Slashdot Mirror

← Back to Stories (view on slashdot.org)

Packet Generation under Linux?

Posted by michael on from the when-ping-f-isn't-enough dept.

Marcus Vollmer writes "I am looking for packet generation tools, or suggestions on how to go about writing one. I need to be able to generate ip packets with specific characteristics and send them to a network appliance, in order to simulate possible scenarios. For example, one appliance we want to test performs layer 7 operations, we want to be able to test splitting requests and responses up across multiple frames, force retransmits, and send different responses back. (eg. if the first request was split over 3 frames, we might want to send a reset and have the client retransmit using only 2 frames). I doubt there are any existing tools to do this, but we were thinking of writing a series of tools using netfilter, and placing a linux box between the client and the appliance running these filters to alter the packets. If there are existing tools to do this thats great, if not, any pointers and resources would be great. There is a good article in the Linux Journal (Feb and March issues), along with the information at netfilter.org, but we would be interested in hearing any ideas and suggestions from the slashdot community."

11 of 19 comments (clear)

  1. SendIP by MadCamel · · Score: 5, Informative

    SendIP seems to be just what you are looking for:
    http://www.earth.li/projectpurple/progs/send ip.htm l

    Nemesis is also pretty good. There are a variety of "human IP stack" type tools available. I can also reccommend the Net::RawIP PERL module, if you are PERL literate.

  2. You will find LCRZO useful by jquiroga · · Score: 5, Informative

    LCRZO is a network library to do exactly what you need. You can find it here.

    Quoting from Laurent's website:

    Lcrzo is a network library, for network administrators and network hackers.
    Its objective is to easily create network programs. This library provides network functionnalities for Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols. It supports spoofing, sniffing, client and server creation. Furthermore, lcrzo contains high level functions dealing with data storage and handling. Using all these functions, you can quickly create a network test program.

    The library lcrzo provides :
    + network functionnalities :
    - address conversion
    - packet encoding/decoding/printing
    - spoofing
    - real/virtual UDP/TCP clients/servers
    - sniffing
    - device(network board) dealing
    - etc.
    + and general functionnalities :
    - data conversion
    - chained list
    - IPC
    - etc.

  3. Check CPAN by grundy · · Score: 5, Informative

    Net::RawIP is pretty awesome, and perl is good for throwing test tools together quick.

  4. LibNet, the packet assembly library by Gruturo · · Score: 5, Informative

    As the subject says. Used as a "packet assembly line", it has any sorts of packet generation facilities. libnet.sf.net

    --

    Vacuum cleaners suck. Kings rule.
  5. Don't let Steve Gibson hear you! by SuiteSisterMary · · Score: 3, Funny

    Don't you know that Steve Gibson, the WORLDS GREATEST HACKER! has decreed that only criminals have need to create their own packets?! For shame! (yes, this is full of sarcasm and contempt directed towards Steve Gibson. Follow the second link. The man is the Jerry Springer of the Internet.)

    --
    Vintage computer games and RPG books available. Email me if you're interested.
    1. Re:Don't let Steve Gibson hear you! by Bishop · · Score: 2

      Man that guy is full of himself. His site was booted of the Internet by the "next generation DOS". He claims that the next generation of DOS is the Distributed Reflection DOS. Just because he hasn't seen one before doesen't make it new, or the next generation. It isen't even that great as the attackers needs almost as much bandwidth as the target.

  6. libnet and libpcap by little_fluffy_clouds · · Score: 2, Informative

    This has to be the best place to start: libnet homepage. This pagehas all the info and links you need.

    --
    What were the skies like when you were young?
  7. How to Rewrite Packets? by CaptCosmic · · Score: 2, Interesting

    I have a related Question. I have the need to not only send packets with specific IP headers, I need to generate these headers by rewriting incoming packets.

    Where can I find information on such a task?

    --
    -> Capt Cosmic <-
    1. Re:How to Rewrite Packets? by CaptCosmic · · Score: 1

      Thanks for the worthless reply, but I've already done that. I am smart enough to ask Google before I ask Slashdot. After all, Google gives more accurate answers. (As evidenced by this inane reply.)

      --
      -> Capt Cosmic <-
    2. Re:How to Rewrite Packets? by LinuxGeek8 · · Score: 2

      What exactly do you want to rewrite?

      You can use iptables with PREROUTING, to rewrite the destination ip.
      Maybe you can even change more things with it (?), but I'm not sure about that.

      --
      Well, don't worry about that. We can get you back before you leave. (Dr. Who)
  8. Nemesis by mirabilos · · Score: 1

    On OpenBSD we have Nemesis in the ports tree,
    which can generate "raw" packets of nearly any
    flavour. I am sure it runs under Linux, too.

    --
    My Karma isn't excellent, damn it! (And /. still does not get UTF-8 right in 2012. Wow.)