summaryrefslogtreecommitdiff
path: root/src/tcpbridge.1
diff options
context:
space:
mode:
Diffstat (limited to 'src/tcpbridge.1')
-rw-r--r--src/tcpbridge.1623
1 files changed, 623 insertions, 0 deletions
diff --git a/src/tcpbridge.1 b/src/tcpbridge.1
new file mode 100644
index 0000000..6183fa1
--- /dev/null
+++ b/src/tcpbridge.1
@@ -0,0 +1,623 @@
+.TH TCPBRIDGE 1 2010-04-04 "(tcpbridge )" "Programmer's Manual"
+.\" DO NOT EDIT THIS FILE (tcpbridge.1)
+.\"
+.\" It has been AutoGen-ed April 4, 2010 at 05:59:20 PM by AutoGen 5.9.9
+.\" From the definitions tcpbridge_opts.def
+.\" and the template file agman1.tpl
+.\"
+.SH NAME
+tcpbridge \- Bridge network traffic across two interfaces
+.SH SYNOPSIS
+.B tcpbridge
+.\" Mixture of short (flag) options and long options
+.RB [ \-\fIflag\fP " [\fIvalue\fP]]... [" \--\fIopt-name\fP " [[=| ]\fIvalue\fP]]..."
+.PP
+All arguments must be options.
+.PP
+tcpbridge is a tool for selectively briding network traffic across two interfaces
+and optionally modifying the packets in betweeen
+.SH "DESCRIPTION"
+This manual page briefly documents the \fBtcpbridge\fP command.
+The basic operation of tcpbridge is to be a network bridge between two
+subnets. All packets received on one interface are sent via the other.
+
+Optionally, packets can be edited in a variety of ways according to your needs.
+
+For more details, please see the Tcpreplay Manual at:
+http://tcpreplay.synfin.net/trac/wiki/manual
+.SH OPTIONS
+.SS ""
+.TP
+.BR \-r " \fIstring\fP, " \--portmap "=" \fIstring\fP
+Rewrite TCP/UDP ports.
+This option may appear up to \-1 times.
+.sp
+Specify a list of comma delimited port mappingings consisting of
+colon delimited port number pairs. Each colon delimited port pair
+consists of the port to match followed by the port number to rewrite.
+
+Examples:
+.nf
+ \--portmap=80:8000 \--portmap=8080:80 # 80->8000 and 8080->80
+ \--portmap=8000,8080,88888:80 # 3 different ports become 80
+ \--portmap=8000-8999:80 # ports 8000 to 8999 become 80
+.fi
+.TP
+.BR \-s " \fInumber\fP, " \--seed "=" \fInumber\fP
+Randomize src/dst IPv4/v6 addresses w/ given seed.
+This option may appear up to 1 times.
+This option takes an integer number as its argument.
+.sp
+Causes the source and destination IPv4/v6 addresses to be pseudo
+randomized but still maintain client/server relationships.
+Since the randomization is deterministic based on the seed,
+you can reuse the same seed value to recreate the traffic.
+.TP
+.BR \-N " \fIstring\fP, " \--pnat "=" \fIstring\fP
+Rewrite IPv4/v6 addresses using pseudo-NAT.
+This option may appear up to 2 times.
+This option must not appear in combination with any of the following options:
+srcipmap.
+.sp
+Takes a comma delimited series of colon delimited CIDR
+netblock pairs. Each netblock pair is evaluated in order against
+the IP addresses. If the IP address in the packet matches the
+first netblock, it is rewriten using the second netblock as a
+mask against the high order bits.
+
+IPv4 Example:
+.nf
+ \--pnat=192.168.0.0/16:10.77.0.0/16,172.16.0.0/12:10.1.0.0/24
+.fi
+IPv6 Example:
+.nf
+ \--pnat=[2001:db8::/32]:[dead::/16],[2001:db8::/32]:[::ffff:0:0/96]
+.fi
+.TP
+.BR \-S " \fIstring\fP, " \--srcipmap "=" \fIstring\fP
+Rewrite source IPv4/v6 addresses using pseudo-NAT.
+This option may appear up to 1 times.
+This option must not appear in combination with any of the following options:
+pnat.
+.sp
+Works just like the \--pnat option, but only affects the source IP
+addresses in the IPv4/v6 header.
+.TP
+.BR \-D " \fIstring\fP, " \--dstipmap "=" \fIstring\fP
+Rewrite destination IPv4/v6 addresses using pseudo-NAT.
+This option may appear up to 1 times.
+This option must not appear in combination with any of the following options:
+pnat.
+.sp
+Works just like the \--pnat option, but only affects the destination IP
+addresses in the IPv4/v6 header.
+.TP
+.BR \-e " \fIstring\fP, " \--endpoints "=" \fIstring\fP
+Rewrite IP addresses to be between two endpoints.
+This option may appear up to 1 times.
+This option must appear in combination with the following options:
+cachefile.
+.sp
+Takes a pair of colon delimited IPv4/v6 addresses which will be used to rewrite
+all traffic to appear to be between the two IP's.
+
+IPv4 Example:
+.nf
+ \--endpoints=172.16.0.1:172.16.0.2
+.fi
+IPv6 Example:
+.nf
+ \--endpoints=[2001:db8::dead:beef]:[::ffff:0:0:ac:f:0:2]
+.fi
+
+.TP
+.BR \-b ", " \--skipbroadcast
+Skip rewriting broadcast/multicast IPv4/v6 addresses.
+.sp
+By default \--seed, \--pnat and \--endpoints will rewrite
+broadcast and multicast IPv4/v6 and MAC addresses. Setting this flag
+will keep broadcast/multicast IPv4/v6 and MAC addresses from being rewritten.
+.TP
+.BR \-C ", " \--fixcsum
+Force recalculation of IPv4/TCP/UDP header checksums.
+.sp
+Causes each IPv4/v6 packet to have it's checksums recalcualted and
+fixed. Automatically enabled for packets modified with \fB--seed\fP,
+\fB--pnat\fP, \fB--endpoints\fP or \fB--fixlen\fP.
+.TP
+.BR \-m " \fInumber\fP, " \--mtu "=" \fInumber\fP
+Override default MTU length (1500 bytes).
+This option may appear up to 1 times.
+This option takes an integer number as its argument.
+The value of \fInumber\fP is constrained to being:
+.in +4
+.nf
+.na
+in the range 1 through MAXPACKET
+.fi
+.in -4
+.sp
+Override the default 1500 byte MTU size for determining the maximum padding length
+(--fixlen=pad) or when truncating (--mtu-trunc).
+.TP
+.BR \--mtu-trunc
+Truncate packets larger then specified MTU.
+This option may appear up to 1 times.
+.sp
+Similar to \--fixlen, this option will truncate data in packets from Layer 3 and above to be
+no larger then the MTU.
+.TP
+.BR \-E ", " \--efcs
+Remove Ethernet checksums (FCS) from end of frames.
+.sp
+Note, this option is pretty dangerous! We don't actually check to see if a FCS
+actually exists in the frame, we just blindly delete the last two bytes. Hence,
+you should only use this if you know know that your OS provides the FCS when
+reading raw packets.
+.TP
+.BR \--ttl "=\fIstring\fP"
+Modify the IPv4/v6 TTL/Hop Limit.
+.sp
+Allows you to modify the TTL/Hop Limit of all the IPv4/v6 packets. Specify a number to hard-code
+the value or +/-value to increase or decrease by the value provided (limited to 1-255).
+
+Examples:
+.nf
+ \--ttl=10
+ \--ttl=+7
+ \--ttl=-64
+.fi
+.TP
+.BR \--tos "=\fInumber\fP"
+Set the IPv4 TOS/DiffServ/ECN byte.
+This option may appear up to 1 times.
+This option takes an integer number as its argument.
+The value of \fInumber\fP is constrained to being:
+.in +4
+.nf
+.na
+in the range 0 through 255
+.fi
+.in -4
+.sp
+Allows you to override the TOS (also known as DiffServ/ECN) value in IPv4.
+.TP
+.BR \--tclass "=\fInumber\fP"
+Set the IPv6 Traffic Class byte.
+This option may appear up to 1 times.
+This option takes an integer number as its argument.
+The value of \fInumber\fP is constrained to being:
+.in +4
+.nf
+.na
+in the range 0 through 255
+.fi
+.in -4
+.sp
+Allows you to override the IPv6 Traffic Class field.
+.TP
+.BR \--flowlabel "=\fInumber\fP"
+Set the IPv6 Flow Label.
+This option may appear up to 1 times.
+This option takes an integer number as its argument.
+The value of \fInumber\fP is constrained to being:
+.in +4
+.nf
+.na
+in the range 0 through 1048575
+.fi
+.in -4
+.sp
+Allows you to override the 20bit IPv6 Flow Label field. Has no effect on IPv4
+packets.
+.TP
+.BR \-F " \fIstring\fP, " \--fixlen "=" \fIstring\fP
+Pad or truncate packet data to match header length.
+This option may appear up to 1 times.
+.sp
+Packets may be truncated during capture if the snaplen is smaller then the
+packet. This option allows you to modify the packet to pad the packet back
+out to the size stored in the IPv4/v6 header or rewrite the IP header total length
+to reflect the stored packet length.
+.sp 1
+\fBpad\fP
+Truncated packets will be padded out so that the packet length matches the
+IPv4 total length
+.sp 1
+\fBtrunc\fP
+Truncated packets will have their IPv4 total length field rewritten to match
+the actual packet length
+.sp 1
+\fBdel\fP
+Delete the packet
+.TP
+.BR \--skipl2broadcast
+Skip rewriting broadcast/multicast Layer 2 addresses.
+.sp
+By default, editing Layer 2 addresses will rewrite
+broadcast and multicast MAC addresses. Setting this flag
+will keep broadcast/multicast MAC addresses from being rewritten.
+.TP
+.BR \--dlt "=\fIstring\fP"
+Override output DLT encapsulation.
+This option may appear up to 1 times.
+.sp
+By default, no DLT (data link type) conversion will be made.
+To change the DLT type of the output pcap, select one of the following values:
+.sp 1
+\fBenet\fP
+Ethernet aka DLT_EN10MB
+.sp 1
+\fBhdlc\fP
+Cisco HDLC aka DLT_C_HDLC
+.sp 1
+\fBuser\fP
+User specified Layer 2 header and DLT type
+.br
+.TP
+.BR \--enet-dmac "=\fIstring\fP"
+Override destination ethernet MAC addresses.
+This option may appear up to 1 times.
+.sp
+Takes a pair of comma deliminated ethernet MAC addresses which
+will replace the destination MAC address of outbound packets.
+The first MAC address will be used for the server to client traffic
+and the optional second MAC address will be used for the client
+to server traffic.
+
+Example:
+.nf
+ \--enet-dmac=00:12:13:14:15:16,00:22:33:44:55:66
+.fi
+.TP
+.BR \--enet-smac "=\fIstring\fP"
+Override source ethernet MAC addresses.
+This option may appear up to 1 times.
+.sp
+Takes a pair of comma deliminated ethernet MAC addresses which
+will replace the source MAC address of outbound packets.
+The first MAC address will be used for the server to client traffic
+and the optional second MAC address will be used for the client
+to server traffic.
+
+Example:
+.nf
+ \--enet-smac=00:12:13:14:15:16,00:22:33:44:55:66
+.fi
+.TP
+.BR \--enet-vlan "=\fIstring\fP"
+Specify ethernet 802.1q VLAN tag mode.
+This option may appear up to 1 times.
+.sp
+Allows you to rewrite ethernet frames to add a 802.1q header to standard 802.3
+ethernet headers or remove the 802.1q VLAN tag information.
+.sp 1
+\fBadd\fP
+Rewrites the existing 802.3 ethernet header as an 802.1q VLAN header
+.sp 1
+\fBdel\fP
+Rewrites the existing 802.1q VLAN header as an 802.3 ethernet header
+.TP
+.BR \--enet-vlan-tag "=\fInumber\fP"
+Specify the new ethernet 802.1q VLAN tag value.
+This option may appear up to 1 times.
+This option must appear in combination with the following options:
+enet-vlan.
+This option takes an integer number as its argument.
+The value of \fInumber\fP is constrained to being:
+.in +4
+.nf
+.na
+in the range 0 through 4095
+.fi
+.in -4
+.sp
+
+.TP
+.BR \--enet-vlan-cfi "=\fInumber\fP"
+Specify the ethernet 802.1q VLAN CFI value.
+This option may appear up to 1 times.
+This option must appear in combination with the following options:
+enet-vlan.
+This option takes an integer number as its argument.
+The value of \fInumber\fP is constrained to being:
+.in +4
+.nf
+.na
+in the range 0 through 1
+.fi
+.in -4
+.sp
+
+.TP
+.BR \--enet-vlan-pri "=\fInumber\fP"
+Specify the ethernet 802.1q VLAN priority.
+This option may appear up to 1 times.
+This option must appear in combination with the following options:
+enet-vlan.
+This option takes an integer number as its argument.
+The value of \fInumber\fP is constrained to being:
+.in +4
+.nf
+.na
+in the range 0 through 7
+.fi
+.in -4
+.sp
+
+.TP
+.BR \--hdlc-control "=\fInumber\fP"
+Specify HDLC control value.
+This option may appear up to 1 times.
+This option takes an integer number as its argument.
+.sp
+The Cisco HDLC header has a 1 byte "control" field. Apparently this should
+always be 0, but if you can use any 1 byte value.
+.TP
+.BR \--hdlc-address "=\fInumber\fP"
+Specify HDLC address.
+This option may appear up to 1 times.
+This option takes an integer number as its argument.
+.sp
+The Cisco HDLC header has a 1 byte "address" field which has two valid
+values:
+.sp 1
+\fB0x0F\fP
+Unicast
+.sp 1
+\fB0xBF\fP
+Broadcast
+.br
+You can however specify any single byte value.
+.TP
+.BR \--user-dlt "=\fInumber\fP"
+Set output file DLT type.
+This option may appear up to 1 times.
+This option takes an integer number as its argument.
+.sp
+Set the DLT value of the output pcap file.
+.TP
+.BR \--user-dlink "=\fIstring\fP"
+Rewrite Data-Link layer with user specified data.
+This option may appear up to 2 times.
+.sp
+Provide a series of comma deliminated hex values which will be
+used to rewrite or create the Layer 2 header of the packets.
+The first instance of this argument will rewrite both server
+and client traffic, but if this argument is specified a second
+time, it will be used for the client traffic.
+
+Example:
+.nf
+ \--user-dlink=01,02,03,04,05,06,00,1A,2B,3C,4D,5E,6F,08,00
+.fi
+.TP
+.BR \-d " \fInumber\fP, " \--dbug "=" \fInumber\fP
+Enable debugging output.
+This option may appear up to 1 times.
+This option takes an integer number as its argument.
+The value of \fInumber\fP is constrained to being:
+.in +4
+.nf
+.na
+in the range 0 through 5
+.fi
+.in -4
+The default \fInumber\fP for this option is:
+.ti +4
+ 0
+.sp
+If configured with \--enable-debug, then you can specify a verbosity
+level for debugging output. Higher numbers increase verbosity.
+.TP
+.BR \-i " \fIstring\fP, " \--intf1 "=" \fIstring\fP
+Primary interface (listen in uni-directional mode).
+This option may appear up to 1 times.
+.sp
+
+.TP
+.BR \-I " \fIstring\fP, " \--intf2 "=" \fIstring\fP
+Secondary interface (send in uni-directional mode).
+This option may appear up to 1 times.
+.sp
+
+.TP
+.BR \-u ", " \--unidir
+Send and receive in only one direction.
+This option may appear up to 1 times.
+.sp
+Normally, tcpbridge will send and receive traffic in both directions
+(bi-directionally). However, if you choose this option, traffic will
+be sent uni-directionally.
+.TP
+.BR \--listnics
+List available network interfaces and exit.
+.sp
+
+.TP
+.BR \-L " \fInumber\fP, " \--limit "=" \fInumber\fP
+Limit the number of packets to send.
+This option may appear up to 1 times.
+This option takes an integer number as its argument.
+The value of \fInumber\fP is constrained to being:
+.in +4
+.nf
+.na
+greater than or equal to 1
+.fi
+.in -4
+The default \fInumber\fP for this option is:
+.ti +4
+ \-1
+.sp
+By default, tcpbridge will send packets forever or until Ctrl-C. Alternatively,
+you can specify a maximum number of packets to send.
+.TP
+.BR \-M " \fIstring\fP, " \--mac "=" \fIstring\fP
+MAC addresses of local NIC's.
+This option may appear up to 2 times.
+.sp
+tcpbridge does not support detecting the MAC addresses of the local network
+interfaces under Windows. Please specify both MAC addresses of the interfaces
+used in the bridge: \-M <intf1 mac> \-M <intf2 mac>
+.TP
+.BR \-x " \fIstring\fP, " \--include "=" \fIstring\fP
+Include only packets matching rule.
+This option may appear up to 1 times.
+This option must not appear in combination with any of the following options:
+exclude.
+.sp
+Override default of sending all packets stored in the capture file and only
+send packets which match the provided rule. Rules can be one of:
+
+.sp
+.IR "S:<CIDR1>,..."
+- Source IP must match specified CIDR(s)
+.sp
+.IR "D:<CIDR1>,..."
+- Destination IP must match specified CIDR(s)
+.sp
+.IR "B:<CIDR1>,..."
+- Both source and destination IP must match specified CIDR(s)
+.sp
+.IR "E:<CIDR1>,..."
+- Either IP must match specified CIDR(s)
+.sp
+.IR "P:<LIST>"
+- Must be one of the listed packets where the list
+corresponds to the packet number in the capture file.
+.nf
+ \--include=P:1-5,9,15,72-
+.fi
+would send packets 1 thru 5, the 9th and 15th packet, and packets 72 until the
+end of the file
+.sp
+.IR "F:'<bpf>'"
+- BPF filter. See the \fItcpdump(8)\fP man page for syntax.
+.br
+.TP
+.BR \-X " \fIstring\fP, " \--exclude "=" \fIstring\fP
+Exclude any packet matching this rule.
+This option may appear up to 1 times.
+This option must not appear in combination with any of the following options:
+include.
+.sp
+Override default of sending all packets stored in the capture file and only
+send packets which do not match the provided rule. Rules can be one of:
+
+.sp
+.IR "S:<CIDR1>,..."
+- Source IP must not match specified CIDR(s)
+.sp
+.IR "D:<CIDR1>,..."
+- Destination IP must not match specified CIDR(s)
+.sp
+.IR "B:<CIDR1>,..."
+- Both source and destination IP must not match specified CIDR(s)
+.sp
+.IR "E:<CIDR1>,..."
+- Either IP must not match specified CIDR(s)
+.sp
+.IR "P:<LIST>"
+- Must not be one of the listed packets where the list
+corresponds to the packet number in the capture file.
+.nf
+ \--exclude=P:1-5,9,15,72-
+.fi
+would drop packets 1 thru 5, the 9th and 15th packet, and packets 72 until the
+end of the file
+.br
+.TP
+.BR \-P ", " \--pid
+Print the PID of tcpbridge at startup.
+.sp
+
+.TP
+.BR \-v ", " \--verbose
+Print decoded packets via tcpdump to STDOUT.
+This option may appear up to 1 times.
+.sp
+
+.TP
+.BR \-A " \fIstring\fP, " \--decode "=" \fIstring\fP
+Arguments passed to tcpdump decoder.
+This option may appear up to 1 times.
+This option must appear in combination with the following options:
+verbose.
+.sp
+When enabling verbose mode (\fB-v\fP) you may also specify one or more
+additional arguments to pass to \fBtcpdump\fP to modify the way packets
+are decoded. By default, \-n and \-l are used. Be sure to
+quote the arguments like: \--verbose="-axxx" so that they are not interpreted
+by tcpbridge. The following arguments are vaild:
+ [ \-aAeNqRStuvxX ]
+ [ \-E spi@ipaddr algo:secret,... ]
+ [ \-s snaplen ]
+.TP
+.BR \-V ", " \--version
+Print version information.
+.sp
+
+.TP
+.BR \-h ", " \--less-help
+Display less usage information and exit.
+.sp
+
+.TP
+.BR \-H , " \--help"
+Display usage information and exit.
+.TP
+.BR \-! , " \--more-help"
+Extended usage information passed thru pager.
+.TP
+.BR \- " [\fIrcfile\fP]," " \--save-opts" "[=\fIrcfile\fP]"
+Save the option state to \fIrcfile\fP. The default is the \fIlast\fP
+configuration file listed in the \fBOPTION PRESETS\fP section, below.
+.TP
+.BR \- " \fIrcfile\fP," " \--load-opts" "=\fIrcfile\fP," " \--no-load-opts"
+Load options from \fIrcfile\fP.
+The \fIno-load-opts\fP form will disable the loading
+of earlier RC/INI files. \fI--no-load-opts\fP is handled early,
+out of order.
+.SH OPTION PRESETS
+Any option that is not marked as \fInot presettable\fP may be preset
+by loading values from configuration ("RC" or ".INI") file(s).
+The \fIhomerc\fP file is "\fI$$/\fP", unless that is a directory.
+In that case, the file "\fI.tcpbridgerc\fP"
+is searched for within that directory.
+.SH "SIGNALS"
+tcpbridge understands the following signals:
+.sp
+.IR "\fBSIGUSR1\fP"
+Suspend tcpbridge
+.sp
+.IR "\fBSIGCONT\fP"
+Restart tcpbridge
+.br
+
+.SH "SEE ALSO"
+tcpdump(1), tcpprep(1), tcprewrite(1), tcpreplay(1)
+
+.SH "BUGS"
+tcpbridge can only send packets as fast as your computer's interface,
+processor and system bus will allow.
+
+Connecting both interfaces to the same subnet may create a broadcast storm and
+take down the network. Improper use of the packet editing functions may have
+other undefined and possible negative consequences.
+
+Some operating systems by default do not allow for forging source MAC
+addresses. Please consult your operating system's documentation and the
+tcpreplay FAQ if you experiance this issue.
+.SH AUTHOR
+Copyright 2000-2010 Aaron Turner
+
+For support please use the [email protected] mailing list.
+
+The latest version of this software is always available from:
+http://tcpreplay.synfin.net/
+.PP
+Released under the Free BSD License.
+.PP
+This manual page was \fIAutoGen\fP-erated from the \fBtcpbridge\fP
+option definitions.
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 16:45:02 +0000