Wireshark mailing list archives
Re: Dump forwarding
From: luca paganotti <luca.paganotti () gmail com>
Date: Mon, 19 Nov 2018 16:31:16 +0100
Hi all, it seems that tcpreplay-edit does the trick ... After issuing the following comand line wireshark can capture my network UDP flow after the destination address has been rewritten: sudo tcpreplay-edit -i eth0 -N X.X.X.X/NN:Y.Y.Y.Y,Z.Z.Z.Z/MM:D.D.D.D <my .pcapng file> where X.X:X.X is the original source address and NN its netmask Y.Y.Y.Y is X.X.X.X substitute Z.Z.Z.Z is the original destination address and MM its netmask and finally D.D.D.D is an address I own and control that substitutes Z.Z.Z.Z <my .pcapng file> is my dump file. with this settings the respective ports are preserved but they could be changed as well using the -r switch (or so I think it would be possible ...) Now I have only to write something that reads my packets, or at least I hope so ... Thank you all for helping me with precious advices. Have a nice day :-) ---------------------------------------------------------------- -- luca.paganotti () gmail com -- https://github.com/lucapaganotti -- sourceforge email: -- lucapaganotti () users sourceforge net -- skype name: luca.paganotti [image: http://it.linkedin.com/in/lucapaganotti] <http://it.linkedin.com/in/lucapaganotti> -- Mastodon: l <https://www.facebook.com/luca.paganotti.66> ucapaganotti () fosstodon org -- --------------------------------------------------------------- -- Mistakes are portals of discovery - JAAJ --- -------------------------------------------------------------- On Mon, Nov 19, 2018 at 3:58 PM Luc Dandoy <luc.dandoy () gmail com> wrote:
HelloOn 19 Nov 2018, at 15:36, luca paganotti <luca.paganotti () gmail com>wrote:Ok, tcpreplay is usefull to get the same packets flow, by the way Iwould like to redirect the dumped packets to specific IP address and port to be able to read and manage this flow. tcpreplay seems to exactly mimic the dumped flow between source and destination address/port dumped in the file. Is there a way to redirect packets where I want them to go?Maybe you can use first tcprewrite ( http://tcpreplay.synfin.net/wiki/tcprewrite ), to modify the capture (source and destination IP/port) Then replay the resulting pcap file with tcpreplay. Regards, Dandoy Luc ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Dump forwarding luca paganotti (Nov 19)
- Re: Dump forwarding Guy Harris (Nov 19)
- Re: Dump forwarding luca paganotti (Nov 19)
- Re: Dump forwarding Jaap Keuter (Nov 19)
- Re: Dump forwarding luca paganotti (Nov 19)
- Re: Dump forwarding Luc Dandoy (Nov 19)
- Re: Dump forwarding luca paganotti (Nov 19)
- Re: Dump forwarding Jaap Keuter (Nov 19)
- Re: Dump forwarding luca paganotti (Nov 19)
- Re: Dump forwarding luca paganotti (Nov 19)
- Re: Dump forwarding Guy Harris (Nov 19)