Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
drool(1)		    General Commands Manual		      drool(1)

NAME
       drool - DNS Replay Tool

SYNOPSIS
       drool  [	-c [ type : ] config ] [ -l facility [ : level ] ] [ -L	facil-
       ity [ : level ] ] [ -f filter ] [ -i interface ]	[ -r file.pcap ] [  -R
       mode ] [	-nvhV ]

DESCRIPTION
       drool  can replay DNS traffic from packet capture (PCAP)	files and send
       it to a specified server, with options such as to manipulate the	timing
       between packets,	as well	as loop	packets	infinitely or for a set	number
       of iterations. This tool's goal is to be	able to	produce	a high	amount
       of  UDP	packets	per second and TCP sessions per	second on common hard-
       ware.

       The purpose can be to simulate Distributed Denial of Service (DDoS) at-
       tacks on	the DNS	and measure normal DNS querying. For example, the tool
       could enable you	to take	a snapshot of a	DDoS and be able to replay  it
       later  to  test	if new code or hardening techniques are	useful,	safe &
       effective.  Another example is to be able to replay a packet stream for
       a  bug that is sequence-	and/or timing-related in order to validate the
       efficacy	of subsequent bug fixes.

OPTIONS
       -c [type:]config
	      Specify the configuration	to use,	if no type is given then  con-
	      fig expects to be	a file.	Valid types are	file and text.	Can be
	      given multiple times and will be processed in the	 given	order.
	      See drool.conf(5)	for configuration syntax.

       -l facility[:level]
	      Enable  logging for facility, optional log level can be given to
	      enable just that.	Can be given multiple times and	will  be  pro-
	      cessed in	the given order. See LOGGING for more information.

       -L facility[:level]
	      Disable logging for facility, optional log level can be given to
	      disable just that. Can be	given multiple times and will be  pro-
	      cessed in	the given order. See LOGGING for more information.

       -f filter
	      Set the Berkeley Packet Filter to	use.

       -i interface
	      Capture packets from interface, can be given multiple times.

       -r file.pcap
	      Read packets from	PCAP file, can be given	multiple times.

       -R mode
	      Specify  the  mode  for  reading	PCAP files, see	READ MODES for
	      available	modes.

       -n     Dry run mode, do not allocate any	outbound sockets  or  generate
	      any network traffic.

       -v     Enable  verbose,	a  simple  way to enable logging. Can be given
	      multiple times to	increase verbosity level.

       -h     Print help and exit.

       -V     Print version and	exit.

LOGGING
       Logging is enabled and disabled in the order specified on  the  command
       line  which  allows  for	 enabling of all logging and disabling of spe-
       cific, for example:

	 drool -l all -L network:debug

       The following logging facilities	exists:

       core   Log messages about initializing, configuration and start up.

       network
	      Log messages about network related tasks.

       all    Log messages for all facilities, this is only used to  configure
	      logging.

       The following logging level exists for all facilities:

       debug  Log  messages  about  the	 very inner workings, use with caution
	      since it generates a lot of messages.

       info   Log messages of the informational	kind that may not be interest-
	      ing in normal operation.

       notice Log  messages  of	the informational kind that may	be interesting
	      in normal	operation.

       warning
	      Log message of the warning kind that indicates possible  disrup-
	      tion in operation.

       error  Log  messages  of	the error kind that will most likely result in
	      termination of operation.

       critical
	      Log messages of the critical kind	that indicates termination  of
	      operation.

       all    Log messages for all levels, this	is only	used to	configure log-
	      ging.

READ MODES
       loop   Loop the given file(s) until interrupted.

       iter:number
	      Iterate the given	file(s)	for number of times.

EXITING
       drool will exit once processing of PCAP files is	complete or if	inter-
       rupted  (CTRL-C	or  SIGINT). If	any interface is being processed or if
       loop read mode is being used, then drool	must be	interrupted  in	 order
       to exit.

       drool  can  be  forcefully  exited  by  interrupting (CTRL-C or SIGINT)
       twice.

EXIT VALUES
       0 - no error
       1 - generic error
       2 - unknown or invalid option
       3 - conf	file error
       4 - signal setup	or handling error
       5 - signal received
       6 - pcap-thread error
       7 - out of memory

SEE ALSO
       drool.conf(5)

AUTHORS
       Jerry LundstrA<paragraph>m, DNS-OARC

       Maintained by DNS-OARC

	      https://www.dns-oarc.net/

BUGS
       For issues and feature requests please use:

	      https://github.com/DNS-OARC/drool/issues

       For question and	help please use:

	      admin@dns-oarc.net

DNS Replay Tool			 1.0.0-beta.3			      drool(1)

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | LOGGING | READ MODES | EXITING | EXIT VALUES | SEE ALSO | AUTHORS | BUGS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=drool&sektion=1&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help