Hi all
At first, I really appreciate for helping me.
I am trying to send all the traffic of one Pcap file replayed by TCPReplay to
the SSH or SSL tunnel. It means that all the traffic of one interface which I
am replaying the traffic to, should be tunneled and encrypted using SSL or SSH.
This is something like VPN but using SSH or SSL instead of using pptp. Would
you please help me to find any solution to achieve that.
I have tried to implement it using port forwarding, but that one is for just
one port, Indeed I want to send all the traffic of one interface on client
inside the tunnel and receive it on the server.
Best Regards
Mehdi Barati
On Saturday, April 5, 2014 5:00 AM, Mike A <ajabber...@gmail.com> wrote:
Wow! Got it working. From one linux machine I can replay a pcap through a
router.
I had to do two things that were not mentioned in the tcpreplay documenation:
* Use the command-line option "--fixcsum" when doing "tcprewrite". The router
may throw away packets for having incorrect checksums.
* Turn off the router's firewall, so that it accepts traffic both directions.
Mike
On Thu, Apr 3, 2014 at 6:45 PM, Fred Klassen <fklas...@appneta.com> wrote:
I think OpenWRT is good to go. I have used it before for VoIP calls and never
had a problem. Changing port numbers is not a problem as long as it is
predictable. For example, if port 5000 source is always translated to 8000, not
a problem. If the translation is unpredictable, then you have a problem.
>
>
>Only older routers are affected. I had an old FreeBSD based router that didn't
>work, but we got rid of it a few years ago.
>
>
>Fred.
>
>
>From: Mike A <ajabber...@gmail.com>
>Reply-To: Main forum for tcpreplay <tcpreplay-users@lists.sourceforge.net>
>Date: Thursday, April 3, 2014 at 1:22 PM
>
>To: Main forum for tcpreplay <tcpreplay-users@lists.sourceforge.net>
>Subject: Re: [Tcpreplay-users] Passing Traffic Through a Router using one
>Linux machine?
>
>
>
>I'm actually using an OpenWrt router - perhaps there is a way to turn off or
>simplify the NAT so that it does not change port numbers?
>
>
>
>Mike
>
>
>
>
>On Thu, Apr 3, 2014 at 9:44 AM, Fred Klassen <fklas...@appneta.com> wrote:
>
>If it was a router without NAT you could make this work provided that your
>hardware was identical to IP addresses/MAC addresses in the pcap file. If not,
>you will have to use tcprewrite/tcpprep to make it so.
>>
>>
>>With NAT there is an extra complication. When a connection is established,
>>NAT will translate the source port number. The algorithm is different from
>>one NAT to the next. What is difficult is if the translated source port is
>>completely random with no relation to the original source port. Luckily those
>>NATs are going by the wayside because they break TURN servers, and thereby
>>break direct peer-to-peer VoIP calls (VoIP proxy required).
>>
>>
>>Provided the capture was done on the same NAT with the same source port
>>translation algorithm, and the same care is taken to ensure that the
>>addresses match the hardware, and the NAT supports TURN, you should be OK.
>>
>>
>>Fred.
>>
>>
>>From: Mike A <ajabber...@gmail.com>
>>Reply-To: Main forum for tcpreplay <tcpreplay-users@lists.sourceforge.net>
>>Date: Wednesday, April 2, 2014 at 7:11 PM
>>To: "tcpreplay-users@lists.sourceforge.net"
>><tcpreplay-users@lists.sourceforge.net>
>>Subject: [Tcpreplay-users] Passing Traffic Through a Router using one Linux
>>machine?
>>
>>
>>
>>Hi,
>>
>>I'm running tcpreplay 4.0.4 on Ubuntu Linux 12. I've read the usage examples
>>(http://tcpreplay.synfin.net/wiki/usage) and followed along. I'm trying to
>>replay a single-stream (one 5-tuple) pcap so that packets go through a router.
>>
>>
>>My hardware setup is involves one Linux machine (with eth0 and eth1) and one
>>router (which does NAT):
>>
>>
>> eth0 <-> LAN (router) WAN <-> eth1
>>
>>192.168.0.1 <-> 192.168.0.2 (router) 10.0.0.2 <-> 10.0.0.1
>>
>>
>>
>>* Will this physical setup work? Or are there common pitfalls or mistakes?
>>
* For packets that have src IP 192.168.0.1 and dst IP 10.0.0.1 (both on the
linux machine), will the Linux OS short-circuit and simply pass packets
internally (and not actually send it out to the router?)?
>>
>>
>>
If I can get tcpreplay to actually send packets from a pcap through a router I
will donate $ to whoever or whatever, because this will be the most useful
tool. It's something I have needed for such a long time, and will get used a
lot.
>>
>>
>>Thanks ahead for any help,
>>
Mike
>>
>>------------------------------------------------------------------------------
>>
>>_______________________________________________
>>Tcpreplay-users mailing list
>>Tcpreplay-users@lists.sourceforge.net
>>https://lists.sourceforge.net/lists/listinfo/tcpreplay-users
>>Support Information: http://tcpreplay.synfin.net/trac/wiki/Support
>>
>
>------------------------------------------------------------------------------
>
>_______________________________________________
>Tcpreplay-users mailing list
>Tcpreplay-users@lists.sourceforge.net
>https://lists.sourceforge.net/lists/listinfo/tcpreplay-users
>Support Information: http://tcpreplay.synfin.net/trac/wiki/Support
>
------------------------------------------------------------------------------
_______________________________________________
Tcpreplay-users mailing list
Tcpreplay-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tcpreplay-users
Support Information: http://tcpreplay.synfin.net/trac/wiki/Support
------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________
Tcpreplay-users mailing list
Tcpreplay-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tcpreplay-users
Support Information: http://tcpreplay.synfin.net/trac/wiki/Support
