I am trying to use tcpreplay in a reproduceable way to try out a new piece of hardware+software that is supposed to listen on our network for "flagged" items being transmitted on the network. My bad "stuff" that is supposed to produce violations in the software are in my pcap, originally recorded on another network. When I play the pcap, I get nothing from my snazzy sniffer, i.e. I get no flagged things.
So to verify that I had configured the sniffer software/hardware correctly, I manually sent a violation through (via normal SMTP email) and the sniffer software worked, it flagged the stuff. I then recorded a pcap (wireshark) on my network (via same normal SMTP email) with the violation. And then replayed the pcap. And then it didn't catch my violation again. >From all indications in wireshark, the packets are all there and being replayed properly, but I can't just can't reproduce the sniffer violating items when using tcpreplay. Can someone with more networking expertise tell me why this may be? I know the pcap is hitting the destination NIC b/c I can watch the Rx bytes increase on the sniffing NIC. Is there something I can do to my pcap to make this work? ------- Version 3.4.3 Commands used. tcpreplay --intf1=eth4 testfile.pcap (sometimes I use --topspeed to make it just go faster) also used... tcprewrite, hardcoding source & destination mac addresses tcprewrite another time, using pnat to rewrite the original subnet/IP scheme to new IP/subnet. Neither time had any effect Platform RHEL 5.3 on AMD box Intel Pro 1000 NIC Cannot attach pcap
------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev
_______________________________________________ Tcpreplay-users mailing list Tcpreplay-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tcpreplay-users Support Information: http://tcpreplay.synfin.net/trac/wiki/Support
