一、安装方法
以下服务器信息为该文档安装tcpreplay服务环境
服务器信息:CentOS7
内核版本:3.10.0-1160.el7.x86_64
1.直接使用yum进行安装
yum -y install tcpreplay
2.查看安装是否成功(如果有输出代表安装成功)
tcpreplay -V
ps:安装好后就能看到tcpprep、tcpwrite,和tcpreplay一起配合使用
二、整体步骤
步骤1:先为待修改的pcap包(test1.pcap)生成一个中间件(test_cache.cache)
tcpprep -p --pcap=test1.pcap --cachefile=test_cache.cache
步骤2:导入待修改包和中间件,利用tcprewrite输出修改后的文件(test2.pcap)
tcprewrite -i test1.pcap -o test2.pcap --cachefile=test_cache.cache [具体修改项]
三、修改方法
# tcprewrite -h tcprewrite (tcprewrite) - Rewrite the packets in a pcap file. Usage: tcprewrite [ -<flag> [<val>] | --<name>[{=| }<val>] ]... -r, --portmap=str Rewrite TCP/UDP ports -s, --seed=num Randomize src/dst IPv4/v6 addresses w/ given seed -N, --pnat=str Rewrite IPv4/v6 addresses using pseudo-NAT -S, --srcipmap=str Rewrite source IPv4/v6 addresses using pseudo-NAT -D, --dstipmap=str Rewrite destination IPv4/v6 addresses using pseudo-NAT -e, --endpoints=str Rewrite IP addresses to be between two endpoints --tcp-sequence=num Change TCP Sequence (and ACK) numbers /w given seed -b, --skipbroadcast Skip rewriting broadcast/multicast IPv4/v6 addresses -C, --fixcsum Force recalculation of IPv4/TCP/UDP header checksums -m, --mtu=num Override default MTU length (1500 bytes) --mtu-trunc Truncate packets larger then specified MTU -E, --efcs Remove Ethernet checksums (FCS) from end of frames --ttl=str Modify the IPv4/v6 TTL/Hop Limit --tos=num Set the IPv4 TOS/DiffServ/ECN byte --tclass=num Set the IPv6 Traffic Class byte --flowlabel=num Set the IPv6 Flow Label -F, --fixlen=str Pad or truncate packet data to match header length --fuzz-seed=num Fuzz 1 in X packets. Edit bytes, length, or emulate packet drop --fuzz-factor=num Set the Fuzz 1 in X packet ratio (default 1 in 8 packets) --skipl2broadcast Skip rewriting broadcast/multicast Layer 2 addresses --dlt=str Override output DLT encapsulation --enet-dmac=str Override destination ethernet MAC addresses --enet-smac=str Override source ethernet MAC addresses --enet-subsmac=str Substitute MAC addresses --enet-mac-seed=num Randomize MAC addresses --enet-mac-seed-keep-bytes=num Randomize MAC addresses --enet-vlan=str Specify ethernet 802.1q VLAN tag mode --enet-vlan-tag=num Specify the new ethernet 802.1q VLAN tag value --enet-vlan-cfi=num Specify the ethernet 802.1q VLAN CFI value --enet-vlan-pri=num Specify the ethernet 802.1q VLAN priority --enet-vlan-proto=str Specify VLAN tag protocol 802.1q or 802.1ad --hdlc-control=num Specify HDLC control value --hdlc-address=num Specify HDLC address --user-dlt=num Set output file DLT type --user-dlink=str Rewrite Data-Link layer with user specified data -i, --infile=str Input pcap file to be processed -o, --outfile=str Output pcap file -c, --cachefile=str Split traffic via tcpprep cache file -v, --verbose Print decoded packets via tcpdump to STDOUT -A, --decode=str Arguments passed to tcpdump decoder --skip-soft-errors Skip writing packets with soft errors -V, --version Print version information -h, --less-help Display less usage information and exit -H, --help display extended usage information and exit -!, --more-help extended usage information passed thru pager --save-opts[=arg] save the option state to a config file --load-opts=str load options from a config file
1.链路层数据的修改
2.ip层数据的修改
3.传输层数据的修改