This is the official site for Tcpreplay version 4.0 and newer. The 3.x wiki and legacy Tcpreplay content is available here.
Tcpreplay is a suite of free Open Source utilities for editing and replaying previously captured network traffic. Originally designed to replay malicious traffic patterns to Intrusion Detection/Prevention Systems, it has seen many evolutions including capabilities to replay to web servers.
Version 4.0.0 introduces features and performance enhancements to support switches, routers, and IP Flow/NetFlow appliances.
Example - 10GigE to IP Flow Appliance:
root@pw29:~# tcpreplay -i eth7 -tK --loop 5000 --unique-ip smallFlows.pcap
File Cache is enabled
Actual: 71305000 packets (46082655000 bytes) sent in 38.05 seconds.
Rated: 1194330011.6 Bps, 9554.64 Mbps, 1848020.72 pps
Flows: 6045000 flows, 156669.03 fps, 71215000 flow packets, 90000 non-flow
Statistics for network device: eth7
Attempted packets: 71305000
Successful packets: 71305000
Failed packets: 0
Truncated packets: 0
Retried packets (ENOBUFS): 0
Retried packets (EAGAIN): 0Overview:
- » Tcpreplay Overview
- » Products
- » Download and Installation
- » FAQ
- » How To...
- » News
- » Support
- » Contributors
Man pages:
- » tcpreplay: replays pcap files at arbitrary speeds onto a network
- » tcprewrite: edits pcap files and creates a new pcap file
- » tcpreplay-edit: edits pcap files and replays onto a network
- » tcpprep: creates client/server definition cache files used by tcpreplay/tcprewrite
- » tcpbridge: bridge two network segments with the power of tcprewrite
- » tcpliveplay: replay a TCP pcap file in a manner that a server will recognize
- » tcpcapinfo: raw pcap file decoder and debugger