appneta
Ability to portmap multiple sets of ports
Currently, tcpreplay-edit can only map one or more ports in a pcap file to a single port.
It would be a very useful packet generation feature, if tcpreplay-edit could specify more than one set.
I was hoping to do this in a script, randomizing the TCP/UDP ports, replaying at high rates of speed, and repeat many times with new ports, for stress-testing of a layer 4 analyzer. This doesn't work quite as well with just one port at a time.
Does the --unique-ip option in tcpreplay work for you? It is the wire-rate method for changing IP addresses. If you specifically need ports changed, we could add a --unique-port parameter. To keep up to line speed we need to do a special trick to prevent having to do CRC checks after altering packets. Specifically, we need to alter both the source and destination ports or addresses. Does that work for you?
Sorry for the delayed response. The --unique-ip option has been quite useful, but I'm trying to vary the detected protocols as well.
The thing about the analyzer I'm testing is that it only registers known protocols, in the specific function I'm testing. The rest essentially get dropped into an "other" bucket. So, the one concern I have about a potential --unique-port option is that it would, for the most part, generate unknown protocols. Would some sort of limit or control on the range of generated ports be realistic?