Steps
- capture packet which I need to re-send
- check above step packet by tcpdump -r XXX.pcap -X
- tcpreplay -i $ETH_NAME $CAPTURED_PACKET
packet capturing record
- open 2 terminal windows
- execute "tcpdump -i $ETH_NAME $FILTER" at one window
- execute command to send packets to be replayed, in the below example, this command is curl.
- stop tcpdump
[root@client ~]# tcpdump -i eth1 host xxx.xxx.xxx.xxx -w xxx.pcap
tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
^C10 packets captured
10 packets received by filter
0 packets dropped by kernel
[root@client ~]# curl http://xxx.xxx.xxx.xxx
tcpreplay record.
[root@client ~]# tcpdump -r xxx.pcap -X
reading from file xxx.pcap, link-type EN10MB (Ethernet)
<-- snip -->
[root@client ~]#
[root@client ~]#
[root@client ~]#
[root@client ~]#
[root@client ~]# tcpreplay -i eth1 xxx.pcap
sending out eth1
processing file: xxx.pcap
Actual: 10 packets (668 bytes) sent in 0.22 seconds
Rated: 29149.9 bps, 0.22 Mbps/sec, 436.38 pps
Statistics for network device: eth1
Attempted packets: 10
Successful packets: 10
Failed packets: 0
Retried packets: 0
[root@client ~]#
