tcpreplay/src/tcprewrite_opts.def

autogen definitions options;

copyright = {
    date        = "2004-2005";
    owner       = "Aaron Turner";
    type        = "bsd";
    author      = <<- EOText
Copyright 2004-2005 Aaron Turner

For support please use the tcpreplay-users@lists.sourceforge.net mailing list.
EOText;
};

package         = "tcprewrite";
prog-name       = "tcprewrite";
prog-title      = "Rewrite the packets in a pcap file.";
long-opts;
gnu-usage;
help-value      = "H";
save-opts-value = "";
load-opts-value = "";

detail		= <<- EOText
Tcprewrite is a tool to rewrite packets stored in @file{pcap(3)} file format, such
as crated by tools such as @file{tcpdump(1)} and @file{ethereal(1)}.  Once a pcap 
file has had it's packets rewritten, they can be replayed back out on the network
using @file{tcpreplay(1)}.

tcprewrite currently supports the following DLT types:
    * DLT_C_HDLC
    * DLT_EN10MB
    * DLT_LINUX_SSL
    * DLT_RAW

The packet editing features of tcprewrite which distinguish between "client"
and "server" traffic requires a tcpprep(1) cache file.
EOText;

man-doc = <<- EOMan
.SH "SEE ALSO"
tcpdump(1), tcpprep(1), tcpreplay(1)
EOMan;


config-header   = "config.h";
include         = "#include \"defines.h\"\n"
                "#include \"common.h\"\n"
                "#include \"tcprewrite.h\"\n"
                "#include \"mac.h\"\n"
                "extern char pcap_version[];\n"
                "extern tcprewrite_opt_t options;\n";

homerc          = "$$/";


flag = {
    name        = dbug;
    value       = d;
    arg-type    = number;
    descrip     = "Enable debugging output";
    arg-range   = "0->5";
    arg-default = 0;
    max         = 1;
    immediate;
    doc         = <<- EOText
If configured with --enable-debug, then you can specify a verbosity 
level for debugging output.  Higher numbers increase verbosity.
EOText;
};


flag = {
    name        = dmac;
    value       = D;
    arg-type    = string;
    max         = 1;
    descrip     = "Rewrite destination MAC addresses";
    flag-code   = <<- EODmac

    int mask = 0;    

    mask = dualmac2hex(OPT_ARG(DMAC), options.intf1_dmac, options.intf2_dmac,
                strlen(OPT_ARG(DMAC)));

    options.mac_mask ^= (mask << 2);

EODmac;
    doc         = <<- EOText
Takes a pair of comma deliminated ethernet MAC addresses which
will replace the destination MAC address of outbound packets.
The first MAC address will be used for the server traffic
and the optional second MAC address will be used for the client
traffic.

Example:
@example
--dmac 00:12:13:14:15:16,00:22:33:44:55:66
@end example
EOText;
};


flag = {
    name        = smac;
    value       = S;
    arg-type    = string;
    max         = 1;
    descrip     = "Rewrite source MAC addresses";
    flag-code   = <<- EOSmac
    
    int mask = 0;
    mask =  dualmac2hex(OPT_ARG(SMAC), options.intf1_smac, options.intf2_smac,
                strlen(OPT_ARG(SMAC)));

    options.mac_mask ^= mask;

EOSmac;
  doc         = <<- EOText
Takes a pair of comma deliminated ethernet MAC addresses which
will replace the source MAC address of outbound packets.
The first MAC address will be used for the server traffic
and the optional second MAC address will be used for the client traffic.

Example:
@example
--smac 00:12:13:14:15:16,00:22:33:44:55:66
@end example
EOText;
};

flag = {
	name		= proto;
	value		= P;
	arg-type	= number;
	max			= 1;
	descrip		= "Override L2 protocol type for DLT_RAW";
	arg-range	= "0->65535";
	doc			= <<- EOText
By default, pcap files encapsulated using DLT_RAW will have their protocol
set to ETHERTYPE_IP (0x0800). 
EOText;
};
	
flag = {
    name        = dlink;
    value       = l;
    arg-type    = string;
    max         = 2;
    descrip     = "Rewrite Data-Link layer with specified data";
    flag-code   = <<- EODlink

    static int count = 1;
    
    options.l2.enabled = 1;
    
    if (count == 1) {
        options.l2.len = read_hexstring(OPT_ARG(DLINK), options.l2.data1, L2DATALEN);
        /* 
         * preemtively copy over our data1[] to data2[] if user doesn't specify 
         * any data2[] data
         */
        memcpy(options.l2.data2, options.l2.data1, options.l2.len);
        count ++;
    } else {
        if (options.l2.len != read_hexstring(OPT_ARG(DLINK), options.l2.data2, L2DATALEN))
            err(1, "Layer2 data for both interfaces must be the same length");
    }

EODlink;
    doc         = <<- EOText
Provide a series of comma deliminated hex values which will be
used to rewrite or create the Layer 2 header of the packets.
The first instance of this argument will rewrite both server
and client traffic, but if this argument is specified a second
time, it will be used for the client traffic.

Example:
@example
--dlink 01,02,03,04,05,06,00,11,22,33,44,55,66,08,00
@end example
EOText;
};

flag = {
    name        = portmap;
    value       = r;
    arg-type    = string;
    max         = 1;
    descrip     = "Rewrite TCP/UDP ports";
    flag-code   = <<- EOPortmap

EOPortmap;
    doc         = <<- EOText
Specify a list of comma delimited port mappingings consisting of 
colon delimited port number pairs.  Each colon delimited port pair
consists of the port to match followed by the port number to rewrite.

Example:
@example
--portmap 80:8000,8080:80
@end example
EOText;
};


flag = {
    name        = seed;
    value       = s;
    arg-type    = number;
    descrip     = "Randomize src/dst IP addresses w/ given seed";
    max         = 1;
    doc         = <<- EOText
Causes the source and destination IP addresses to be pseudo 
randomized but still maintain client/server relationships.
Since the randomization is deterministic based on the seed, 
you can reuse the same seed value to recreate the traffic.
EOText; 
};


flag = {
    name        = pnat;
    value       = N;
    arg-type    = string;
    max         = 2;
    descrip     = "Rewrite IP addresses using pseudo-NAT";
    flag-code   = <<- EOPnat
    
    static int count = 1;

    options.rewrite_ip ++;
    
    if (count == 1) {
        if (! parse_cidr_map(&options.cidrmap1, OPT_ARG(PNAT)))
            errx(1, "Unable to parse primary pseudo-NAT: %s", OPT_ARG(PNAT));
        count ++;
    } else {
        if (! parse_cidr_map(&options.cidrmap2, OPT_ARG(PNAT)))
            errx(1, "Unable parse secondary pseudo-NAT: %s", OPT_ARG(PNAT));
    }

EOPnat;
    doc         = <<- EOText
Takes a comma delimited series of colon delimited CIDR
netblock pairs.  Each netblock pair is evaluated in order against
the IP addresses.  If the IP address in the packet matches the
first netblock, it is rewriten using the second netblock as a
mask against the high order bits.

Example:
@example
--pnat 192.168.0.0/16:10.77.0.0/16,172.16.0.0/12:10.1.0.0/24
@end example
EOText; 
};


flag = {
    name        = endpoints;
    value       = e;
    arg-type    = string;
    max         = 1;
    descrip     = "Rewrite IP addresses to be between two endpoints";
    doc         = <<- EOText
Takes a pair of colon delimited IP addresses which will be used to rewrite
all traffic to appear to be between the two IP's.

Example:
@example
--endpoints 172.16.0.1:172.16.0.2
@end example
EOText;
};

flag = {
    name        = fixcsum;
    value       = C;
    descrip     = "Force recalculation of IP/TCP/UDP checksums";
    flag-code   = <<- EOFixcsum
  
    options.fixcsum = 1;

EOFixcsum;
    doc         = <<- EOText
Causes each IP packet to have it's checksums recalcualted and
fixed.  Automatically enabled for packets modified with @samp{--seed}, 
@samp{--pnat}, @samp{--endpoints} or @samp{--fixlen}.
EOText;
};

flag = {
    name        = infile;
    value       = i;
    arg-type    = string;
    descrip     = "Input pcap file to be processed";
    max         = 1;
    immediate;
    must-set;
    flag-code   = <<- EOInfile
    
    char ebuf[PCAP_ERRBUF_SIZE];
    options.infile = safe_strdup(OPT_ARG(INFILE));

    if ((options.pin = pcap_open_offline(options.infile, ebuf)) == NULL)
        errx(1, "Unable to open input pcap file: %s", ebuf);

EOInfile;
    doc         = "";
};

flag = {
    name        = outfile;
    value       = o;
    arg-type    = string;
    descrip     = "Output pcap file";
    max         = 1;
    must-set;
    doc		    = "";
};

flag = {
    name        = cachefile;
    value       = c;
    arg-type    = string;
    max         = 1;
    descrip     = "Split traffic via tcpprep cache file";
    settable;
    flag-code   = <<- EOCachefile
    
    options.cache_packets = 
        read_cache(&options.cachedata, OPT_ARG(CACHEFILE), &options.comment);

EOCachefile;    
    doc         = <<- EOText
Use tcpprep cache file to split traffic based upon client/server relationships.
EOText;
};

flag = {
    name        = mtu;
    value       = m;
    arg-type    = number;
    max         = 1;
    arg-range   = "1->MAXPACKET";
    default     = DEFAULT_MTU;
    descrip     = "Override default MTU length (1500 bytes)";
    doc         = <<- EOText
Override the default 1500 byte MTU size for determining the maximum padding length.
EOText;
};

flag = {
    name        = efcs;
    value       = E;
    descrip     = "Remove Ethernet checksums (FCS) from end of frames";
    flag-code   = <<- EOEfcs
    
    options.efcs = 1;

EOEfcs;
    doc         = <<- EOText
EOText;
};

flag = {
    name        = fixlen;
    value       = F;
    descrip     = "Pad or truncate packet data to match header length";
    max         = 1;
    arg-type    = string;
    flag-code   = <<- EOFixlen

    if (strcmp(OPT_ARG(FIXLEN), "pad") == 0) {
        options.fixlen = FIXLEN_PAD;
    } else if (strcmp(OPT_ARG(FIXLEN), "trunc") == 0) {
        options.fixlen = FIXLEN_TRUNC;
    } else {
        errx(1, "Invalid fixlen argument '%s'.  Must be 'trunc' or 'pad'", OPT_ARG(FIXLEN));
    }

EOFixlen;
    doc         = <<- EOText
Packets may be truncated during capture if the snaplen is smaller then the
packet.  This option allows you to modify the packet to pad the packet back
out to the size stored in the IPv4 header or rewrite the IP header total length
to reflect the stored packet length.
@table @bullet
@item
@var{pad}
Truncated packets will be padded out so that the packet length matches the 
IPv4 total length
@item
@var{trunc}
Truncated packets will have their IPv4 total length field rewritten to match
the actual packet length
EOText;
};

/* rewrite 802.1q vlan tags */
flag = {
    name        = vlan;
    value       = T;
    max         = 1;
    descrip     = "Specify 802.1q VLAN tag mode";
    arg-type    = string;
    flag-code   = <<- EOVlan

    if (strcmp(OPT_ARG(VLAN), "add") == 0) {
        options.vlan = VLAN_ADD;
    } else if (strcmp(OPT_ARG(VLAN), "del") == 0) {
        options.vlan = VLAN_DEL;
    } else {
        errx(1, "Invalid vlan argument '%s'.  Must be 'add' or 'del'", OPT_ARG(VLAN));
    }

EOVlan;
    doc         = <<- EOText
Allows you to rewrite ethernet frames to add a 802.1q header to standard 802.3
ethernet headers or remove the 802.1q VLAN tag information.
@table @bullet
@item
@var{add}
Rewrites the existing 802.3 ethernet header as an 802.1q VLAN header
@item
@var{del}
Rewrites the existing 802.1q VLAN header as an 802.3 ethernet header
EOText;
};

flag = {
    name        = vlan_tag;
    value       = t;
    max         = 1;
    descrip     = "Specify the new 802.1q VLAN tag value";
    arg-type    = number;
    flags-must  = vlan;
    arg-range   = "0->4095"; /* VID's are 12bit unsigned int's */
    doc         = "";
};

flag = {
    name        = vlan_cfi;
    value       = c;
    max         = 1;
    descrip     = "Specify the 802.1q VLAN CFI value";
    arg-type    = number;
    flags-must  = vlan;
    arg-range   = "0->1"; /* one bit */
    doc         = "";
};

flag = {
    name        = vlan_pri;
    value       = p;
    max         = 1;
    descrip     = "Specify the 802.1q VLAN priority";
    flags-must  = vlan;
    arg-type    = number;
    arg-range   = "0->7"; /* one byte */
    doc         = "";
};

/* Verbose decoding via tcpdump */

flag = {
    ifdef       = HAVE_TCPDUMP;
    name        = verbose;
    value       = v;
    max         = 1;
    immediate;
    descrip     = "Print decoded packets via tcpdump to STDOUT";
    settable;
    doc         = "";
};

flag = {
    ifdef       = HAVE_TCPDUMP;
    name        = decode;
    flags-must  = verbose;
    value       = A;
    arg-type    = string;
    max         = 1;
    descrip     = "Arguments passed to tcpdump decoder";
    doc         = <<- EOText
When enabling verbose mode (@var{-v}) you may also specify one or
more additional arguments to pass to @code{tcpdump} to modify
the way packets are decoded.  By default, -n and -l are used.
Be sure to quote the arguments so that they are not interpreted
by tcprewrite.  The following arguments are valid:
    [ -aAeNqRStuvxX ]
    [ -E spi@ipaddr algo:secret,... ]
    [ -s snaplen ]
EOText;
};


flag = {
    name        = version;
    value       = V;
    descrip     = "Print version information";
    flag-code   = <<- EOVersion
    
    fprintf(stderr, "tcprewrite version: %s (build %s)", VERSION, svn_version());
#ifdef DEBUG
    fprintf(stderr, " (debug)");
#endif
    fprintf(stderr, "\n");
	fprintf(stderr, "Copyright 2001-2005 by Aaron Turner <aturner@pobox.com>\n");
    fprintf(stderr, "Cache file supported: %s\n", CACHEVERSION);
    fprintf(stderr, "Compiled against libnet: %s\n", LIBNET_VERSION);
    fprintf(stderr, "Compiled against libpcap: %s\n", pcap_version);
#ifdef ENABLE_64BITS
    fprintf(stderr, "64 bit packet counters: enabled\n");
#else
    fprintf(stderr, "64 bit packet counters: disabled\n");
#endif
    exit(0);
    
EOVersion;
    doc         = "";
};

flag = {
    name        = less-help;
    value       = h;
    immediate;
    descrip     = "Display less usage information and exit";
    flag-code   = <<- EOHelp
  
    USAGE(EXIT_FAILURE);

EOHelp;
    doc         = "";
};