123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300 |
- /* $Id$ */
- /*
- * Copyright (c) 2001-2010 Aaron Turner <aturner at synfin dot net>
- * Copyright (c) 2013-2018 Fred Klassen <tcpreplay at appneta dot com> - AppNeta
- *
- * The Tcpreplay Suite of tools is free software: you can redistribute it
- * and/or modify it under the terms of the GNU General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or with the authors permission any later version.
- *
- * The Tcpreplay Suite is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with the Tcpreplay Suite. If not, see <http://www.gnu.org/licenses/>.
- */
- autogen definitions options;
- copyright = {
- date = "2000-2018";
- owner = "Aaron Turner and Fred Klassen";
- eaddr = "tcpreplay-users@lists.sourceforge.net";
- type = gpl;
- author = <<- EOText
- Copyright 2013-2018 Fred Klassen - AppNeta
- Copyright 2000-2012 Aaron Turner
- For support please use the tcpreplay-users@lists.sourceforge.net mailing list.
- The latest version of this software is always available from:
- http://tcpreplay.appneta.com/
- EOText;
- };
- package = "tcprewrite";
- prog-name = "tcprewrite";
- prog-title = "Rewrite the packets in a pcap file.";
- long-opts;
- gnu-usage;
- help-value = "H";
- save-opts-value = "";
- load-opts-value = "";
- config-header = "config.h";
- #include tcpedit/tcpedit_opts.def
- detail = <<- EOText
- Tcprewrite is a tool to rewrite packets stored in @file{pcap(3)} file format,
- such as created by tools such as @file{tcpdump(1)} and @file{ethereal(1)}.
- Once a pcap file has had it's packets rewritten, they can be replayed back
- out on the network using @file{tcpreplay(1)}.
- tcprewrite currently supports reading the following DLT types:
- @item
- @var{DLT_C_HDLC} aka Cisco HDLC
- @item
- @var{DLT_EN10MB} aka Ethernet
- @item
- @var{DLT_LINUX_SLL} aka Linux Cooked Socket
- @item
- @var{DLT_RAW} aka RAW IP
- @item
- @var{DLT_NULL} aka BSD Loopback
- @item
- @var{DLT_LOOP} aka OpenBSD Loopback
- @item
- @var{DLT_IEEE802_11} aka 802.11a/b/g
- @item
- @var{DLT_IEEE802_11_RADIO} aka 802.11a/b/g with Radiotap headers
- @item
- @var{DLT_JUNIPER_ETHER} aka Juniper Encapsulated Ethernet
- @item
- @var{DLT_PPP_SERIAL} aka PPP over Serial
- Please see the --dlt option for supported DLT types for writing.
- The packet editing features of tcprewrite which distinguish between "client"
- and "server" traffic requires a tcpprep(1) cache file.
- For more details, please see the Tcpreplay Manual at:
- http://tcpreplay.appneta.com
- EOText;
- man-doc = <<- EOMan
- .SH "SEE ALSO"
- tcpdump(1), tcpbridge(1), tcpreplay(1), tcpprep(1), tcpcapinfo(1)
- EOMan;
- config-header = "config.h";
- include = "#include \"defines.h\"\n"
- "#include \"common.h\"\n"
- "#include \"config.h\"\n"
- "#include \"tcprewrite.h\"\n"
- "#include <stdlib.h>\n"
- "#include <string.h>\n"
- "extern tcprewrite_opt_t options;\n";
- homerc = "$$/";
- flag = {
- ifdef = DEBUG;
- name = dbug;
- value = d;
- arg-type = number;
- descrip = "Enable debugging output";
- arg-range = "0->5";
- arg-default = 0;
- max = 1;
- immediate;
- doc = <<- EOText
- If configured with --enable-debug, then you can specify a verbosity
- level for debugging output. Higher numbers increase verbosity.
- EOText;
- };
- flag = {
- name = infile;
- value = i;
- arg-type = string;
- descrip = "Input pcap file to be processed";
- max = 1;
- immediate;
- must-set;
- doc = "";
- };
- flag = {
- name = outfile;
- value = o;
- arg-type = string;
- descrip = "Output pcap file";
- max = 1;
- must-set;
- doc = "";
- /* options.outfile is set in post_args, because we need to make
- * sure that options.infile is processed first
- */
- };
- flag = {
- name = cachefile;
- value = c;
- arg-type = string;
- max = 1;
- descrip = "Split traffic via tcpprep cache file";
- settable;
- flag-code = <<- EOCachefile
- options.cache_packets =
- read_cache(&options.cachedata, OPT_ARG(CACHEFILE), &options.comment);
- EOCachefile;
- doc = <<- EOText
- Use tcpprep cache file to split traffic based upon client/server relationships.
- EOText;
- };
- /* Verbose decoding via tcpdump */
- flag = {
- ifdef = ENABLE_VERBOSE;
- name = verbose;
- value = v;
- max = 1;
- immediate;
- descrip = "Print decoded packets via tcpdump to STDOUT";
- settable;
- doc = "";
- };
- flag = {
- ifdef = ENABLE_VERBOSE;
- name = decode;
- flags-must = verbose;
- value = A;
- arg-type = string;
- max = 1;
- descrip = "Arguments passed to tcpdump decoder";
- doc = <<- EOText
- When enabling verbose mode (@var{-v}) you may also specify one or
- more additional arguments to pass to @code{tcpdump} to modify
- the way packets are decoded. By default, -n and -l are used.
- Be sure to quote the arguments so that they are not interpreted
- by tcprewrite. Please see the tcpdump(1) man page for a complete list of
- options.
- EOText;
- };
- /* Fragroute */
- flag = {
- ifdef = ENABLE_FRAGROUTE;
- name = fragroute;
- arg-type = string;
- max = 1;
- descrip = "Parse fragroute configuration file";
- doc = <<- EOText
- Enable advanced evasion techniques using the built-in fragroute(8)
- engine. See the fragroute(8) man page for more details. Important:
- tcprewrite does not support the delay, echo or print commands.
- EOText;
- };
- flag = {
- ifdef = ENABLE_FRAGROUTE;
- name = fragdir;
- flags-must = cachefile;
- arg-type = string;
- max = 1;
- descrip = "Which flows to apply fragroute to: c2s, s2c, both";
- doc = <<- EOText
- Apply the fragroute engine to packets going c2s, s2c or both when
- using a cache file.
- EOText;
- };
- flag = {
- name = skip-soft-errors;
- max = 1;
- descrip = "Skip writing packets with soft errors";
- doc = <<- EOText
- In some cases, packets can not be decoded or the requested editing
- is not possible. Normally these packets are written to the output
- file unedited so that tcpprep cache files can still be used, but if
- you wish, these packets can be suppressed.
- One example of this is 802.11 management frames which contain no data.
- EOText;
- };
- flag = {
- name = version;
- value = V;
- descrip = "Print version information";
- flag-code = <<- EOVersion
- fprintf(stderr, "tcprewrite version: %s (build %s)", VERSION, git_version());
- #ifdef DEBUG
- fprintf(stderr, " (debug)");
- #endif
- fprintf(stderr, "\n");
- fprintf(stderr, "Copyright 2013-2018 by Fred Klassen <tcpreplay at appneta dot com> - AppNeta\n");
- fprintf(stderr, "Copyright 2000-2012 by Aaron Turner <aturner at synfin dot net>\n");
- fprintf(stderr, "The entire Tcpreplay Suite is licensed under the GPLv3\n");
- fprintf(stderr, "Cache file supported: %s\n", CACHEVERSION);
- #ifdef HAVE_LIBDNET
- fprintf(stderr, "Compiled against libdnet: %s\n", LIBDNET_VERSION);
- #else
- fprintf(stderr, "Not compiled with libdnet.\n");
- #endif
- #ifdef HAVE_WINPCAP
- fprintf(stderr, "Compiled against winpcap: %s\n", get_pcap_version());
- #elif defined HAVE_PF_RING_PCAP
- fprintf(stderr, "Compiled against PF_RING libpcap: %s\n", get_pcap_version());
- #else
- fprintf(stderr, "Compiled against libpcap: %s\n", get_pcap_version());
- #endif
- #ifdef ENABLE_64BITS
- fprintf(stderr, "64 bit packet counters: enabled\n");
- #else
- fprintf(stderr, "64 bit packet counters: disabled\n");
- #endif
- #ifdef ENABLE_VERBOSE
- fprintf(stderr, "Verbose printing via tcpdump: enabled\n");
- #else
- fprintf(stderr, "Verbose printing via tcpdump: disabled\n");
- #endif
- #ifdef ENABLE_FRAGROUTE
- fprintf(stderr, "Fragroute engine: enabled\n");
- #else
- fprintf(stderr, "Fragroute engine: disabled\n");
- #endif
- exit(0);
- EOVersion;
- doc = "";
- };
- flag = {
- name = less-help;
- value = h;
- immediate;
- descrip = "Display less usage information and exit";
- flag-code = <<- EOHelp
- USAGE(EXIT_FAILURE);
- EOHelp;
- doc = "";
- };
|