tcpedit_opts.def 10 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339
  1. /*
  2. * Copyright (c) 2001-2010 Aaron Turner <aturner at synfin dot net>
  3. * Copyright (c) 2013-2024 Fred Klassen <tcpreplay at appneta dot com> - AppNeta
  4. *
  5. * The Tcpreplay Suite of tools is free software: you can redistribute it
  6. * and/or modify it under the terms of the GNU General Public License as
  7. * published by the Free Software Foundation, either version 3 of the
  8. * License, or with the authors permission any later version.
  9. *
  10. * The Tcpreplay Suite is distributed in the hope that it will be useful,
  11. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13. * GNU General Public License for more details.
  14. *
  15. * You should have received a copy of the GNU General Public License
  16. * along with the Tcpreplay Suite. If not, see <http://www.gnu.org/licenses/>.
  17. */
  18. flag = {
  19. name = tcpedit;
  20. documentation;
  21. lib-name = tcpedit;
  22. };
  23. flag = {
  24. name = portmap;
  25. value = r;
  26. arg-type = string;
  27. max = 9999;
  28. stack-arg;
  29. descrip = "Rewrite TCP/UDP ports";
  30. doc = <<- EOText
  31. Specify a list of comma delimited port mappings consisting of
  32. colon delimited port number pairs. Each colon delimited port pair
  33. consists of the port to match followed by the port number to rewrite.
  34. Examples:
  35. @example
  36. --portmap=80:8000 --portmap=8080:80 # 80->8000 and 8080->80
  37. --portmap=8000,8080,88888:80 # 3 different ports become 80
  38. --portmap=8000-8999:80 # ports 8000 to 8999 become 80
  39. @end example
  40. EOText;
  41. };
  42. flag = {
  43. name = seed;
  44. flags-cant = fuzz-seed;
  45. value = s;
  46. arg-type = number;
  47. descrip = "Randomize src/dst IPv4/v6 addresses w/ given seed";
  48. max = 1;
  49. doc = <<- EOText
  50. Causes the source and destination IPv4/v6 addresses to be pseudo
  51. randomized but still maintain client/server relationships.
  52. Since the randomization is deterministic based on the seed,
  53. you can reuse the same seed value to recreate the traffic.
  54. EOText;
  55. };
  56. flag = {
  57. name = pnat;
  58. value = N;
  59. arg-type = string;
  60. max = 2;
  61. stack-arg;
  62. flags-cant = srcipmap;
  63. flass-cant = dstipmap;
  64. descrip = "Rewrite IPv4/v6 addresses using pseudo-NAT";
  65. doc = <<- EOText
  66. Takes a comma delimited series of colon delimited CIDR
  67. netblock pairs. Each netblock pair is evaluated in order against
  68. the IP addresses. If the IP address in the packet matches the
  69. first netblock, it is rewritten using the second netblock as a
  70. mask against the high order bits.
  71. IPv4 Example:
  72. @example
  73. --pnat=192.168.0.0/16:10.77.0.0/16,172.16.0.0/12:10.1.0.0/24
  74. @end example
  75. IPv6 Example:
  76. @example
  77. --pnat=[2001:db8::/32]:[dead::/16],[2001:db8::/32]:[::ffff:0:0/96]
  78. @end example
  79. EOText;
  80. };
  81. flag = {
  82. name = srcipmap;
  83. value = S;
  84. arg-type = string;
  85. max = 1;
  86. flags-cant = pnat;
  87. descrip = "Rewrite source IPv4/v6 addresses using pseudo-NAT";
  88. doc = <<- EOText
  89. Works just like the --pnat option, but only affects the source IP
  90. addresses in the IPv4/v6 header.
  91. EOText;
  92. };
  93. flag = {
  94. name = dstipmap;
  95. value = D;
  96. arg-type = string;
  97. max = 1;
  98. flags-cant = pnat;
  99. descrip = "Rewrite destination IPv4/v6 addresses using pseudo-NAT";
  100. doc = <<- EOText
  101. Works just like the --pnat option, but only affects the destination IP
  102. addresses in the IPv4/v6 header.
  103. EOText;
  104. };
  105. flag = {
  106. ifdef = HAVE_CACHEFILE_SUPPORT;
  107. name = endpoints;
  108. value = e;
  109. arg-type = string;
  110. max = 1;
  111. flags-must = cachefile;
  112. descrip = "Rewrite IP addresses to be between two endpoints";
  113. doc = <<- EOText
  114. Takes a pair of colon delimited IPv4/v6 addresses which will be used to rewrite
  115. all traffic to appear to be between the two IP addresses.
  116. IPv4 Example:
  117. @example
  118. --endpoints=172.16.0.1:172.16.0.2
  119. @end example
  120. IPv6 Example:
  121. @example
  122. --endpoints=[2001:db8::dead:beef]:[::ffff:0:0:ac:f:0:2]
  123. @end example
  124. EOText;
  125. };
  126. flag = {
  127. name = tcp-sequence;
  128. arg-type = number;
  129. arg-default = 0;
  130. arg-range = "1->";
  131. descrip = "Change TCP Sequence (and ACK) numbers /w given seed";
  132. doc = <<- EOText
  133. Change all TCP sequence numbers, and related sequence-acknowledgement numbers.
  134. They will be shifted by a random amount based on the provided seed.
  135. EOText;
  136. };
  137. flag = {
  138. name = skipbroadcast;
  139. value = b;
  140. descrip = "Skip rewriting broadcast/multicast IPv4/v6 addresses";
  141. doc = <<- EOText
  142. By default --seed, --pnat and --endpoints will rewrite
  143. broadcast and multicast IPv4/v6 and MAC addresses. Setting this flag
  144. will keep broadcast/multicast IPv4/v6 and MAC addresses from being rewritten.
  145. EOText;
  146. };
  147. flag = {
  148. name = fixcsum;
  149. value = C;
  150. descrip = "Force recalculation of IPv4/TCP/UDP header checksums";
  151. doc = <<- EOText
  152. Causes each IPv4/v6 packet to have their checksums recalculated and
  153. fixed. Automatically enabled for packets modified with @samp{--seed},
  154. @samp{--pnat}, @samp{--endpoints} or @samp{--fixlen}.
  155. EOText;
  156. };
  157. flag = {
  158. name = fixhdrlen;
  159. descrip = "Alter IP/TCP header len to match packet length";
  160. doc = <<- EOText
  161. By default, tcpreplay will send packets with the original packet length,
  162. However, you may want the packet length revised to minimum packet size.
  163. Using this option, tcpreplay will rewrite (fix) the packet length,
  164. and recalculate checksums when packet length changes.
  165. Caution: undesired packet changes may occur when this option is specified.
  166. EOText;
  167. };
  168. flag = {
  169. name = mtu;
  170. value = m;
  171. arg-type = number;
  172. max = 1;
  173. arg-range = "1->MAX_SNAPLEN";
  174. default = DEFAULT_MTU;
  175. descrip = "Override default MTU length (1500 bytes)";
  176. doc = <<- EOText
  177. Override the default 1500 byte MTU size for determining the maximum padding length
  178. (--fixlen=pad) or when truncating (--mtu-trunc).
  179. EOText;
  180. };
  181. flag = {
  182. name = mtu-trunc;
  183. max = 1;
  184. descrip = "Truncate packets larger then specified MTU";
  185. doc = <<- EOText
  186. Similar to --fixlen, this option will truncate data in packets from Layer 3 and above to be
  187. no larger then the MTU.
  188. EOText;
  189. };
  190. flag = {
  191. name = efcs;
  192. value = E;
  193. descrip = "Remove Ethernet checksums (FCS) from end of frames";
  194. doc = <<- EOText
  195. Note, this option is pretty dangerous! We do not actually check to see if a FCS
  196. actually exists in the frame, we just blindly delete the last 4 bytes. Hence,
  197. you should only use this if you know know that your OS provides the FCS when
  198. reading raw packets.
  199. EOText;
  200. };
  201. flag = {
  202. name = ttl;
  203. descrip = "Modify the IPv4/v6 TTL/Hop Limit";
  204. arg-type = string;
  205. doc = <<- EOText
  206. Allows you to modify the TTL/Hop Limit of all the IPv4/v6 packets. Specify a number to hard-code
  207. the value or +/-value to increase or decrease by the value provided (limited to 1-255).
  208. Examples:
  209. @example
  210. --ttl=10
  211. --ttl=+7
  212. --ttl=-64
  213. @end example
  214. EOText;
  215. };
  216. flag = {
  217. name = tos;
  218. descrip = "Set the IPv4 TOS/DiffServ/ECN byte";
  219. arg-type = number;
  220. arg-range = "0->255";
  221. max = 1;
  222. doc = <<- EOText
  223. Allows you to override the TOS (also known as DiffServ/ECN) value in IPv4.
  224. EOText;
  225. };
  226. flag = {
  227. name = tclass;
  228. descrip = "Set the IPv6 Traffic Class byte";
  229. arg-type = number;
  230. arg-range = "0->255";
  231. max = 1;
  232. doc = <<- EOText
  233. Allows you to override the IPv6 Traffic Class field.
  234. EOText;
  235. };
  236. flag = {
  237. name = flowlabel;
  238. descrip = "Set the IPv6 Flow Label";
  239. arg-type = number;
  240. arg-range = "0->1048575";
  241. max = 1;
  242. doc = <<- EOText
  243. Allows you to override the 20bit IPv6 Flow Label field. Has no effect on IPv4
  244. packets.
  245. EOText;
  246. };
  247. flag = {
  248. name = fixlen;
  249. value = F;
  250. arg-type = string;
  251. descrip = "Pad or truncate packet data to match header length";
  252. max = 1;
  253. doc = <<- EOText
  254. Packets may be truncated during capture if the snaplen is smaller then the
  255. packet. This option allows you to modify the packet to pad the packet back
  256. out to the size stored in the IPv4/v6 header or rewrite the IP header total length
  257. to reflect the stored packet length.
  258. @table @bullet
  259. @item
  260. @var{pad}
  261. Truncated packets will be padded out so that the packet length matches the
  262. IPv4 total length
  263. @item
  264. @var{trunc}
  265. Truncated packets will have their IPv4 total length field rewritten to match
  266. the actual packet length
  267. @item
  268. @var{del}
  269. Delete the packet
  270. EOText;
  271. };
  272. flag = {
  273. name = fuzz-seed;
  274. arg-type = number;
  275. arg-default = 0;
  276. arg-range = "0->";
  277. descrip = "Fuzz 1 in X packets. Edit bytes, length, or emulate packet drop";
  278. doc = <<- EOText
  279. This fuzzing was designed as to test layer 7 protocols such as voip protocols.
  280. It modifies randomly 1 out of X packets (where X = @var{--fuzz-factor}) in order
  281. for stateful protocols to cover more of their code. The random fuzzing actions
  282. focus on data start and end because it often is the part of the data application
  283. protocols base their decisions on.
  284. Possible fuzzing actions list:
  285. * drop packet
  286. * reduce packet size
  287. * edit packet Bytes:
  288. * Not all Bytes have the same probability of appearance in real life.
  289. Replace with 0x00, 0xFF, or a random byte with equal likelihood.
  290. * Not all Bytes have the same significance in a packet.
  291. Replace the start, the end, or the middle of the packet with equal likelihood.
  292. * do nothing (7 out of 8 packets)
  293. EOText;
  294. };
  295. flag = {
  296. name = fuzz-factor;
  297. flags-must = fuzz-seed;
  298. arg-type = number;
  299. arg-default = 8;
  300. arg-range = "1->";
  301. descrip = "Set the Fuzz 1 in X packet ratio (default 1 in 8 packets)";
  302. doc = <<- EOText
  303. Sets the ratio of for @var{--fuzz-seed} option. By default this value is 8,
  304. which means 1 in 8 packets are modified by fuzzing. Note that this ratio is
  305. based on the random number generated by the supplied fuzz seed. Therefore by
  306. default you cannot expect that exactly every eighth packet will be modified.
  307. EOText;
  308. };
  309. #include plugins/dlt_stub.def