On Wed, Nov 12, 2008 at 9:05 PM, Wang Fan <[EMAIL PROTECTED]> wrote: > Hi, > We are using Tcpreplay to test against network devices. It is powerful and > help us greatly! > > As to handling src-nat device, after reading > http://tcpreplay.synfin.net/trac/wiki/usage#PassingTrafficThroughaFirewallRouterNon-TransparentDevice, > I still have some questions: > > In the attached scenario, Client is on Trust side and Server is on Untrust > side. Firewall changes packet's src ip and src port on its Untrust interface > when client access outside server. This is the most normal src-nat > implementation. In detail, src ip is changed to Untrust interface ip and src > port is changed randomly. As to this diagram, for example, original packet > 1.1.1.2:5555à2.2.2.2:80 is changed to 2.2.2.1:6000 (may be 5211 next > time)à2.2.2.2:80 > These 2 changes cause 2 issues when Tcpreplay sending packets from Server to > Client: > 1. It should change dst ip address to 2.2.2.1. This can be resolved by > tcpwrite. > 2. It should change dst port to the randomly generated port, here is > 6000. By now tcpreplay likely can't handle it. > > So would you help us about issue 2 ?
Howdy, So obviously, tcprewrite has no idea in advance what the randomly generated source port would be. Hence I can't think of any way that tcprewrite could solve this problem. Also tcpreplay doesn't listen for packets, so it won't see the changed source port either. Hence, I don't think tcpreplay can easily be adapted for this use case. You might try looking at tomahawk, but honestly, I don't think they deal with changes in the source port either. Other then that, I really can't think of any good solution. Sorry. -Aaron -- Aaron Turner http://synfin.net/ http://tcpreplay.synfin.net/ - Pcap editing and replay tools for Unix & Windows They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Tcpreplay-users mailing list Tcpreplay-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tcpreplay-users Support Information: http://tcpreplay.synfin.net/trac/wiki/Support
