Date: Wed, 18 Mar 1998 11:00:58 +0200 (SAT) From: Graham Wheeler <gram@cdsec.com> To: robert+freebsd@cyrus.watson.org Cc: hackers@FreeBSD.ORG Subject: Re: need a reference: data link layer packet transmission Message-ID: <199803180900.LAA00222@cdsec.com> In-Reply-To: <Pine.BSF.3.96.980318033148.410A-100000@thithle.watson.org> from "Robert Watson" at Mar 18, 98 03:38:20 am
next in thread | previous in thread | raw e-mail | index | archive | help
> > For performance testing and bug catching, I would like to be able to > "replay" tcpdump captured packet streams that were promiscuously sniffed > off of a network. Using the existing tcpdump to do this is ideal, as it > timestamps, etc. However, I need to be able to resend the packets over > the network, and not all of the packets of interest are IP-packets. So I > need to be able to manually ship these packets to the link layer for > delivery (on a specific device). I know that bpf can be used for > transmission as well as reception (bpfwrite), but have had a hard time > finding sample source code that uses this transmission; bpf is primarily > intended for listening and not deliver. It's quite easy to do with BPF; you just need to write the packets out with the Ethernet frame header at the start. In the Ethernet header, you will need to put the MAC address of the next hop; you don't need to fill in the source address, as this will be done for you. Bear in mind, however, that any packets written out to a BPF device are `retapped', and so you could see them as received packets if sniffing. But in your case, where you seem to just want a replay, this shouldn't be a problem. -- Dr Graham Wheeler E-mail: gram@cdsec.com Citadel Data Security Phone: +27(21)23-6065/6/7 Internet/Intranet Network Specialists Mobile: +27(83)-253-9864 Firewalls/Virtual Private Networks Fax: +27(21)24-3656 Data Security Products WWW: http://www.cdsec.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199803180900.LAA00222>