123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534 |
- autogen definitions options;
- copyright = {
- date = "2004-2005";
- owner = "Aaron Turner";
- type = "bsd";
- author = <<- EOText
- Copyright 2004-2005 Aaron Turner
- For support please use the tcpreplay-users@lists.sourceforge.net mailing list.
- EOText;
- };
- package = "tcprewrite";
- prog-name = "tcprewrite";
- prog-title = "Rewrite the packets in a pcap file.";
- long-opts;
- gnu-usage;
- help-value = "H";
- save-opts-value = "";
- load-opts-value = "";
- detail = <<- EOText
- Tcprewrite is a tool to rewrite packets stored in @file{pcap(3)} file format, such
- as crated by tools such as @file{tcpdump(1)} and @file{ethereal(1)}. Once a pcap
- file has had it's packets rewritten, they can be replayed back out on the network
- using @file{tcpreplay(1)}.
- tcprewrite currently supports the following DLT types:
- * DLT_C_HDLC
- * DLT_EN10MB
- * DLT_LINUX_SSL
- * DLT_RAW
- The packet editing features of tcprewrite which distinguish between "client"
- and "server" traffic requires a tcpprep(1) cache file.
- EOText;
- man-doc = <<- EOMan
- .SH "SEE ALSO"
- tcpdump(1), tcpprep(1), tcpreplay(1)
- EOMan;
- config-header = "config.h";
- include = "#include \"defines.h\"\n"
- "#include \"common.h\"\n"
- "#include \"tcprewrite.h\"\n"
- "#include \"mac.h\"\n"
- "extern char pcap_version[];\n"
- "extern tcprewrite_opt_t options;\n";
- homerc = "$$/";
- flag = {
- name = dbug;
- value = d;
- arg-type = number;
- descrip = "Enable debugging output";
- arg-range = "0->5";
- arg-default = 0;
- max = 1;
- immediate;
- doc = <<- EOText
- If configured with --enable-debug, then you can specify a verbosity
- level for debugging output. Higher numbers increase verbosity.
- EOText;
- };
- flag = {
- name = dmac;
- value = D;
- arg-type = string;
- max = 1;
- descrip = "Rewrite destination MAC addresses";
- flag-code = <<- EODmac
- int mask = 0;
- mask = dualmac2hex(OPT_ARG(DMAC), options.intf1_dmac, options.intf2_dmac,
- strlen(OPT_ARG(DMAC)));
- options.mac_mask ^= (mask << 2);
- EODmac;
- doc = <<- EOText
- Takes a pair of comma deliminated ethernet MAC addresses which
- will replace the destination MAC address of outbound packets.
- The first MAC address will be used for the server traffic
- and the optional second MAC address will be used for the client
- traffic.
- Example:
- @example
- --dmac 00:12:13:14:15:16,00:22:33:44:55:66
- @end example
- EOText;
- };
- flag = {
- name = smac;
- value = S;
- arg-type = string;
- max = 1;
- descrip = "Rewrite source MAC addresses";
- flag-code = <<- EOSmac
-
- int mask = 0;
- mask = dualmac2hex(OPT_ARG(SMAC), options.intf1_smac, options.intf2_smac,
- strlen(OPT_ARG(SMAC)));
- options.mac_mask ^= mask;
- EOSmac;
- doc = <<- EOText
- Takes a pair of comma deliminated ethernet MAC addresses which
- will replace the source MAC address of outbound packets.
- The first MAC address will be used for the server traffic
- and the optional second MAC address will be used for the client traffic.
- Example:
- @example
- --smac 00:12:13:14:15:16,00:22:33:44:55:66
- @end example
- EOText;
- };
- flag = {
- name = proto;
- value = P;
- arg-type = number;
- max = 1;
- descrip = "Override L2 protocol type for DLT_RAW";
- arg-range = "0->65535";
- doc = <<- EOText
- By default, pcap files encapsulated using DLT_RAW will have their protocol
- set to ETHERTYPE_IP (0x0800).
- EOText;
- };
-
- flag = {
- name = dlink;
- value = l;
- arg-type = string;
- max = 2;
- descrip = "Rewrite Data-Link layer with specified data";
- flag-code = <<- EODlink
- static int count = 1;
-
- options.l2.enabled = 1;
-
- if (count == 1) {
- options.l2.len = read_hexstring(OPT_ARG(DLINK), options.l2.data1, L2DATALEN);
- /*
- * preemtively copy over our data1[] to data2[] if user doesn't specify
- * any data2[] data
- */
- memcpy(options.l2.data2, options.l2.data1, options.l2.len);
- count ++;
- } else {
- if (options.l2.len != read_hexstring(OPT_ARG(DLINK), options.l2.data2, L2DATALEN))
- err(1, "Layer2 data for both interfaces must be the same length");
- }
- EODlink;
- doc = <<- EOText
- Provide a series of comma deliminated hex values which will be
- used to rewrite or create the Layer 2 header of the packets.
- The first instance of this argument will rewrite both server
- and client traffic, but if this argument is specified a second
- time, it will be used for the client traffic.
- Example:
- @example
- --dlink 01,02,03,04,05,06,00,11,22,33,44,55,66,08,00
- @end example
- EOText;
- };
- flag = {
- name = portmap;
- value = r;
- arg-type = string;
- max = 1;
- descrip = "Rewrite TCP/UDP ports";
- flag-code = <<- EOPortmap
- EOPortmap;
- doc = <<- EOText
- Specify a list of comma delimited port mappingings consisting of
- colon delimited port number pairs. Each colon delimited port pair
- consists of the port to match followed by the port number to rewrite.
- Example:
- @example
- --portmap 80:8000,8080:80
- @end example
- EOText;
- };
- flag = {
- name = seed;
- value = s;
- arg-type = number;
- descrip = "Randomize src/dst IP addresses w/ given seed";
- max = 1;
- doc = <<- EOText
- Causes the source and destination IP addresses to be pseudo
- randomized but still maintain client/server relationships.
- Since the randomization is deterministic based on the seed,
- you can reuse the same seed value to recreate the traffic.
- EOText;
- };
- flag = {
- name = pnat;
- value = N;
- arg-type = string;
- max = 2;
- descrip = "Rewrite IP addresses using pseudo-NAT";
- flag-code = <<- EOPnat
-
- static int count = 1;
- options.rewrite_ip ++;
-
- if (count == 1) {
- if (! parse_cidr_map(&options.cidrmap1, OPT_ARG(PNAT)))
- errx(1, "Unable to parse primary pseudo-NAT: %s", OPT_ARG(PNAT));
- count ++;
- } else {
- if (! parse_cidr_map(&options.cidrmap2, OPT_ARG(PNAT)))
- errx(1, "Unable parse secondary pseudo-NAT: %s", OPT_ARG(PNAT));
- }
- EOPnat;
- doc = <<- EOText
- Takes a comma delimited series of colon delimited CIDR
- netblock pairs. Each netblock pair is evaluated in order against
- the IP addresses. If the IP address in the packet matches the
- first netblock, it is rewriten using the second netblock as a
- mask against the high order bits.
- Example:
- @example
- --pnat 192.168.0.0/16:10.77.0.0/16,172.16.0.0/12:10.1.0.0/24
- @end example
- EOText;
- };
- flag = {
- name = endpoints;
- value = e;
- arg-type = string;
- max = 1;
- descrip = "Rewrite IP addresses to be between two endpoints";
- doc = <<- EOText
- Takes a pair of colon delimited IP addresses which will be used to rewrite
- all traffic to appear to be between the two IP's.
- Example:
- @example
- --endpoints 172.16.0.1:172.16.0.2
- @end example
- EOText;
- };
- flag = {
- name = fixcsum;
- value = C;
- descrip = "Force recalculation of IP/TCP/UDP checksums";
- flag-code = <<- EOFixcsum
-
- options.fixcsum = 1;
- EOFixcsum;
- doc = <<- EOText
- Causes each IP packet to have it's checksums recalcualted and
- fixed. Automatically enabled for packets modified with @samp{--seed},
- @samp{--pnat}, @samp{--endpoints} or @samp{--fixlen}.
- EOText;
- };
- flag = {
- name = infile;
- value = i;
- arg-type = string;
- descrip = "Input pcap file to be processed";
- max = 1;
- immediate;
- must-set;
- flag-code = <<- EOInfile
-
- char ebuf[PCAP_ERRBUF_SIZE];
- options.infile = safe_strdup(OPT_ARG(INFILE));
- if ((options.pin = pcap_open_offline(options.infile, ebuf)) == NULL)
- errx(1, "Unable to open input pcap file: %s", ebuf);
- EOInfile;
- doc = "";
- };
- flag = {
- name = outfile;
- value = o;
- arg-type = string;
- descrip = "Output pcap file";
- max = 1;
- must-set;
- doc = "";
- };
- flag = {
- name = cachefile;
- value = c;
- arg-type = string;
- max = 1;
- descrip = "Split traffic via tcpprep cache file";
- settable;
- flag-code = <<- EOCachefile
-
- options.cache_packets =
- read_cache(&options.cachedata, OPT_ARG(CACHEFILE), &options.comment);
- EOCachefile;
- doc = <<- EOText
- Use tcpprep cache file to split traffic based upon client/server relationships.
- EOText;
- };
- flag = {
- name = mtu;
- value = m;
- arg-type = number;
- max = 1;
- arg-range = "1->MAXPACKET";
- default = DEFAULT_MTU;
- descrip = "Override default MTU length (1500 bytes)";
- doc = <<- EOText
- Override the default 1500 byte MTU size for determining the maximum padding length.
- EOText;
- };
- flag = {
- name = efcs;
- value = E;
- descrip = "Remove Ethernet checksums (FCS) from end of frames";
- flag-code = <<- EOEfcs
-
- options.efcs = 1;
- EOEfcs;
- doc = <<- EOText
- EOText;
- };
- flag = {
- name = fixlen;
- value = F;
- descrip = "Pad or truncate packet data to match header length";
- max = 1;
- arg-type = string;
- flag-code = <<- EOFixlen
- if (strcmp(OPT_ARG(FIXLEN), "pad") == 0) {
- options.fixlen = FIXLEN_PAD;
- } else if (strcmp(OPT_ARG(FIXLEN), "trunc") == 0) {
- options.fixlen = FIXLEN_TRUNC;
- } else {
- errx(1, "Invalid fixlen argument '%s'. Must be 'trunc' or 'pad'", OPT_ARG(FIXLEN));
- }
- EOFixlen;
- doc = <<- EOText
- Packets may be truncated during capture if the snaplen is smaller then the
- packet. This option allows you to modify the packet to pad the packet back
- out to the size stored in the IPv4 header or rewrite the IP header total length
- to reflect the stored packet length.
- @table @bullet
- @item
- @var{pad}
- Truncated packets will be padded out so that the packet length matches the
- IPv4 total length
- @item
- @var{trunc}
- Truncated packets will have their IPv4 total length field rewritten to match
- the actual packet length
- EOText;
- };
- /* rewrite 802.1q vlan tags */
- flag = {
- name = vlan;
- value = T;
- max = 1;
- descrip = "Specify 802.1q VLAN tag mode";
- arg-type = string;
- flag-code = <<- EOVlan
- if (strcmp(OPT_ARG(VLAN), "add") == 0) {
- options.vlan = VLAN_ADD;
- } else if (strcmp(OPT_ARG(VLAN), "del") == 0) {
- options.vlan = VLAN_DEL;
- } else {
- errx(1, "Invalid vlan argument '%s'. Must be 'add' or 'del'", OPT_ARG(VLAN));
- }
- EOVlan;
- doc = <<- EOText
- Allows you to rewrite ethernet frames to add a 802.1q header to standard 802.3
- ethernet headers or remove the 802.1q VLAN tag information.
- @table @bullet
- @item
- @var{add}
- Rewrites the existing 802.3 ethernet header as an 802.1q VLAN header
- @item
- @var{del}
- Rewrites the existing 802.1q VLAN header as an 802.3 ethernet header
- EOText;
- };
- flag = {
- name = vlan_tag;
- value = t;
- max = 1;
- descrip = "Specify the new 802.1q VLAN tag value";
- arg-type = number;
- flags-must = vlan;
- arg-range = "0->4095"; /* VID's are 12bit unsigned int's */
- doc = "";
- };
- flag = {
- name = vlan_cfi;
- value = c;
- max = 1;
- descrip = "Specify the 802.1q VLAN CFI value";
- arg-type = number;
- flags-must = vlan;
- arg-range = "0->1"; /* one bit */
- doc = "";
- };
- flag = {
- name = vlan_pri;
- value = p;
- max = 1;
- descrip = "Specify the 802.1q VLAN priority";
- flags-must = vlan;
- arg-type = number;
- arg-range = "0->7"; /* one byte */
- doc = "";
- };
- /* Verbose decoding via tcpdump */
- flag = {
- ifdef = HAVE_TCPDUMP;
- name = verbose;
- value = v;
- max = 1;
- immediate;
- descrip = "Print decoded packets via tcpdump to STDOUT";
- settable;
- doc = "";
- };
- flag = {
- ifdef = HAVE_TCPDUMP;
- name = decode;
- flags-must = verbose;
- value = A;
- arg-type = string;
- max = 1;
- descrip = "Arguments passed to tcpdump decoder";
- doc = <<- EOText
- When enabling verbose mode (@var{-v}) you may also specify one or
- more additional arguments to pass to @code{tcpdump} to modify
- the way packets are decoded. By default, -n and -l are used.
- Be sure to quote the arguments so that they are not interpreted
- by tcprewrite. The following arguments are valid:
- [ -aAeNqRStuvxX ]
- [ -E spi@ipaddr algo:secret,... ]
- [ -s snaplen ]
- EOText;
- };
- flag = {
- name = version;
- value = V;
- descrip = "Print version information";
- flag-code = <<- EOVersion
-
- fprintf(stderr, "tcprewrite version: %s (build %s)", VERSION, svn_version());
- #ifdef DEBUG
- fprintf(stderr, " (debug)");
- #endif
- fprintf(stderr, "\n");
- fprintf(stderr, "Copyright 2001-2005 by Aaron Turner <aturner@pobox.com>\n");
- fprintf(stderr, "Cache file supported: %s\n", CACHEVERSION);
- fprintf(stderr, "Compiled against libnet: %s\n", LIBNET_VERSION);
- fprintf(stderr, "Compiled against libpcap: %s\n", pcap_version);
- #ifdef ENABLE_64BITS
- fprintf(stderr, "64 bit packet counters: enabled\n");
- #else
- fprintf(stderr, "64 bit packet counters: disabled\n");
- #endif
- exit(0);
-
- EOVersion;
- doc = "";
- };
- flag = {
- name = less-help;
- value = h;
- immediate;
- descrip = "Display less usage information and exit";
- flag-code = <<- EOHelp
-
- USAGE(EXIT_FAILURE);
- EOHelp;
- doc = "";
- };
|