tcp流重播工具 [英] tcp stream replay tool

查看:111
本文介绍了tcp流重播工具的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在寻找一种用于记录和重放TCP流的一侧以进行测试的工具. 我看到了记录整个TCP流(服务器和客户端)以测试防火墙等的工具,但是我正在寻找的工具是仅记录客户端提交的流量(带有定时信息)然后重新提交的工具.到服务器进行测试.

I'm looking for a tool for recording and replaying one side of a TCP stream for testing. I see tools which record the entire TCP stream (both server and client) for testing firewalls and such, but what I'm looking for is a tool which would record just the traffic submitted by the client (with timing information) and then resubmit it to the server for testing.

推荐答案

由于TCP处理重传的方式,序列号, SACK 并将其加窗显示可能比您想象的要困难.

Due to the way that TCP handles retransmissions, sequence numbers, SACK and windowing this could be a more difficult task than you imagine.

通常,人们使用 tcpreplay 进行数据包重播;但是,它不支持同步TCP序列号.由于您需要双向TCP流(并且这需要同步seq编号),请使用以下选项之一:

Typically people use tcpreplay for packet replay; however, it doesn't support synchronizing TCP sequence numbers. Since you need to have a bidirectional TCP stream, (and this requires synchronization of seq numbering) use one of the following options:

  1. 如果这是一个非常互动的客户端/服务器协议,则可以使用

  1. If this is a very interactive client / server protocol, you could use scapy to strip out the TCP contents of your stream, parse for timing and interactivity. Next use this information, open a new TCP socket to your server and deserialize that data into the new TCP socket. Parsing the original stream with scapy could be tricky, if you run into TCP retransmissions and windowing dynamics. Writing the bytes into a new TCP socket will not require dealing with sequence numbering yourself... the OS will take care of that.

如果这是一个简单的流,并且您可以不使用定时(或想要手动插入定时信息),则可以使用wireshark从TCP流中获取原始字节,而不必担心关于使用 scapy 进行解析.拥有原始字节后,将这些字节写入新的TCP套接字(根据需要考虑交互性).将字节写到新的TCP套接字中将不需要您自己处理序列号……操作系统会解决这个问题.

If this is a simple stream and you could do without timing (or want to insert timing information manually), you can use wireshark to get the raw bytes from a TCP steam without worrying about parsing with scapy. After you have the raw bytes, write these bytes into a new TCP socket (accounting for interactivity as required). Writing the bytes into a new TCP socket will not require dealing with sequence numbering yourself... the OS will take care of that.

如果流仅是文本命令(而不是html或xml),例如telnet会话,则

If your stream is strictly text (but not html or xml) commands, such as a telnet session, an Expect-like solution could be easier than the aforementioned parsing. In this solution, you would not open a TCP socket directly from your code, using expect to spawn a telnet (or whatever) session and replay the text commands with send / expect. Your expect library / underlying OS would take care of seq numbering.

如果您正在测试Web服务,我想模拟一个真正的Web客户端会更容易,它可以通过单击 Splinter .您的http库/底层操作系统将在新流中处理seq编号.

If you're testing a web service, I suspect it would be much easier to simulate a real web client clicking through links with Selenium or Splinter. Your http library / underlying OS would take care of seq numbering in the new stream.

这篇关于tcp流重播工具的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆