Hi guys, Anyone plz confirm if it is necessary to install same version of WinCollect agent on windows hosts as the version installed in console? If yes, then how can I find which version is installed in console? I run the rpm search and it gives me a noarch number like AGENT-WINCOLLECT-7.4-2157. If detected, the network driver is bypassed for the execution duration of tcpreplay and tcpreplay-edit, and network buffers will be written to directly. This will allow you to achieve full line rates on commodity network adapters, similar to rates achieved by commercial network traffic generators. Tcpreplay is a suite of GPLv3 licensed utilities for UNIX (and Win32 under Cygwin) operating systems for editing and replaying network traffic which was previously captured by tools like tcpdump and Ethereal/Wireshark. Tcpreplay is a suite of free Open Source utilities for editing and replaying previously captured network traffic. Originally designed to replay malicious traffic patterns to Intrusion Detection/Prevention Systems, it has seen many evolutions including capabilities to replay to web servers.
- Downloads
- Installation
Downloads
Download Releases for Users
- Latest release:
- Previous release:
- Old Win32 release
- Note that Windows is not supported by the maintainer
Download Source for Developers
Compiling source from GitHub has more requirements than compiling a release.Specifically you must have AutoGen installed. If you plan to contribute you musthave AutoGen version 5.16.2, otherwise your pull requestsmay be rejected.
If you want to help develop Tcpreplay visit our Developer Wiki.
- Download via GitHub
git clone https://github.com/appneta/tcpreplay- Or if you plan to contribute someday simply fork the repo and submit a pull request whenyou are ready to share your changes with us
- Or download the latest master tarball
- Note that master is always production ready, but not necessarily the latest stable release. See GitHub networkto see the state of master
Installation
Simple directions for Unix users
You will need to compile the source code, but first you must ensure that you havecompiling tools and prerequisite software installed. For example, on a baseUbuntu or Debian system you may need to do the following:
Next extract tarball, change to root directory, then do:
Optionally you can run the tests to ensure that your installation isfully functional:
Installation Video
Build netmap feature
This feature will detect netmapcapable network drivers on Linux and BSDsystems. If detected, the network driver is bypassed for the executionduration of tcpreplay and tcpreplay-edit, and network buffers will bewritten to directly. This will allow you to achieve full line rates oncommodity network adapters, similar to rates achieved by commercial networktraffic generators.
Note that bypassing the network driver will disrupt other applicationsconnected through the test interface. For example, you may see interruptionswhile testing on the same interface you ssh’ed into.
FreeBSD 10 and higher already contains netmap capabilities and will be detectedby configure. To enable netmap on the system you will need torecompile the kernel with device netmap included.
For Linux, download latest and install netmap from http://info.iet.unipi.it/~luigi/netmap/If you extracted netmap into /usr/src/ or /usr/local/src you can build without extraconfigure options. Otherwise you will must specify the netmap source directory, for example:
You can also find netmap source at http://code.google.com/p/netmap/
Netmap Installation Video
Advanced Options
There are quite a few configure time options for tcpreplay which allow you to control a lotof things. Some of the more interesting ones are:
- –enable-debug – useful for debugging bugs and crashes.
- –enable-64bits – use 64 bit counters to handle large pcap files & looping
- –enable-libnet – link to libnet. Note that libnet support has been deprecated due tovarious bugs which have not been fixed in over a year.
- –with-libnet – specify root path to libnet (something like –with-libnet=/usr/local)
- –with-libpcap – specify root path to libpcap
- –with-netmap – specify root path to netmap
- –with-tcpdump – specify path to tcpdump executable
- –enable-tcpreplay-edit – compile tcpreplay with packet editing support
You can also manually select a particular method to inject packets:
- –enable-force-pf – force tcpreplay to use Linux’s PF_PACKET to send packets
- –enable-force-bpf – force tcpreplay to use Free/Net?/OpenBSD or OS X’s BPF interfaceto send packets
- –enable-force-libnet – force tcpreplay to use Libnet to send packets
- –enable-force-inject – force tcpreplay to use Libpcap’s pcap_inject() API to send packets
- –enable-force-sendpacket – force tcpreplay to use Libpcap’s pcap_sendpacket() APIto send packets
If you’re having compatibility issues with a system-installed GNU Autogen,you may want to consider these options:
- –disable-local-libopts – Don’t use the libopts tearoff supplied with tcpreplay(default is enabled)
- –disable-libopts-install – don’t install the libopts library files
Special Instructions for Windows
Consider Windows support for Tcpreplay is experimental - beta quality if you will.We strongly recommend you read the page about how to get support for Tcpreplay.
With that said, you’ll need Cygwin to compile/run tcpreplay. You’ll also need to installWinpcap - the port of libpcap for Windows. For whatever reason, it seems importantthat you install the Winpcap files in the Cygwin root directory (/Wpdpack).
Be sure to install both the driver and DLL files AND developer pack.Then when you run./configure, you’ll need to specify the location for Winpcap using the --with-libpcapflag, but use all lowercase: ./configure --with-libpcap=/wpdpack.
After that, for the most part things should just work. There are some caveats; a fewfeatures and make test don’t work, but for the most part they seem to be pretty minor.
How To Install Tcpreplay On Windows 7
For more detailed instructions, see the Win32Readme.txt.
Tcpreplay Tutorial
Note: We’ve been informed that the guile Cygwin package is broken.This horribly breaks parts of GNU Autogen - specifically the parts whichallow you to build Tcpreplay via GitHub. Hence, I strongly recommend grabbinga tarball release.
Need Help?
How To Install Tcpreplay On Windows 10
Having problems? Try asking for help on thetcpreplay-users mailing list or check out the Support section.