Semi-OT: Re-inject tcpdump captured traffic

[Jordi Espasa Clofent <jordi.espasa () opengea org>]

I all,

I'm building a transparent FW for a production environment; to reproduce 
the same conidtions in testing environment as a real production 
environment I have the next idea:

* capture a big chunks of real incoming traffic with tcpdump or snort.
* traslate these amount of real captured traffic in the test environment 
and re-inject it in network to simulate/reproduce the real conditions

I've searched and tried about it and at present moment I've:

* capture the traffic with -w option of tcpdump
* reinject the dumped traffic whith iperf or hping

The main question is I'm not sure about that iperf or hping re-inject 
exactly the same code which tcpdump has captured. I'm not sure if these 
tools treat the dumped traffic as a normal file or, effectively, they 
read the dumped code and re-inject exactly the same network captured 
packets without any changes.

¿Can I do it with Snort?

-- 
Thanks
Jordi Espasa Clofent

-------------------------------------------------------------------------
SF.Net email is sponsored by: The Future of Linux Business White Paper
from Novell.  From the desktop to the data center, Linux is going
mainstream.  Let it simplify your IT future.
http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users