Replay packets from pcap -file to network interface

Overview

Pktreplay

pktreplay can be used to read packets from pcap file or interface and write them into interface. By default packets are written with the same rate they have been saved into the pcap file, or, when reading from interface, as fast as they are received.

pktreplay takes its inspiration from tcpreplay, but without packet editing capabilities.

Usage

pktreplay needs to be run as root or (on Linux) with cap_net_raw capability to be able to write raw data to the interface.

Following command line options are available:

  • Options to control where packets are read from. One of these must be present:
    • -f or --file : Read packets from pcap file FILE.
    • -i or --interface : Read packets from given interface.
  • -o or --output : Write packets to interface with name IFNAME. If this option is not given, packets are written to /dev/null.
  • -l or --loop: Loop packets from file, that is start writing packets again from the beginning once all packets are written. Program terminates when user presses ctrl+c.
  • -c or --count : Read only NUM first packets from the file and output them. If --loop is set, then loop the first NUM packets.
  • -S or --stats : Print statistics every SEC seconds.
  • Options to control packet rate. Only one can be given, if none of these options is present, packets are written with the rate they have been saved to the pcap file:
    • -F or --fullspeed: Write packets as fast as possible.
    • -p or --pps : Write packets with RATE (integer) packets per second.
    • -M or --mbps : Write packets with RATE (float) mega(million) bits per second.
  • Options to control internal packet buffer size. pktreplay reads packets into internal buffer from where they are written to interface.
    • -H or --hi : Maximum number of packets to buffer. After this many packets are buffered, no more packets are read into the buffer until buffer contains only low number of packets.
    • -L or --low : Low watermark for packet buffer. If buffer contains only this number of packets, new packets are read into the buffer until the buffer contains hi number of packets. Default value for this is half of the maximum number of packets.

After packets are written, a summary is written. The program can be terminated by pressing ctrl+C.

You might also like...
Network simulation in Rust

netsim - A Rust library for network simulation and testing (currently linux-only). netsim is a crate for simulating networks for the sake of testing n

A private network system that uses WireGuard under the hood.

innernet A private network system that uses WireGuard under the hood. See the announcement blog post for a longer-winded explanation. innernet is simi

A Curve-like AMM for Secret Network

A Curve-like AMM for Secret Network. Supports a varibale number of tokens with the same underlying value.

A multi-protocol network relay

A multi-protocol network relay

A Rust library for parsing the SOME/IP network protocol (without payload interpretation).

someip_parse A Rust library for parsing the SOME/IP network protocol (without payload interpretation). Usage Add the following to your Cargo.toml: [de

Computational Component of Polkadot Network
Computational Component of Polkadot Network

Gear is a new Polkadot/Kusama parachain and most advanced L2 smart-contract engine allowing anyone to launch any dApp for networks with untrusted code.

Fullstack development framework for UTXO-based dapps on Nervos Network

Trampoline-rs The framework for building powerful dApps on the number one UTXO chain, Nervos Network CKB. This is an early-stage, currently very incom

Official Implementation of Findora Network.

Findora Platform Wiki Contribution Guide Licensing The primary license for Platform is the Business Source License 1.1 (BUSL-1.1), see LICENSE. Except

netavark: A container network stack

netavark: A container network stack Netavark is a rust based network stack for containers. It is being designed to work with Podman but is also applic

Comments
  • Bump regex from 1.5.4 to 1.5.6

    Bump regex from 1.5.4 to 1.5.6

    Bumps regex from 1.5.4 to 1.5.6.

    Changelog

    Sourced from regex's changelog.

    1.5.6 (2022-05-20)

    This release includes a few bug fixes, including a bug that produced incorrect matches when a non-greedy ? operator was used.

    1.5.5 (2022-03-08)

    This releases fixes a security bug in the regex compiler. This bug permits a vector for a denial-of-service attack in cases where the regex being compiled is untrusted. There are no known problems where the regex is itself trusted, including in cases of untrusted haystacks.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump crossbeam-utils from 0.8.5 to 0.8.8

    Bump crossbeam-utils from 0.8.5 to 0.8.8

    Bumps crossbeam-utils from 0.8.5 to 0.8.8.

    Release notes

    Sourced from crossbeam-utils's releases.

    crossbeam-utils 0.8.8

    • Fix a bug when unstable loom support is enabled. (#787)

    crossbeam-utils 0.8.7

    • Add AtomicCell<{i*,u*}>::{fetch_max,fetch_min}. (#785)
    • Add AtomicCell<{i*,u*,bool}>::fetch_nand. (#785)
    • Fix unsoundness of AtomicCell<{i,u}64> arithmetics on 32-bit targets that support Atomic{I,U}64 (#781)

    crossbeam-utils 0.8.6

    • Re-add AtomicCell<{i,u}64>::{fetch_add,fetch_sub,fetch_and,fetch_or,fetch_xor} that were accidentally removed in 0.8.0 0.7.1 on targets that do not support Atomic{I,U}64. (#767)
    • Re-add AtomicCell<{i,u}128>::{fetch_add,fetch_sub,fetch_and,fetch_or,fetch_xor} that were accidentally removed in 0.8.0 0.7.1. (#767)
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Add support for reading packets from interface instead of file

    Add support for reading packets from interface instead of file

    With --interface read packets from interface instead of reading them from file. --file and --interface can not be set at the same time. Add also --stats to specify interval for printing statistics during operation.

    opened by jtt 0
  • Should pktreplay fail on network down?

    Should pktreplay fail on network down?

    If output network interface is down, pktreplay doesn't give error nor does it send anything. Should "network fail" from libpcap make the tool bail out with error?

         Running `/tmp/rust/shell/debug/pktreplay -i en0 -c 1 -o en7`
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] pcap_create("en7") => 0x142e04980
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] pcap_activate(0x142e04980)
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] check_pcap_error(0x142e04980, 0) = ok
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] pcap_create("en0") => 0x142e04c90
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] pcap_set_buffer_size(0x142e04c90, 65535)
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] check_pcap_error(0x142e04c90, 0) = ok
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] pcap_set_promisc(0x142e04c90, true)
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] check_pcap_error(0x142e04c90, 0) = ok
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] pcap_set_immediate_mode(0x142e04c90, true)
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] check_pcap_error(0x142e04c90, 0) = ok
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] pcap_activate(0x142e04c90)
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] check_pcap_error(0x142e04c90, 0) = ok
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] pcap_next_ex(0x142e04c90)
    [2022-10-24T11:52:53Z TRACE pktreplay::channel] tx complete, packets in channel: 1
    [2022-10-24T11:52:53Z TRACE luomu_libpcap] PcapT::drop(0x142e04c90)
    [2022-10-24T11:52:53Z TRACE pktreplay::channel] rx complete, packets in channel: 0
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] pcap_inject(0x142e04980, 0x142e04f20, 294)
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] status_to_str(-1)
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] check_pcap_error(0x142e04980, -1) = Generic error
    [2022-10-24T11:52:53Z TRACE luomu_libpcap::functions] get_error(0x142e04980)
    [2022-10-24T11:52:53Z WARN  pktreplay::pipe] Unable to write packet: libpcap error: send: Network is down
    [2022-10-24T11:52:53Z TRACE luomu_libpcap] PcapT::drop(0x142e04980)
    [2022-10-24T11:52:53Z TRACE pktreplay] Reader terminated
    [2022-10-24T11:52:53Z TRACE pktreplay::pipe] Writer terminated, processed: 0 packets, 0 bytes in 72ms / 0.000pps, 0.000bps (0.000 MBps)
    Write complete: 0 packets, 0 bytes in 72ms / 0.000pps, 0.000bps (0.000 MBps)
    
    opened by oherrala 1
Owner
Jukka Taimisto
Jukka Taimisto
A minimalistic encryption protocol for rust async streams/packets, based on noise protocol and snow.

Snowstorm A minimalistic encryption protocol for rust async streams / packets, based on noise protocol and snow. Quickstart Snowstorm allows you to se

Black Binary 19 Nov 22, 2022
A multi-targets ping tool and library, which supports 10,000 packets/second, accurate latency

mping-rs a multi-targets ping tool, which supports 10,000 packets/second, accurate latency. 一个高频ping工具,支持多个目标。 正常的ping一般用来做探测工具,mping还可以用来做压测工具。 Go版本:

smallnest 25 Oct 29, 2023
The netns-rs crate provides an ultra-simple interface for handling network namespaces in Rust.

netns-rs The netns-rs crate provides an ultra-simple interface for handling network namespaces in Rust. Changing namespaces requires elevated privileg

OpenAnolis Community 7 Dec 15, 2022
Docker containers on a synthetic network. Run applications in a context that lets you manipulate their network conditions.

Synthetic Network Docker containers on a synthetic network. Run applications in a context that lets you manipulate their network conditions. Dependenc

Daily 58 Dec 15, 2022
Simple in-network file transfer with barely any overhead.

fftp fftp is the "Fast File Transport Protocol". It transfers files quickly between computers on a network with low overhead. Motivation FTP uses two

leo 4 May 12, 2022
wireguard tool to manage / generate configuration. Maintain one yaml configuration file to quickly build wireguard network.

wgx wireguard tool to manage / generate configuration. Maintain one yaml configuration file to quickly build wireguard network. Usage wgx --h USAGE:

yinheli 6 Nov 3, 2022
Tunnel TCP traffic through SOCKS5 or HTTP using a TUN interface.

tun2proxy Tunnel TCP traffic through SOCKS5 or HTTP on Linux. Authentication not yet supported. Error handling incomplete and too restrictive. Build C

B. Blechschmidt 34 Nov 29, 2022
An experimental IPC interface definition language for Hubris.

Idol: interface definitions for Hubris This is an experimental interface definition language for defining IPC interfaces between tasks in a Hubris app

Oxide Computer Company 8 Oct 19, 2022
Podman-api-rs - Rust interface to Podman (libpod).

podman-api Rust interface to Podman Usage Add the following to your Cargo.toml file [dependencies] podman-api = "0.1" SSL Connection To enable HTTPS c

Wojciech Kępka 43 Dec 29, 2022
Rust implementation of the JDA-NAS interface

udpqueue.rs This is a rust implementation of the original JDA-NAS natives. This can be used to make a minimal modular jar with only the required targe

Florian Spieß 13 Mar 8, 2023