JWT2 09-30-2005 11:56 PM

retransmiting tcpdump capture file?
I am running debian sarge. I would like to know if anyone knows of a good
graphical interface software that will allow me to retransmit a tcpdump capture file? I have a project I am doing at work, and this would be of great help. I would like to run on gnome, if possible. Thank you.

Gibsonist 10-02-2005 08:03 AM

Good tool, yes - GUI, NO!

as with most networking on *NIX you have to use the consol.

But have a look at tcpreplay (also available from debian)

Hope it is what you are looking for

archtoad6 10-04-2005 07:47 AM

Look at ethereal, which I have used; & and its CLI counterpart tethereal, which I haven't.

Different capture format, possibly better. I believe more comprehensive.

tkedwards 10-05-2005 06:37 PM

Ethereal will provide a nice GUI for examining the packets (its compatible with tcpdump's output format) but I don't think it can replay them across the network.

archtoad6 10-06-2005 11:25 AM

Maybe we should have asked what you meant by "retransmit a tcpdump capture file"?

Ethereal can certainly capture to file & replay the captured files. It's nice to learn that it's compatible w/ tcpdump.

To do this over a network, you will need to:
  • run VNC,
  • forward an X session,
  • or, maybe, use ssh & tethereal.
What are you asking for?

tkedwards 10-06-2005 05:46 PM

How do you get Ethereal to replay the captured packets? I'm using 0.10.12 on a Centos4.1 box and I can't see an option for it anywhere?

Snowbat 10-06-2005 06:10 PM

Tcpreplay seems to do what you want:

archtoad6 10-06-2005 08:27 PM

I hope by "replay" you mean view again, not something involving retransmission.

It's as easy as opening (File, Open -- Ctrl-O) a capture file.

tkedwards 10-06-2005 09:26 PM

No I meant retransmission, which I'm guessing can't be done in Ethereal

archtoad6 10-09-2005 08:27 AM

Just checked Snowbat's Tcpreplay link, looks like it's just what you're asking for.

