packETH发包工具使用教程

版权声明：本文为博主原创文章，未经博主允许不得转载。 https://blog.csdn.net/u012247418/article/details/88366866

测试环境：

在vmware上运行两台Ubuntu虚拟机。

Ubuntu1：Ubuntu14.04，安装packETH

Ubuntu2：Ubuntu16.04，gnome版

---

Feature：

•you can create and send any ethernet packet. Supported protocols:

•ethernet II, ethernet 802.3, 802.1q, QinQ, user defined ethernet frame

•ARP, IPv4, IPv6, user defined network layer payload

•UDP, TCP, ICMP, ICMPv6, IGMP, user defined transport layer payload

•RTP (payload with options to send sin wave of any frequency for G.711)

•JUMBO frames (if network driver supports it)

•sending sequence of packets

•delay between packets, number of packets to send

•sending with max speed, approaching the theoretical boundary

•change parameters while sending (change IP & mac address, UDP payload, 2 user defined bytes, etc.)

•saving configuration to a file and load from it - pcap format supported

官网：http://packeth.sourceforge.net/packeth/Home.html

注：

• 支持windows，packETH.exe

• 支持CLI，但是feature不完善，本文描述GUI

• 支持载入pcap format文件

1. 安装packETH

在Ubuntu1执行：sudo apt-get install packeth

2. 使用packETH

2.1 IP地址和MAC地址

Ubuntu1：

baoli@ubuntu:~$ ifconfig

eth0      Link encap:Ethernet  HWaddr 00:0c:29:ed:54:0c  

          inet addr:192.168.0.108  Bcast:192.168.0.255  Mask:255.255.255.0

          inet6 addr: fe80::20c:29ff:feed:540c/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:15577 errors:0 dropped:0 overruns:0 frame:0

          TX packets:12129 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:1946776 (1.9 MB)  TX bytes:21812885 (21.8 MB)

Ubuntu2：

baoli@ubuntu:~$ ifconfig

ens33     Link encap:Ethernet  HWaddr 00:0c:29:66:c6:ed  

          inet addr:192.168.0.106  Bcast:192.168.0.255  Mask:255.255.255.0

          inet6 addr: fe80::6e4d:8ec3:9dfe:5e89/64 Scope:Link

          inet6 addr: fe80::215d:ec74:acce:2ef1/64 Scope:Link

          inet6 addr: fe80::8c01:a61f:27a4:d469/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:111370 errors:0 dropped:0 overruns:0 frame:0

          TX packets:6327 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:57839751 (57.8 MB)  TX bytes:687101 (687.1 KB)

2.2 构建ping包测试

ubuntu1 ping ubuntu2

Ubuntu1执行：sudo packeth，弹出GUI界面。

1）在builder中构建ping包，填写以下数据：

• L2 Link layer，填写源和目的MAC地址，选择IPv4

• L3 IPv4 data，填写源和目的IP地址，选择ICMP协议

• L4 ICMP data，Type选择Echo request

• 其它保持默认即可

2）ping包构建完后点击interface选择eth0，最后点击send。

3）在点击send前可以执行tcpdump抓包工具。

新建终端窗口，执行：sudo tcpdump -i eth0 icmp

baoli@ubuntu:~$ sudo tcpdump -i eth0 icmp

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes

14:26:54.774623 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

14:26:54.775197 IP 192.168.0.106 > 192.168.0.108: ICMP echo reply, id 1, seq 1, length 8

14:26:54.978150 IP 192.168.0.108 > local0: ICMP 192.168.0.108 udp port 60529 unreachable, length 107

14:26:59.412684 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

14:26:59.413310 IP 192.168.0.106 > 192.168.0.108: ICMP echo reply, id 1, seq 1, length 8

注：可以点击save将设置保存为文件，load载入设置。

2.3 Gen-s

可以自定义发包数量、包间隔等，在packet contents中可以看到builder中构建的数据包的二进制内容。

1）设置：发送10个ping包，包间隔10ms（10000us）

2）点击send，在tcpdump抓包，可以观察到一瞬间便发出了10个ping包！！

baoli@ubuntu:~$ sudo tcpdump -i eth0 icmp

[sudo] password for baoli:

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes

14:57:35.397134 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

14:57:35.397864 IP 192.168.0.106 > 192.168.0.108: ICMP echo reply, id 1, seq 1, length 8

14:57:35.403706 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

14:57:35.406920 IP 192.168.0.106 > 192.168.0.108: ICMP echo reply, id 1, seq 1, length 8

14:57:35.413699 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

14:57:35.414335 IP 192.168.0.106 > 192.168.0.108: ICMP echo reply, id 1, seq 1, length 8

14:57:35.423931 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

14:57:35.424916 IP 192.168.0.106 > 192.168.0.108: ICMP echo reply, id 1, seq 1, length 8

14:57:35.433708 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

14:57:35.434466 IP 192.168.0.106 > 192.168.0.108: ICMP echo reply, id 1, seq 1, length 8

14:57:35.443770 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

14:57:35.445575 IP 192.168.0.106 > 192.168.0.108: ICMP echo reply, id 1, seq 1, length 8

14:57:35.453961 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

14:57:35.456399 IP 192.168.0.106 > 192.168.0.108: ICMP echo reply, id 1, seq 1, length 8

14:57:35.463696 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

14:57:35.464473 IP 192.168.0.106 > 192.168.0.108: ICMP echo reply, id 1, seq 1, length 8

14:57:35.473946 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

14:57:35.474884 IP 192.168.0.106 > 192.168.0.108: ICMP echo reply, id 1, seq 1, length 8

14:57:35.483701 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

14:57:35.485729 IP 192.168.0.106 > 192.168.0.108: ICMP echo reply, id 1, seq 1, length 8

对于测试性能来说是个很有用的工具。

2.4 GEN-b

用来构建发包序列、发包速率等。

1）先在builder中构建好包，然后save，比如保存为packet_ping

2）点击select选择packet_ping

3）设置发送速率，这里设为10Mbit/s

4）点击calculate，计算Delay betwen、Delay to Next

5）最后点击send

6）tcpdump抓包，可以看到包间隔非常短。

15:05:21.589072 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

15:05:21.589143 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

15:05:21.589344 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

15:05:21.589414 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

15:05:21.589560 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

15:05:21.589630 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

15:05:21.589775 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

15:05:21.589845 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

15:05:21.590102 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

15:05:21.590177 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

15:05:21.590307 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

15:05:21.590497 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

15:05:21.590630 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

15:05:21.590703 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

15:05:21.590827 IP 192.168.0.108 > 192.168.0.106: ICMP echo request, id 1, seq 1, length 8

2.5 构建UDP包

1）构建UDP包，填写以下数据：

• L2 Link layer，填写源和目的MAC地址，选择IPv4

• L3 IPv4 data，填写源和目的IP地址，选择UDP协议

• L4 UDP data，填写source port和destination port，勾选“udp payload 0x”

• 填写payload data，要以十六进制格式填写

2）最后点击send

3）执行：sudo tcpdump -i eth0 udp 抓包

15:29:19.288359 IP 192.168.0.108.10001 > 192.168.0.106.10002: UDP, length 10

15:29:19.467634 IP 192.168.0.108.10001 > 192.168.0.106.10002: UDP, length 10

15:29:19.624197 IP 192.168.0.108.10001 > 192.168.0.106.10002: UDP, length 10