summaryrefslogtreecommitdiffstats
path: root/src/drool-replay.1in
diff options
context:
space:
mode:
Diffstat (limited to 'src/drool-replay.1in')
-rw-r--r--src/drool-replay.1in160
1 files changed, 160 insertions, 0 deletions
diff --git a/src/drool-replay.1in b/src/drool-replay.1in
new file mode 100644
index 0000000..ca2bdf9
--- /dev/null
+++ b/src/drool-replay.1in
@@ -0,0 +1,160 @@
+.\" DNS Reply Tool (drool)
+.\"
+.\" Copyright (c) 2017-2021, OARC, Inc.
+.\" Copyright (c) 2017, Comcast Corporation
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in
+.\" the documentation and/or other materials provided with the
+.\" distribution.
+.\"
+.\" 3. Neither the name of the copyright holder nor the names of its
+.\" contributors may be used to endorse or promote products derived
+.\" from this software without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+.\" FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+.\" COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+.\" CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+.\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.TH drool 1 "@PACKAGE_VERSION@" "DNS Replay Tool"
+.SH NAME
+drool \- DNS Replay Tool
+.SH SYNOPSIS
+.B drool replay
+[
+.I options
+]
+.B file
+.B host
+.B port
+.SH DESCRIPTION
+\fBdrool\fR can replay DNS traffic from packet capture (PCAP) files and send
+it to a specified server, with options such as to manipulate the timing
+between packets, as well as loop packets infinitely or for a set number
+of iterations.
+This tool's goal is to be able to produce a high amount of UDP packets per
+second and TCP sessions per second on common hardware.
+
+The purpose can be to simulate Distributed Denial of Service (DDoS) attacks
+on the DNS and measure normal DNS querying.
+For example, the tool could enable you to take a snapshot of a DDoS and be
+able to replay it later to test if new code or hardening techniques are
+useful, safe & effective.
+Another example is to be able to replay a packet stream for a bug that is
+sequence- and/or timing-related in order to validate the efficacy of
+subsequent bug fixes.
+.SH OPTIONS
+These options are specific for the
+.B replay
+command, see
+.IR drool (1)
+for generic options.
+.TP
+.B \-D
+Show DNS queries and responses as processing goes.
+.TP
+.B \-n \-\-no\-responses
+Do not wait for responses before sending next request.
+.TP
+.B \-\-no\-tcp
+Do not use TCP.
+.TP
+.B \-\-no\-udp
+Do not use UDP.
+.TP
+.B \-T \-\-threads
+Use threads.
+.TP
+.B \-\-tcp\-threads N
+Set the number of TCP threads to use, default 2.
+.TP
+.B \-\-udp\-threads N
+Set the number of UDP threads to use, default 4.
+.TP
+.B \-\-timeout N.N
+Set timeout for waiting on responses [seconds.nanoseconds], default 10.0.
+.TP
+.B \-t \-\-timing mode[=option]
+Set the timing mode, see TIMING MODES.
+.SH EXAMPLES
+.TP
+.B drool replay \-\-timing multiply=0.5 \-\-no\-tcp file.pcap 127.0.0.1 53
+
+Send all DNS queries twice as fast as found in the PCAP file to localhost
+using UDP.
+.TP
+.B drool replay \-\-timing keep \-\-no\-udp file.pcap 127.0.0.1 53
+
+Send all DNS queries over TCP to localhost as they were recorded.
+.TP
+.B drool replay \-\-no\-tcp \-\-no\-responses \-\-threads \-\-udp\-threads 3 file.pcap 127.0.0.1 53
+
+Take all DNS queries found in the PCAP file and send them as fast as possible
+over UDP to localhost by ignoring both timings, replies and starting 3 threads
+that will simultaneously send queries.
+.SH TIMING MODES
+.TP
+.B ignore
+Set the timing mode to ignore all timings and try to send traffic as fast
+as possible (default).
+.TP
+.B keep
+Set the timing mode to try and keep up with interval between the traffic
+received.
+.TP
+.B add=<nanoseconds>
+Set the timing mode to add the given nanoseconds to the interval between
+the traffic received.
+.TP
+.B reduce=<nanoseconds>
+Set the timing mode to reduce the interval between the traffic received
+with the given nanoseconds.
+.TP
+.B multiply=<float>
+Set the timing mode to multiply the interval between the traffic received,
+this can be thought as percent with 1.00 being 100% of the interval, 2.00
+being 200%, 0.10 being 10% and so on.
+.TP
+.B fixed=<nanoseconds>
+Set the timing between packets to the given nanoseconds.
+.SH SEE ALSO
+drool(1)
+.SH AUTHORS
+Jerry Lundström, DNS-OARC
+.LP
+Maintained by DNS-OARC
+.LP
+.RS
+.I https://www.dns-oarc.net/
+.RE
+.LP
+.SH BUGS
+For issues and feature requests please use:
+.LP
+.RS
+\fI@PACKAGE_URL@\fP
+.RE
+.LP
+For question and help please use:
+.LP
+.RS
+\fI@PACKAGE_BUGREPORT@\fP
+.RE
+.LP