wiki:flowreplay

flowreplay

TOC(depth=2, manual, tcpreplay, tcpliveplay, tcpprep, tcprewrite, tcpbridge, tcpcapinfo, flowreplay, commonargs, usage, FAQ)?

Important

Flowreplay is dead. No future development is planned. For more information, please read this. You may want to look at Wireplay and see if it will meet your needs.

Overview

flowreplay has the simple goal of reading a pcap file, and taking the client side of the connection(s) and replaying that data using a standard TCP/UDP socket to connect to a server. This is because tcpreplay is unable to establish a valid TCP session with a server since it is unable to syncronize Seq/Ack? numbers or maintain any TCP state.

Details

flowreplay is currently an early work in progress and doesn't really work. Right now, I'm looking for a simple method to do IP defragmentation and TCP stream reassembly. In the past, I looked at libnids, but it has a number of serious issues such as being non-thread safe and having a crappy API. Right now, I've put flowreplay development on indefinate hold while I stabilize the 3.x series.


Previous: tcpcapinfo | Next: Common Arguments

Last modified 4 years ago Last modified on 09/05/12 06:26:59