I need to create some traffic load on a linux machine in order to test some different packet forwarding schemes. Any easy way to have some dummy traffic?
Thanks.
With a second host, you could use nc to simulate server/client transfer, e.g. send files from a bash for-loop to the other host. See the manpage for examples.
Related
I'm trying to build a network listener in python, which is able to capture the local network traffic from my own computer.
I've tried with sockets, but i find it very hard to use this method, because i'm not on a Linux-machine.
So, is there another method i'm not aware of, now when it's about only monitoring my own traffic? :)
What you need is called sniffer, try scapy framework.
How can I run a scapy script inside mininet to generate custom packets?
I know I could generate traffic using iperf ,netperf etc.But I need to customize the packets and then use them in mininet.
Thanks,
Regards,
Sushmita
You can generate trafic from hosts. You can run cli commands using xterm. I think that using dpkg-name -v you can see what version is emulated by host. So, you can customize ping or whatever you want from the emulated host!
Here you can see how to run commands in hosts setting a simulation from python script. E.g.
h1 = net.get('h1')
result = h1.cmd('ifconfig')
print result
Scapy needs root authentication to run.It is difficult to use in the mininet environment. But you can use nat in mininet, then build packets in your machine and then send to hosts in miininet.
Currently, the best way to achieve this is to use containernet, an actively developed fork of mininet that allow integration of Docker containers. Just use a container that includes Scapy and you are good to go.
I have an embedded system that can be treated as an Access Point. There's a program that runs in that system and performs some network communication with devices connected to that Access Point. It is sending UDP packets containing some diagnostic information (a data structure) and receiving commands. The problem is that sometimes some fields of that outgoing data structure are not filled with data (eg. there are zeroes or some garbage). I need those fields to be correctly filled every time and I know what values should be put there.
Another task that I need to accomplish is to filter incoming packets that come to this program (I know what ports it listens on) - usually I need to simply pass them, but occassionaly (eg. when I get some information from sensors) it is necessary to completely replace them with new packets that I would generate.
I have several ideas varying from some smart usage of iptables and pcap to writing my own kernel module. I do not own sources of that embedded application so I cannot embed this functionality in its code. Performance is a crucial thing here, and I'd like to hear your suggestions: what should I go for? Writing my own kernel modules seems to be the best solution to me, but I have no experience in network hacking so maybe there are some other ways that are better suited for this problem. Any opinion will be highly appreciated!
One standard approach is to use libnetfilter_queue to intercept and modify packets directly. You should at least try this before attempting to write your own kernel modules.
You could do it in userspace. Just write a server that receives the packets changes them and send them again out. You have to configure the application just to use your localhost as destination ip (or configure your system that it has the target address). Its a typical "man-in-the-middle" setup.
I want to test a new protocol of communication, and for this i need to intercept every single package entering and leaving the network layer of the OSI model.
any idea how to intercept those packages and perform the tasks i want to perform on them before letting them go.
http://www.charlesproxy.com/ is a great tool for intercepting, inspecting, modifying, and resending network requests. Its main mode is for http however it has an option to catch and forward any port and a socks proxy option. It understands quite a few payload formats natively and is very useful with minimum effort.
Wireshark is a useful program for letting you sniff network traffic (i.e. passively observe). And on *nix systems, raw sockets give you the ability to bypass most of the network stack and craft custom packets.
Use "Microsoft Network Monitor" if you want to check those Microsoft protocols. Well, though it's much slower than Wireshark.
I need to know when a specific pc (which I know ip and MAC) is plugged on the LAN. I want to avoid all polling mechanisms, is it possible under linux to achieve this ? Maybe by sniffing icmp packet?
Thx
If you are in control of the gateway, you can just sniff traffic and see if there's any from/to that host (through MAC or IP address).
If not, things get complicated, and some sort of polling is needed in most cases - in a switched network, you generally won't see the traffic destined for another host; the surest way of checking "online-ness" would be ARP, possibly by using arping (or doing the ARP requests yourself and sniffing the traffic for ARP replies).
Note that neither of these approaches are "sure-fire" - with tools like powernap, (temporarily) offline hosts can appear to be online.
You can use NMAP to scan your network with a simple ping type scan to see what hosts are online and not. This is a polling mechanism, but unless you can program the routers/switches in your network to tell your when MAC or IP address XYZ has started sending traffic, I don't know of any other way to do this.