How to send captured packets to a different destination?

Question

I have some data packets captured using tcpdump in a pcap file. Now I want to send those packets to a another destination. how I can achieve this?

score 19 · Answer 1 · answered Dec 19 '15 at 10:31

I wanted to capture some SNMP traps and keep them to test my application later. So I don't want to generate traps each time I wanted to test my application. I would like to post how I have done this. Hope this may help someone.

1) Capturing one packet with destination host 192.168.159.149 and port 1620 and saving it to a file

tcpdump -n -c 1 -s 0 dst host 192.168.159.149 and port 1620 -w snmp.pcap -i eth0

2) Reading captured packet

tcpdump -r snmp.pcap -X

3) Changing destination ip, MAC and checksum

tcprewrite --infile=snmp.pcap --outfile=snmp2.pcap --dstipmap=192.168.159.149:192.168.159.150 --enet-dmac=00:0c:29:d6:0f:61 --fixcsum

4) Replaying

tcpreplay --intf1=eth0 snmp2.pcap

Wesley · Accepted Answer · 2015-12-19T05:51:10.683

2

You'll need to use a tool that's capable of replaying pcap files. No special trick to it. An example would tcpreplay. A simple search for "replay pcap file" will turn up even more tools gloriously up to date within the very second that you hit enter in your search engine of choice.

edited Dec 19 '15 at 05:51

answered Dec 19 '15 at 05:32

Wesley

33,060

How to send captured packets to a different destination?

2 Answers2