Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
drool(1)		    General Commands Manual		      drool(1)

NAME
       drool - DNS Replay Tool

SYNOPSIS
       drool replay [ options ]	file host port

DESCRIPTION
       drool  can replay DNS traffic from packet capture (PCAP)	files and send
       it to a specified server, with options such as to manipulate the	timing
       between packets,	as well	as loop	packets	infinitely or for a set	number
       of iterations.  This tool's goal	is to be able to produce a high	amount
       of UDP packets per second and TCP sessions per second on	 common	 hard-
       ware.

       The purpose can be to simulate Distributed Denial of Service (DDoS) at-
       tacks  on  the  DNS  and	measure	normal DNS querying.  For example, the
       tool could enable you to	take a snapshot	of a DDoS and be able  to  re-
       play  it	 later to test if new code or hardening	techniques are useful,
       safe & effective.  Another example is to	be able	 to  replay  a	packet
       stream  for  a  bug that	is sequence- and/or timing-related in order to
       validate	the efficacy of	subsequent bug fixes.

OPTIONS
       These options are specific for the replay  command,  see	 drool(1)  for
       generic options.

       -D     Show DNS queries and responses as	processing goes.

       -n --no-responses
	      Do not wait for responses	before sending next request.

       --no-tcp
	      Do not use TCP.

       --no-udp
	      Do not use UDP.

       -T --threads
	      Use threads.

       --tcp-threads N
	      Set the number of	TCP threads to use, default 2.

       --udp-threads N
	      Set the number of	UDP threads to use, default 4.

       --timeout N.N
	      Set  timeout for waiting on responses [seconds.nanoseconds], de-
	      fault 10.0.

       -t --timing mode[=option]
	      Set the timing mode, see TIMING MODES.

EXAMPLES
       drool replay --timing multiply=0.5 --no-tcp file.pcap 127.0.0.1 53

	      Send all DNS queries twice as fast as found in the PCAP file  to
	      localhost	using UDP.

       drool replay --timing keep --no-udp file.pcap 127.0.0.1 53

	      Send  all	 DNS  queries  over  TCP  to  localhost	 as  they were
	      recorded.

       drool replay --no-tcp --no-responses --threads --udp-threads 3
       file.pcap 127.0.0.1 53

	      Take all DNS queries found in the	PCAP file  and	send  them  as
	      fast as possible over UDP	to localhost by	ignoring both timings,
	      replies  and  starting  3	 threads that will simultaneously send
	      queries.

TIMING MODES
       ignore Set the timing mode to ignore all	timings	and try	to send	 traf-
	      fic as fast as possible (default).

       keep   Set the timing mode to try and keep up with interval between the
	      traffic received.

       add=<nanoseconds>
	      Set the timing mode to add the given nanoseconds to the interval
	      between the traffic received.

       reduce=<nanoseconds>
	      Set  the	timing mode to reduce the interval between the traffic
	      received with the	given nanoseconds.

       multiply=<float>
	      Set the timing mode to multiply the interval between the traffic
	      received,	this can be thought as percent with 1.00 being 100% of
	      the interval, 2.00 being 200%, 0.10 being	10% and	so on.

       fixed=<nanoseconds>
	      Set the timing between packets to	the given nanoseconds.

SEE ALSO
       drool(1)

AUTHORS
       Jerry Lundstrm, DNS-OARC

       Maintained by DNS-OARC

	      https://www.dns-oarc.net/

BUGS
       For issues and feature requests please use:

	      https://github.com/DNS-OARC/drool/issues

       For question and	help please use:

	      admin@dns-oarc.net

DNS Replay Tool			     2.0.0			      drool(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=drool-replay&sektion=1&manpath=FreeBSD+Ports+15.0>

home | help