[Snort-users] Semi-OT: Re-inject tcpdump captured traffic

I all,

I'm building a transparent FW for a production environment; to reproduce =

the same conidtions in testing environment as a real production =

environment I have the next idea:

* capture a big chunks of real incoming traffic with tcpdump or snort.
* traslate these amount of real captured traffic in the test environment =

and re-inject it in network to simulate/reproduce the real conditions

I've searched and tried about it and at present moment I've:

* capture the traffic with -w option of tcpdump
* reinject the dumped traffic whith iperf or hping

The main question is I'm not sure about that iperf or hping re-inject =

exactly the same code which tcpdump has captured. I'm not sure if these =

tools treat the dumped traffic as a normal file or, effectively, they =

read the dumped code and re-inject exactly the same network captured =

packets without any changes.

=BFCan I do it with Snort?

-- =

Thanks
Jordi Espasa Clofent

-------------------------------------------------------------------------
SF.Net email is sponsored by: The Future of Linux Business White Paper
from Novell. From the desktop to the data center, Linux is going
mainstream. Let it simplify your IT future.
http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/...fo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.p...=3Dsnort-users