[Snort-users] [RGSPAM] Re: Semi-OT: Re-inject tcpdump captured traffic
roesch at ...1935...
Thu Dec 6 10:14:14 EST 2007
On Dec 6, 2007, at 8:39 AM, Jordi Espasa Clofent wrote:
>> And this time I'll include the proper URL.... ->
> Interesting tool also.
> Nevertheless, in my case, I need to work on gigabit medium, so
> (which is designed for 10/100 link speed) it's not exactly what I
> At present moment my production environment has a 130-150Mbps network
> load; moreover I'll generate 2x/3x/5x (according the present value)
> traffic to test the FW's performance and scability.
You might want to check out DaemonLogger, it's got a replay mode as
well as a real-time tap mode as well as being a packet logger itself.
Basically, DaemonLogger can capture traffic off of one interface
direct to the disk (logger mode), retransmit it out another interface
in real-time (tap mode) or replay a pcap file (replay mode).
You can get it at http://www.snort.org/users/roesch/Site/Daemonlogger/Daemonlogger.html
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Security for the Real World - http://www.sourcefire.com
Snort: Open Source IDP - http://www.snort.org
More information about the Snort-users