blob: 97104b7010883dcdd40be873da58c4dea3b61102 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
|
include::../docbook/attributes.adoc[]
= randpkt(1)
:doctype: manpage
:stylesheet: ws.css
:linkcss:
:copycss: ../docbook/{stylesheet}
== NAME
randpkt - Random packet generator
== SYNOPSIS
[manarg]
*randpkt*
[ *-b* <maxbytes> ]
[ *-c* <count> ]
[ *-F* <file format> ]
[ *-r* ]
[ *-t* <type> ]
<filename>
[manarg]
*randpkt*
*-h|--help*
[manarg]
*randpkt*
*-v|--version*
== DESCRIPTION
*randpkt* is a small utility that creates a trace file full of random packets.
By creating many randomized packets of a certain type, you can
test packet sniffers to see how well they handle malformed packets.
The sniffer can never trust the data that it sees in the packet because
you can always sniff a very bad packet that conforms to no standard.
*randpkt* produces __very bad__ packets.
When creating packets of a certain type, *randpkt* uses a sample
packet that is stored internally to *randpkt*. It uses this as the
starting point for your random packets, and then adds extra random
bytes to the end of this sample packet.
For example, if you choose to create random ARP packets, *randpkt*
will create a packet which contains a predetermined Ethernet II header,
with the Type field set to ARP. After the Ethernet II header, it will
put a random number of bytes with random values.
== OPTIONS
-b <maxbytes>::
+
--
Default 5000.
Defines the maximum number of bytes added to the sample packet.
If you choose a *maxbytes* value that is less than the size of the
sample packet, then your packets would contain only the sample
packet... not much variance there! *randpkt* exits on that condition.
--
-c <count>::
+
--
Default 1000.
Defines the number of packets to generate.
--
-F <file format>::
+
--
Default *pcapng*.
Sets the file format of the output capture file. *randpkt* can write
the file in several formats; *randpkt -F* provides a list of the
available output formats. Note that not all output formats support
all packet types.
--
-h|--help::
Print the version number and options and exit.
-r::
+
--
The packet type is determined randomly for each packet. This requires
an output format that can support different encapsulations per packet,
like *pcapng*.
--
-t <type>::
+
--
Default Ethernet II frame.
Defines the type of packet to generate:
arp Address Resolution Protocol
bgp Border Gateway Protocol
bvlc BACnet Virtual Link Control
dns Domain Name Service
eth Ethernet
fddi Fiber Distributed Data Interface
giop General Inter-ORB Protocol
icmp Internet Control Message Protocol
ip Internet Protocol
ipv6 Internet Protocol Version 6
llc Logical Link Control
m2m WiMAX M2M Encapsulation Protocol
megaco MEGACO
nbns NetBIOS-over-TCP Name Service
ncp2222 NetWare Core Protocol
sctp Stream Control Transmission Protocol
syslog Syslog message
tds TDS NetLib
tcp Transmission Control Protocol
tr Token-Ring
udp User Datagram Protocol
usb Universal Serial Bus
usb-linux Universal Serial Bus with Linux specific header
--
-v|--version::
Print the full version information and exit.
include::diagnostic-options.adoc[]
== EXAMPLES
To see a description of the randpkt options use:
randpkt
To generate a capture file with 1000 DNS packets use:
randpkt -b 500 -t dns rand_dns.pcapng
To generate a small capture file with just a single LLC frame use:
randpkt -b 100 -c 1 -t llc single_llc.pcapng
== SEE ALSO
xref:https://www.tcpdump.org/manpages/pcap.3pcap.html[pcap](3), xref:editcap.html[editcap](1)
|
