123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548 |
- .TH TCPBRIDGE 1 2008-05-15 "(tcpbridge )" "Programmer's Manual"
- .\" DO NOT EDIT THIS FILE (tcpbridge.1)
- .\"
- .\" It has been AutoGen-ed Thursday May 15, 2008 at 08:51:21 AM PDT
- .\" From the definitions tcpbridge_opts.def
- .\" and the template file agman1.tpl
- .\"
- .SH NAME
- tcpbridge \- Bridge network traffic across two interfaces
- .SH SYNOPSIS
- .B tcpbridge
- .\" Mixture of short (flag) options and long options
- .RB [ \-\fIflag\fP " [\fIvalue\fP]]... [" \--\fIopt-name\fP " [[=| ]\fIvalue\fP]]..."
- .PP
- All arguments must be options.
- .PP
- tcpbridge is a tool for selectively briding network traffic across two interfaces
- and optionally modifying the packets in betweeen
- .SH "DESCRIPTION"
- This manual page documents, briefly, the \fBtcpbridge\fP command.
- The basic operation of tcpbridge is to be a network bridge between two
- subnets. All packets received on one interface are sent via the other.
- Optionally, packets can be edited in a variety of ways according to your needs.
- For more details, please see the Tcpreplay Manual at:
- http://tcpreplay.synfin.net/trac/wiki/manual
- .SH OPTIONS
- .SS ""
- .TP
- .BR \-r " \fIstring\fP, " \--portmap "=" \fIstring\fP
- Rewrite TCP/UDP ports.
- This option may appear up to 1 times.
- .sp
- Specify a list of comma delimited port mappingings consisting of
- colon delimited port number pairs. Each colon delimited port pair
- consists of the port to match followed by the port number to rewrite.
- Example:
- .nf
- \--portmap=80:8000,8080:80
- .fi
- .TP
- .BR \-s " \fInumber\fP, " \--seed "=" \fInumber\fP
- Randomize src/dst IP addresses w/ given seed.
- This option may appear up to 1 times.
- This option takes an integer number as its argument.
- .sp
- Causes the source and destination IP addresses to be pseudo
- randomized but still maintain client/server relationships.
- Since the randomization is deterministic based on the seed,
- you can reuse the same seed value to recreate the traffic.
- .TP
- .BR \-N " \fIstring\fP, " \--pnat "=" \fIstring\fP
- Rewrite IP addresses using pseudo-NAT.
- This option may appear up to 2 times.
- This option must not appear in combination with any of the following options:
- srcipmap.
- .sp
- Takes a comma delimited series of colon delimited CIDR
- netblock pairs. Each netblock pair is evaluated in order against
- the IP addresses. If the IP address in the packet matches the
- first netblock, it is rewriten using the second netblock as a
- mask against the high order bits.
- Example:
- .nf
- \--pnat=192.168.0.0/16:10.77.0.0/16,172.16.0.0/12:10.1.0.0/24
- .fi
- .TP
- .BR \-S " \fIstring\fP, " \--srcipmap "=" \fIstring\fP
- Rewrite source IP addresses using pseudo-NAT.
- This option may appear up to 1 times.
- This option must not appear in combination with any of the following options:
- pnat.
- .sp
- Works just like the \--pnat option, but only affects the source IP
- addresses in the IPv4 header.
- .TP
- .BR \-D " \fIstring\fP, " \--dstipmap "=" \fIstring\fP
- Rewrite destination IP addresses using pseudo-NAT.
- This option may appear up to 1 times.
- This option must not appear in combination with any of the following options:
- pnat.
- .sp
- Works just like the \--pnat option, but only affects the destination IP
- addresses in the IPv4 header.
- .TP
- .BR \-e " \fIstring\fP, " \--endpoints "=" \fIstring\fP
- Rewrite IP addresses to be between two endpoints.
- This option may appear up to 1 times.
- This option must appear in combination with the following options:
- cachefile.
- .sp
- Takes a pair of colon delimited IP addresses which will be used to rewrite
- all traffic to appear to be between the two IP's.
- Example:
- .nf
- \--endpoints=172.16.0.1:172.16.0.2
- .fi
- .TP
- .BR \-b ", " \--skipbroadcast
- Skip rewriting broadcast/multicast IP's.
- .sp
- By default \--seed, \--pnat and \--endpoints will rewrite
- broadcast and multicast IP and MAC addresses. Setting this flag
- will keep broadcast/multicast IP and MAC addresses from being rewritten.
- .TP
- .BR \-C ", " \--fixcsum
- Force recalculation of IP/TCP/UDP checksums.
- .sp
- Causes each IP packet to have it's checksums recalcualted and
- fixed. Automatically enabled for packets modified with \fB--seed\fP,
- \fB--pnat\fP, \fB--endpoints\fP or \fB--fixlen\fP.
- .TP
- .BR \-m " \fInumber\fP, " \--mtu "=" \fInumber\fP
- Override default MTU length (1500 bytes).
- This option may appear up to 1 times.
- This option takes an integer number as its argument.
- The value of \fInumber\fP is constrained to being:
- .in +4
- .nf
- .na
- in the range 1 through MAXPACKET
- .fi
- .in -4
- .sp
- Override the default 1500 byte MTU size for determining the maximum padding length.
- .TP
- .BR \-E ", " \--efcs
- Remove Ethernet checksums (FCS) from end of frames.
- .sp
- Note, this option is pretty dangerous! We don't actually check to see if a FCS
- actually exists in the frame, we just blindly delete the last two bytes. Hence,
- you should only use this if you know know that your OS provides the FCS when
- reading raw packets.
- .TP
- .BR \--ttl "=\fIstring\fP"
- Modify the IPv4 TTL.
- .sp
- Allows you to modify the TTL of all the IPv4 packets. Specify a number to hard-code
- the value or +/-value to increase or decrease by the value provided (limited to 1-255).
- Examples:
- .nf
- \--ttl=10
- \--ttl=+7
- \--ttl=-64
- .fi
- .TP
- .BR \-F " \fIstring\fP, " \--fixlen "=" \fIstring\fP
- Pad or truncate packet data to match header length.
- This option may appear up to 1 times.
- .sp
- Packets may be truncated during capture if the snaplen is smaller then the
- packet. This option allows you to modify the packet to pad the packet back
- out to the size stored in the IPv4 header or rewrite the IP header total length
- to reflect the stored packet length.
- .sp 1
- \fBpad\fP
- Truncated packets will be padded out so that the packet length matches the
- IPv4 total length
- .sp 1
- \fBtrunc\fP
- Truncated packets will have their IPv4 total length field rewritten to match
- the actual packet length
- .sp 1
- \fBdel\fP
- Delete the packet
- .TP
- .BR \--skipl2broadcast
- Skip rewriting broadcast/multicast Layer 2 addresses.
- .sp
- By default, editing Layer 2 addresses will rewrite
- broadcast and multicast MAC addresses. Setting this flag
- will keep broadcast/multicast MAC addresses from being rewritten.
- .TP
- .BR \--dlt "=\fIstring\fP"
- Override output DLT encapsulation.
- This option may appear up to 1 times.
- .sp
- By default, no DLT (data link type) conversion will be made.
- To change the DLT type of the output pcap, select one of the following values:
- .sp 1
- \fBenet\fP
- Ethernet aka DLT_EN10MB
- .sp 1
- \fBhdlc\fP
- Cisco HDLC aka DLT_C_HDLC
- .sp 1
- \fBuser\fP
- User specified Layer 2 header and DLT type
- .br
- .TP
- .BR \--enet-dmac "=\fIstring\fP"
- Override destination ethernet MAC addresses.
- This option may appear up to 1 times.
- .sp
- Takes a pair of comma deliminated ethernet MAC addresses which
- will replace the destination MAC address of outbound packets.
- The first MAC address will be used for the server to client traffic
- and the optional second MAC address will be used for the client
- to server traffic.
- Example:
- .nf
- \--enet-dmac=00:12:13:14:15:16,00:22:33:44:55:66
- .fi
- .TP
- .BR \--enet-smac "=\fIstring\fP"
- Override source ethernet MAC addresses.
- This option may appear up to 1 times.
- .sp
- Takes a pair of comma deliminated ethernet MAC addresses which
- will replace the source MAC address of outbound packets.
- The first MAC address will be used for the server to client traffic
- and the optional second MAC address will be used for the client
- to server traffic.
- Example:
- .nf
- \--enet-smac=00:12:13:14:15:16,00:22:33:44:55:66
- .fi
- .TP
- .BR \--enet-vlan "=\fIstring\fP"
- Specify ethernet 802.1q VLAN tag mode.
- This option may appear up to 1 times.
- .sp
- Allows you to rewrite ethernet frames to add a 802.1q header to standard 802.3
- ethernet headers or remove the 802.1q VLAN tag information.
- .sp 1
- \fBadd\fP
- Rewrites the existing 802.3 ethernet header as an 802.1q VLAN header
- .sp 1
- \fBdel\fP
- Rewrites the existing 802.1q VLAN header as an 802.3 ethernet header
- .TP
- .BR \--enet-vlan-tag "=\fInumber\fP"
- Specify the new ethernet 802.1q VLAN tag value.
- This option may appear up to 1 times.
- This option must appear in combination with the following options:
- enet-vlan.
- This option takes an integer number as its argument.
- The value of \fInumber\fP is constrained to being:
- .in +4
- .nf
- .na
- in the range 0 through 4095
- .fi
- .in -4
- .sp
- .TP
- .BR \--enet-vlan-cfi "=\fInumber\fP"
- Specify the ethernet 802.1q VLAN CFI value.
- This option may appear up to 1 times.
- This option must appear in combination with the following options:
- enet-vlan.
- This option takes an integer number as its argument.
- The value of \fInumber\fP is constrained to being:
- .in +4
- .nf
- .na
- in the range 0 through 1
- .fi
- .in -4
- .sp
- .TP
- .BR \--enet-vlan-pri "=\fInumber\fP"
- Specify the ethernet 802.1q VLAN priority.
- This option may appear up to 1 times.
- This option must appear in combination with the following options:
- enet-vlan.
- This option takes an integer number as its argument.
- The value of \fInumber\fP is constrained to being:
- .in +4
- .nf
- .na
- in the range 0 through 7
- .fi
- .in -4
- .sp
- .TP
- .BR \--hdlc-control "=\fInumber\fP"
- Specify HDLC control value.
- This option may appear up to 1 times.
- This option takes an integer number as its argument.
- .sp
- The Cisco HDLC header has a 1 byte "control" field. Apparently this should
- always be 0, but if you can use any 1 byte value.
- .TP
- .BR \--hdlc-address "=\fInumber\fP"
- Specify HDLC address.
- This option may appear up to 1 times.
- This option takes an integer number as its argument.
- .sp
- The Cisco HDLC header has a 1 byte "address" field which has two valid
- values:
- .sp 1
- \fB0x0F\fP
- Unicast
- .sp 1
- \fB0xBF\fP
- Broadcast
- .br
- You can however specify any single byte value.
- .TP
- .BR \--user-dlt "=\fInumber\fP"
- Set output file DLT type.
- This option may appear up to 1 times.
- This option takes an integer number as its argument.
- .sp
- Set the DLT value of the output pcap file.
- .TP
- .BR \--user-dlink "=\fIstring\fP"
- Rewrite Data-Link layer with user specified data.
- This option may appear up to 2 times.
- .sp
- Provide a series of comma deliminated hex values which will be
- used to rewrite or create the Layer 2 header of the packets.
- The first instance of this argument will rewrite both server
- and client traffic, but if this argument is specified a second
- time, it will be used for the client traffic.
- Example:
- .nf
- \--user-dlink=01,02,03,04,05,06,00,1A,2B,3C,4D,5E,6F,08,00
- .fi
- .TP
- .BR \-d " \fInumber\fP, " \--dbug "=" \fInumber\fP
- Enable debugging output.
- This option may appear up to 1 times.
- This option takes an integer number as its argument.
- The value of \fInumber\fP is constrained to being:
- .in +4
- .nf
- .na
- in the range 0 through 5
- .fi
- .in -4
- The default \fInumber\fP for this option is:
- .ti +4
- 0
- .sp
- If configured with \--enable-debug, then you can specify a verbosity
- level for debugging output. Higher numbers increase verbosity.
- .TP
- .BR \-i " \fIstring\fP, " \--intf1 "=" \fIstring\fP
- Primary interface (listen in uni-directional mode).
- This option may appear up to 1 times.
- .sp
- .TP
- .BR \-I " \fIstring\fP, " \--intf2 "=" \fIstring\fP
- Secondary interface (send in uni-directional mode).
- This option may appear up to 1 times.
- .sp
- .TP
- .BR \-u ", " \--unidir
- Send and receive in only one direction.
- This option may appear up to 1 times.
- .sp
- Normally, tcpbridge will send and receive traffic in both directions
- (bi-directionally). However, if you choose this option, traffic will
- be sent uni-directionally.
- .TP
- .BR \-L " \fInumber\fP, " \--limit "=" \fInumber\fP
- Limit the number of packets to send.
- This option may appear up to 1 times.
- This option takes an integer number as its argument.
- The value of \fInumber\fP is constrained to being:
- .in +4
- .nf
- .na
- greater than or equal to 1
- .fi
- .in -4
- The default \fInumber\fP for this option is:
- .ti +4
- \-1
- .sp
- By default, tcpbridge will send packets forever or until Ctrl-C. Alternatively,
- you can specify a maximum number of packets to send.
- .TP
- .BR \-x " \fIstring\fP, " \--include "=" \fIstring\fP
- Include only packets matching rule.
- This option may appear up to 1 times.
- This option must not appear in combination with any of the following options:
- exclude.
- .sp
- Override default of sending all packets stored in the capture file and only
- send packets which match the provided rule. Rules can be one of:
- .sp
- .IR "S:<CIDR1>,... "
- - Source IP must match specified CIDR(s)
- .sp
- .IR "D:<CIDR1>,... "
- - Destination IP must match specified CIDR(s)
- .sp
- .IR "B:<CIDR1>,... "
- - Both source and destination IP must match specified CIDR(s)
- .sp
- .IR "E:<CIDR1>,... "
- - Either IP must match specified CIDR(s)
- .sp
- .IR "P:<LIST> "
- - Must be one of the listed packets where the list
- corresponds to the packet number in the capture file.
- .nf
- \--include=P:1-5,9,15,72-
- .fi
- would send packets 1 thru 5, the 9th and 15th packet, and packets 72 until the
- end of the file
- .sp
- .IR "F:'<bpf>'"
- - BPF filter. See the \fItcpdump(8)\fP man page for syntax.
- .br
- .TP
- .BR \-X " \fIstring\fP, " \--exclude "=" \fIstring\fP
- Exclude any packet matching this rule.
- This option may appear up to 1 times.
- This option must not appear in combination with any of the following options:
- include.
- .sp
- Override default of sending all packets stored in the capture file and only
- send packets which do not match the provided rule. Rules can be one of:
- .sp
- .IR "S:<CIDR1>,... "
- - Source IP must not match specified CIDR(s)
- .sp
- .IR "D:<CIDR1>,... "
- - Destination IP must not match specified CIDR(s)
- .sp
- .IR "B:<CIDR1>,... "
- - Both source and destination IP must not match specified CIDR(s)
- .sp
- .IR "E:<CIDR1>,... "
- - Either IP must not match specified CIDR(s)
- .sp
- .IR "P:<LIST> "
- - Must not be one of the listed packets where the list
- corresponds to the packet number in the capture file.
- .nf
- \--exclude=P:1-5,9,15,72-
- .fi
- would drop packets 1 thru 5, the 9th and 15th packet, and packets 72 until the
- end of the file
- .br
- .TP
- .BR \-P ", " \--pid
- Print the PID of tcpbridge at startup.
- .sp
- .TP
- .BR \-v ", " \--verbose
- Print decoded packets via tcpdump to STDOUT.
- This option may appear up to 1 times.
- .sp
- .TP
- .BR \-A " \fIstring\fP, " \--decode "=" \fIstring\fP
- Arguments passed to tcpdump decoder.
- This option may appear up to 1 times.
- This option must appear in combination with the following options:
- verbose.
- .sp
- When enabling verbose mode (\fB-v\fP) you may also specify one or more
- additional arguments to pass to \fBtcpdump\fP to modify the way packets
- are decoded. By default, \-n and \-l are used. Be sure to
- quote the arguments like: \--verbose="-axxx" so that they are not interpreted
- by tcpbridge. The following arguments are vaild:
- [ \-aAeNqRStuvxX ]
- [ \-E spi@ipaddr algo:secret,... ]
- [ \-s snaplen ]
- .TP
- .BR \-V ", " \--version
- Print version information.
- .sp
- .TP
- .BR \-h ", " \--less-help
- Display less usage information and exit.
- .sp
- .TP
- .BR \-H , " \--help"
- Display usage information and exit.
- .TP
- .BR \-! , " \--more-help"
- Extended usage information passed thru pager.
- .TP
- .BR \- " [\fIrcfile\fP]," " \--save-opts" "[=\fIrcfile\fP]"
- Save the option state to \fIrcfile\fP. The default is the \fIlast\fP
- configuration file listed in the \fBOPTION PRESETS\fP section, below.
- .TP
- .BR \- " \fIrcfile\fP," " \--load-opts" "=\fIrcfile\fP," " \--no-load-opts"
- Load options from \fIrcfile\fP.
- The \fIno-load-opts\fP form will disable the loading
- of earlier RC/INI files. \fI--no-load-opts\fP is handled early,
- out of order.
- .SH OPTION PRESETS
- Any option that is not marked as \fInot presettable\fP may be preset
- by loading values from configuration ("RC" or ".INI") file(s).
- The \fIhomerc\fP file is "\fI$$/\fP", unless that is a directory.
- In that case, the file "\fI.tcpbridgerc\fP"
- is searched for within that directory.
- .SH "SIGNALS"
- tcpbridge understands the following signals:
- .sp
- .IR "\fBSIGUSR1\fP"
- Suspend tcpbridge
- .sp
- .IR "\fBSIGCONT\fP"
- Restart tcpbridge
- .br
- .SH "SEE ALSO"
- tcpdump(1), tcpprep(1), tcprewrite(1), tcpreplay(1)
- .SH "BUGS"
- tcpbridge can only send packets as fast as your computer's interface,
- processor and system bus will allow.
- Connecting both interfaces to the same subnet may create a broadcast storm and
- take down the network. Improper use of the packet editing functions may have
- other undefined and possible negative consequences.
- Some operating systems by default do not allow for forging source MAC
- addresses. Please consult your operating system's documentation and the
- tcpreplay FAQ if you experiance this issue.
- .SH AUTHOR
- Copyright 2000-2008 Aaron Turner
- For support please use the tcpreplay-users@lists.sourceforge.net mailing list.
- The latest version of this software is always available from:
- http://tcpreplay.synfin.net/
- .PP
- Released under the Free BSD License.
- .PP
- This manual page was \fIAutoGen\fP-erated from the \fBtcpbridge\fP
- option definitions.
|