tcpreplay
Tool to replay saved tcpdump files at arbitrary speeds
Install
- All systems
-
curl cmd.cat/tcpreplay.sh
- Debian
-
apt-get install tcpreplay - Ubuntu
-
apt-get install tcpreplay - Arch Linux
-
pacman -S tcpreplay - Kali Linux
-
apt-get install tcpreplay - Fedora
-
dnf install tcpreplay - Windows (WSL2)
-
sudo apt-get updatesudo apt-get install tcpreplay - OS X
-
brew install tcpreplay - Raspbian
-
apt-get install tcpreplay - Dockerfile
- dockerfile.run/tcpreplay
tcpreplay
Tool to replay saved tcpdump files at arbitrary speeds
Tcpreplay is aimed at testing the performance of a NIDS by replaying real background network traffic in which to hide attacks. Tcpreplay allows you to control the speed at which the traffic is replayed, and can replay arbitrary tcpdump traces. Unlike programmatically-generated artificial traffic which doesn't exercise the application/protocol inspection that a NIDS performs, and doesn't reproduce the real-world anomalies that appear on production networks (asymmetric routes, traffic bursts/lulls, fragmentation, retransmissions, etc.), tcpreplay allows for exact replication of real traffic seen on real networks. It included the following executables tcpprep, tcprewrite, tcpreplay-edit, tcpbridge and pcap based captures are possible.