On Fri, Feb 8, 2013 at 7:43 AM, ghizlane khoudari <khoudarighizl...@gmail.com> wrote: > Hello, > > I try to use tcprepaly to modify the pcap file and add somme error in the > protocol adress. > I saw that I can modify the Mac adress, endpoint...(layer 3) but I want to > change the adress for others protocols such CLNP connectionless network > protocol.
I'm not really familiar with CLNP and tcprewrite doesn't allow you to do any editing of those kind of messages today. > I saw also that tcpreplay supports some limited TCP/UDP (layer 4) > editing...All the plugins start with dlt (layer 2), I just saw function for > layer 2 (dlt). Can you tell me in which packet it let us modify these > protocols (UDP/TCP) please? The plugin's are for converting between DLT/Layer 2. DLT is something specific to libpcap and specifies the hardware/layer 2 frame type- ethernet, serial, loopback, wifi, etc. Basically it's there to allow you to capture traffic on one kind of interface and replay it on another interface type. Unfortunately today, there's no plugin infrastructure for L3+ although it's not hard to add that functionality to the existing code base IMHO. > I will try to do the same things for CLNP. > Thank you for your help So my brief reading I've learned CLNP is a L3 protocol. So that would be pretty easy I assume. Basically in src/tcpedit/tcpedit.c around line 145 (assuming tcpreplay 3.4) check the l2proto variable if it is CLNP and if so, call your rewriting routine. Good luck! -- Aaron Turner http://synfin.net/ Twitter: @synfinatic http://tcpreplay.synfin.net/ - Pcap editing and replay tools for Unix & Windows Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. -- Benjamin Franklin "carpe diem quam minimum credula postero" ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb _______________________________________________ Tcpreplay-users mailing list Tcpreplay-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tcpreplay-users Support Information: http://tcpreplay.synfin.net/trac/wiki/Support
