aclx Posted December 4, 2023 Share Posted December 4, 2023 hi I am not able to get this simple payload running on my packet squirrel NETMODE BRIDGE sleep 20 tcpreplay -i br-lan -p 200000 -l 200 /mnt/loot/tcpdump/test.pcapng ------------------------------------------------------------------------------ LED starts with green - blue - red In arming mode I have access and see the test.pcapng under /mnt/loot/tcpdump/ Also the command tcpreplay -i br-lan -p 200000 -l 200 /mnt/loot/tcpdump/test.pcapng is working fine in arming mode .... Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted December 4, 2023 Share Posted December 4, 2023 You mentioned in another post that your Packet Squirrel runs firmware version 3.2 which indicates that it's a Mk1 Squirrel. Is this valid for this post as well? I.e. that the question is about the Mk1 Packet Squirrel and not the newer Mk2 version. Quote Link to comment Share on other sites More sharing options...
aclx Posted December 4, 2023 Author Share Posted December 4, 2023 yes it is firmware version 3.2 Mk1 Squirrel Quote Link to comment Share on other sites More sharing options...
Solution aclx Posted December 5, 2023 Author Solution Share Posted December 5, 2023 tcpreplay -i br-lan -p 200000 -l 200 /mnt/loot/tcpdump/test.pcapng works! I aspect that the traffic will be sent out on the LAN (Ethernet Out) interface and not out on the PC (Ethernet In) Interface. Is there a command in bridge mode to send multicast layer2 traffic on Ethernet out interface? Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted December 5, 2023 Share Posted December 5, 2023 I'm a bit confused. It's marked as a solution but still there is a question. Is the issue that it works but sends the replayed traffic to the "wrong" interface, i.e. using br-lan pushes the traffic in the wrong direction/to the wrong actual interface? What happens if you use eth1 instead? Quote Link to comment Share on other sites More sharing options...
aclx Posted December 6, 2023 Author Share Posted December 6, 2023 tcpreplay only works on br-lan and eth0 interface. eth1 is not sending any traffic ... NETMODE BRIDGE tcpreplay -i br-lan -p 200000 -l 200 /mnt/loot/tcpdump/test.pcapng -> OK tcpreplay -i eth0 -p 200000 -l 200 /mnt/loot/tcpdump/test.pcapng -> OK tcpreplay -i eth1 -p 200000 -l 200 /mnt/loot/tcpdump/test.pcapng -> NOK Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted December 6, 2023 Share Posted December 6, 2023 What are you actually trying to accomplish here? Do you have the actual knowledge needed of tcpreplay and/or how networking works so that you're 100% sure that what you're trying to do actually is possible to do? You can't just capture anything and replay it and think that the other end will simply accept it. In what way do you verify that some replays works OK and some (one) NOK (i.e. method used)? Quote Link to comment Share on other sites More sharing options...
aclx Posted December 10, 2023 Author Share Posted December 10, 2023 Do you know the behavior of Layer 2 multicast? Yes I want to capture it and replay some specific multicast data ... I have verified tcpreplay -i br-lan -p 200000 -l 200 /mnt/loot/tcpdump/test.pcapng -> OK tcpreplay -i eth0 -p 200000 -l 200 /mnt/loot/tcpdump/test.pcapng -> OK tcpreplay -i eth1 -p 200000 -l 200 /mnt/loot/tcpdump/test.pcapng -> NOK with wireshark ... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.