Hello,
I was wondering if it's possible to replay a TCP connection from a previously captured .cap file.

I had a look around and found Tcpreplay but the limit is that it cannot handle the SYN/SYN-ACK/ACK negotiation with a server. The FAQ itself says it:
Apparently, there was a tentative to solve this with flowreplay but it did not work and the project is dead.

Is there another tool that could do it ?

gracias,
T.

I don't really understand how this would work... whilst what tcpreplay does makes sense, if you are trying to replay a tcp level connection you can't make this automatically work with a server as the act of establishing the connection means creating new tcp packets from scratch at the least, which wouldn't be replaying. if you just want to replay payloads, not tcp then you can probably do something much simpler and extract the payload with tcpdump / wireshark and then use something like netcat to fire the data into a normal tcp connection.

Maybe it'd be useful to explain more about what you're actually trying to achieve?

ok
I'm just playing around with the network Actually what I would like to do is to capture a packet and:

- replay it as it is. I will try your solution with netcat, it makes more sense.

- replay the same data content but with another source (source IP)

- replay it with different data and different header (source IP)


How can I export just the TCP payload of a packet with wireshark ?
Edit: ok I got it, just right click on the protocol being transported by TCP e.g. http and "Export Selected Packet Bytes"



Thx,
Tex