We have added some options to the Tomahawk network testing tool which allows for testing of routed networks.

Consider the following topology ( A1 and A2 are network interfaces on a box running tomahawk ):

[A1] +----------+
                |
                | ip  = 192.168.1.254
                | mac = aa:aa:aa:aa:aa:aa
                |
             [ DUT ]
                |
                | mac = bb:bb:bb:bb:bb:bb
                | ip  = 10.0.0.1
                |
[A2] +----------+

When replaying an ip conversation, packets coming from A1 destined for A2 must have the destination IP address be within the subnet that contains A2 ( 10.0.0.0 ), and a destination MAC address of the router’s interface which is on the same network as A1 (aa:aa:aa:aa:aa:aa).

We have added 4 options to tomahawk to enable testing in this scenario. In the descriptions below, “client” and “server” refer to the interfaces specified by the -I and -J tomahawk options respectively ( and the examples assume “-I A1 -J A2″ ).

-x — Client side mac address of router ( aa:aa:aa:aa:aa:aa )
-y — Server side mac address of router ( bb:bb:bb:bb:bb:bb )
-X — Client side subnet ( 192.168.0.0 )
-Y — Server side subnet ( 10.0.0.0 )

The -Y and -X options only use the two most significant bytes when re-writing the packet ip addresses.

USAGE:

Apply patch and build:

download tomahawk
download tomahawk.patch
tar -xvf tomahawk1.1.tar
cd tomahawk1.1
patch -p1 < ../tomahawk_patch.txt
Then build tomahawk as normal.

Example:

tomahawk -i eth0 -j eth1 -x aa:aa:aa:aa:aa:aa -y bb:bb:bb:bb:bb:bb -X 10.0.0.0 -Y 192.168.0.0 -l 1 -f test.pcap