 3.4.4.tar.gz software package, by  tar zxvf  tcpreplay-3.4.4.tar.gz   unzip the file and place it in the above custom installation directory. Then go to tcpreplay-3.4.4 and execute the following command:

#./configure

# make

# make Install

After the execution,tcpreplay can be used, you can use the command:tcpreplay–vesion to view its version information,tcpreplay–h to view the Help content.  

three . Tcpreplay specific examples

Use a tested instance to describe their usage.

Test the topology diagram as shown

Where the configuration of the Tcpreplay machine is:

OS: Ubuntu9.04 kernel version: 2.6.28

Tcpreplay version:3.3.2(different versions of commands may be slightly different, please refer to man for details )

Nic:Intel e1000e dual Gigabit

Pcap file:test.tcpdump

Test the first step: preprocessing generates the Cache, the command is

Tcpprep-a client-i Test.tcpdump-o Test.cache

This command divides the pcap file into the client and server side, which defaults to the client. the packet will be sent from both the client and the server, respectively.

Test Step two: rewrite the IP address and MAC address, the command is:

Tcprewrite-e 192.85.2.2:192.85.1.2--enet-dmac=00:15:17:2b:ca:15,00:15:17:2b:ca:14--enet-smac=00:10:f3 : 19:79:87,00:10:f3:19:79:86-c test.cache-i Test.tcpdump-o 1.pcap

This command sets eth0 as the client interface,eth1 to the server interface, overrides IP and MAC, and opens 1.pcap with tools such as Wireshark to see if the changes were successful, IP address who is in front, default who is the server, where ip/mac to verify the correct input, otherwise during replay error.

Test the third step: Replay Packet, first in order to obtain a higher transmission speed, you can put the file into the /dev/shm directory, the maximum speed of about 1 time times the acceleration. The replay command is:

Tcpreplay-i eth0-i eth1-l 1000-t-c/dev/shm/test.cache/dev/shm/1.pcap

Command analysis:-Iafter the main network card /server network card,-I after the parameter is the secondary network card /client network card; the parameter after-L is the number of plays, and-t means as fast as possible –c followed by two parameters respectively . Cache and . Pcap. This command loops the file 1000 times at the highest rate . the above steps are tested and guaranteed to pass.

">

Sharenet

Tcpreplay Tool Installation-configuration-instance