On 9/24/07, Bing Feng <[EMAIL PROTECTED]> wrote: > > > > Hello, > > I have a problem about using tcpreplay to test the firewall,the topology > detail in the attachment,when the firewall under the NAT module,how to use > tcpreplay to send traffic to through it?
Hi Bing, You're going to have to give me more information then you're having "a problem". What is your problem exactly? Firewall dropping the traffic? Do you know why? Is the firewall seeing the traffic? Is the NAT inbound or outbound? Basically, you need to use tcpprep to split the traffic into Client and Server halves. Then use tcprewrite to edit the IP and MAC addresses to match that of your testbed. The destination MAC's need to match those of the firewall, source MAC's can stay unchanged. The source/destination IP's need to match that of your virtual client/server and that of the firewall NAT IP- just like normal traffic would look on the DMZ/Untrust segments. -- Aaron Turner http://synfin.net/ http://tcpreplay.synfin.net/ - Pcap editing & replay tools for Unix They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Tcpreplay-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/tcpreplay-users
