Hi all, I've tried searching the archives to see if there's any related discussions, but SourceForge doesn't allow you to easily search the mail archives.
Here's what I'm trying to do: - Start up wireshark/tcpdump on a client system. - Browse to http://www.google.com in any standard browser. - Save the generated PCAP. - Configure something *like* tcpreplay with the generated PCAP on a Linux server, sitting on a closed network, acting as a spoofed DNS/Web server. - Set up a _real_ client system with a _real_ browser on that same closed network. - Browse to http://www.google.com on that client system - View the exact same data that was seen in the PCAP. One assumption: The original browser did NOT have any of the web content pre-cached, so the PCAP should contain all the corresponding data. I'm not sure that this effort is identical to the long forgotten 'flowreplay', and I'm not sure if the same issues apply. Specifically, unlike replaying client traffic to the server. I'm talking about replaying *SERVER* traffic to a client. So, only the *initial* timing is critical. Specifically, the "replay server code" needs analyze the PCAP and identify all flows and what initial TCP/UDP port the *client* contacts the server on in order to start "replaying" the rest of the flows. Basically, there's an initial delay, waiting for the client to contact the "replay server" on UDP/53 and HTTP/80, but after that, the "replay server" can send the rest of the flow data at the original captured data-rate. My Questions: - I'm pretty sure tcpreplay *can't* do this, but I'll ask anyway for confirmation. Can the developer's clarify? - Is there any interest/possibility of baking this feature into a version of the tcpreplay tools? - Are there any other open-source projects or even commercial tools that can do this? Seriously, the only thing close that I've seen is the HTTPREPLAY tool by Microsoft (http://blogs.msdn.com/emmanubo/archive/2007/06/04/introduction-to-strace-httpreplay-support-tools.aspx). But that tool doesn't deal with PCAPs. Any comments/suggestions would be helpful. Thanks, -- Darien ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ Tcpreplay-users mailing list Tcpreplay-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tcpreplay-users Support Information: http://tcpreplay.synfin.net/trac/wiki/Support
