0

I'm curious if anybody out there familiar with virtualization know of any options of recording an emulated machine (QEMU, KVM, VMware) so that when I boot up a machine, I record myself using the terminal to send an email using the postfix package (linux). I've tried the following options with no success:

TcpReplay & flowreplay: Can't get past the ACK & SYN handshakes needed when communicating to the mail server to successfully replay.

PANDA.re: Unfortunately this software does not virtualize a network card, and thus cannot replay anything that communicates outside the machine

rr project: only records non-deterministic processes, and would not be able to replay the test I described above.

I've heard of software such as ReVirt and ReTrace, but I do not believe those softwares are available to the average user.

a_polo
  • 1

1 Answers1

0

To replay a pcap file, all you need to do is search replay pcap.

This would find you Tcpreplay and GopherCap and others.

Wireshark itself is quite skeptical about replay, in the post Effective Way to Replay Pcap Files?

TCP is problematic to replay/inject due to the hosts maintaining connection state, as you have found.

Another solution is to avoid replaying TCP all together and develop a (maybe) simple client or server utility in the programming language of your choice to play the other side of your test.

Try out the utilities that you find and see how well they do the job.

harrymc
  • 498,455