2016年10月11日 星期二

tcpdump and tcpreplay on Linux CentOS 7.2


tcpdump

 sudo tcpdump -i em1 -nn port 14316
sudo tcpdump -i em1 -nn 'port 14316'
sudo tcpdump -i em1 -nn port 14316 or port 14311
sudo tcpdump -i em1 -nn 'port 14316 or port 14360 or port 15360 or port 14311 or port 15311'
socat
sudo socat STDIO UDP4-RECV:14316,ip-add-membership=224.0.31.28:em1


All below scripts are tested.
Test

 316SA
sudo socat STDIO UDP4-RECV:14316,ip-add-membership=224.0.31.28:em1
GC

 360SA
sudo socat STDIO UDP4-RECV:14360,ip-add-membership=224.0.31.202:em1
360SB
sudo socat STDIO UDP4-RECV:15360,ip-add-membership=224.0.32.202:em1


MDP

 311SA
sudo socat STDIO UDP4-RECV:14311,ip-add-membership=224.0.31.23:em1
311IA
sudo socat STDIO UDP4-RECV:14311,ip-add-membership=224.0.31.2:em1
311IB
sudo socat STDIO UDP4-RECV:15311,ip-add-membership=224.0.32.2:em1
311NA
sudo socat STDIO UDP4-RECV:14311,ip-add-membership=224.0.31.44:em1




[quantprod@hkoffice083 dev]$ sudo socat STDIO UDP4-RECV:14311,ip-add-membership=224.0.31.23:em1
2016/10/11 05:00:25 socat[20560] E bind(3, {AF=2 0.0.0.0:14311}, 16): Address already in use
[quantprod@hkoffice083 dev]$ sudo socat STDIO UDP4-RECV:14311,ip-add-membership=224.0.31.2:em1
2016/10/11 05:00:33 socat[20562] E bind(3, {AF=2 0.0.0.0:14311}, 16): Address already in use
[quantprod@hkoffice083 dev]$ sudo socat STDIO UDP4-RECV:15311,ip-add-membership=224.0.32.2:em1
2016/10/11 05:00:42 socat[20564] E bind(3, {AF=2 0.0.0.0:15311}, 16): Address already in use
[quantprod@hkoffice083 dev]$ sudo socat STDIO UDP4-RECV:14311,ip-add-membership=224.0.31.44:em1
2016/10/11 05:00:46 socat[20566] E bind(3, {AF=2 0.0.0.0:14311}, 16): Address already in use
[quantprod@hkoffice083 dev]$

 pcap

 sudo tcpdump -i em1 -nn 'port 14316 or port 14360 or port 15360 or port 14311 or port 15311' -c 1000 -w 311SA.pcap
sudo tcpdump -i em1 -nn 'port 14316 or port 14360 or port 15360 or port 14311 or port 15311' -c 1000 -w 311IA.pcap
sudo tcpdump -i em1 -nn 'port 14316 or port 14360 or port 15360 or port 14311 or port 15311' -c 1000 -w 311IB.pcap
sudo tcpdump -i em1 -nn 'port 14316 or port 14360 or port 15360 or port 14311 or port 15311' -c 1000 -w 311NA.pcap

 sudo tcpdump -i em1 -nn 'port 14316 or port 14360 or port 15360 or port 14311 or port 15311' -c 1000 -w 360SA.pcap
sudo tcpdump -i em1 -nn 'port 14316 or port 14360 or port 15360 or port 14311 or port 15311' -c 1000 -w 360SB.pcap

tcpreplay
sudo yum install tcpreplay
http://tcpreplay.synfin.net/wiki/tcpreplay

 sudo tcpreplay --loop=0 --intf1=eth0 capture.pcapng

沒有留言:

張貼留言

訂閱: 張貼留言 (Atom)

2023 Promox on Morefine N6000 16GB 512GB

2023 Promox on Morefine N6000 16GB 512GB Software Etcher 100MB (not but can be rufus-4.3.exe 1.4MB) Proxmox VE 7.4 ISO Installer (1st ISO re...