Hello:
I am attempting to replay a pcap from within a VM over the local host connection to another VM on the same. I have no trouble communicating between the two VMs, HTTP traffic, ICMP, SSH, TCP in general all gets through just fine. The pcap I'm replaying is actually a replay of traffic captured between the two VMs Details: Host machine running Windows 10 VMs created and running on VMware Workstation 12 VM1: Kali Linux 2016.1 Network interface configured for Host-only VM2: Proprietary Linux based version Network interface configured for Host-only tcpreplay version: 3.4.4 (build 2450) (debug) Copyright 2000-2010 by Aaron Turner <aturner at synfin dot net> Cache file supported: 04 Not compiled with libdnet. Compiled against libpcap: 1.7.4 64 bit packet counters: enabled Verbose printing via tcpdump: enabled Packet editing: disabled Fragroute engine: disabled Injection method: PF_PACKET send() When I attempt the following: tcpreplay -v -d 5 --intf1=eth0 <pcapfile.pcap> There is no traffic visible in wireshark and the following is printed to the terminal: DEBUG1 in sendpacket.c:sendpacket_open_pf() line 617: sendpacket: using PF_PACKET DEBUG5 in utils.c:_our_safe_malloc() line 66: Malloc'd 1152 bytes in sendpacket.c:sendpacket_open_pf() line 690 sending out eth0 processing file: fixed_checksums2.pcap DEBUG5 in tcpdump.c:tcpdump_open() line 173: Opening tcpdump debug file: tcpdump.debug DEBUG2 in tcpdump.c:tcpdump_open() line 183: Prepping tcpdump options... DEBUG2 in tcpdump.c:tcpdump_fill_in_options() line 328: [child] Will execute: tcpdump -n -l -r - DEBUG5 in utils.c:_our_safe_malloc() line 66: Malloc'd 3 bytes in tcpdump.c:tcpdump_fill_in_options() line 336 DEBUG5 in utils.c:_our_safe_malloc() line 66: Malloc'd 3 bytes in tcpdump.c:tcpdump_fill_in_options() line 350 DEBUG5 in utils.c:_our_safe_malloc() line 66: Malloc'd 3 bytes in tcpdump.c:tcpdump_fill_in_options() line 350 DEBUG2 in tcpdump.c:tcpdump_open() line 186: Starting tcpdump... DEBUG2 in tcpdump.c:tcpdump_open() line 200: tcpdump pid: 29932 DEBUG2 in tcpdump.c:tcpdump_open() line 204: [parent] closing input fd 7 DEBUG2 in tcpdump.c:tcpdump_open() line 206: [parent] closing output fd 9 DEBUG2 in tcpdump.c:tcpdump_open() line 200: tcpdump pid: 0 DEBUG2 in tcpdump.c:tcpdump_open() line 227: [child] started the kid DEBUG2 in tcpdump.c:tcpdump_open() line 230: [child] closing in fd 6 DEBUG2 in tcpdump.c:tcpdump_open() line 231: [child] closing out fd 8 DEBUG2 in tcpdump.c:tcpdump_open() line 250: [child] Exec'ing tcpdump... reading from file -, link-type EN10MB (Ethernet) DEBUG2 in send_packets.c:send_packets() line 138: packet 1 caplen 74 Fatal Error in tcpdump.c:tcpdump_print() line 135: poll() timeout... tcpdump seems to be having a problem keeping up Try increasing TCPDUMP_POLL_TIMEOUT tcpdump: pcap_loop: truncated dump file; tried to read 77746 captured bytes, only got 82 I have tried bridging the connection to a dummy interface as suggested here: http://unix.stackexchange.com/questions/152331/how-can-i- create-a-virtual-ethernet-interface-on-a-machine-without-a-physical-ad But no luck. Can anyone help?
------------------------------------------------------------------------------
_______________________________________________ Tcpreplay-users mailing list Tcpreplay-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tcpreplay-users Support Information: http://tcpreplay.synfin.net/trac/wiki/Support
