I'm troubleshooting a smtp issue involving character-set encoding and it's extremely difficult to involve the end user. I have a packet capture of an incoming smtp session that results in problematic behavior but if I try to copy/paste the mime source from wireshark, the issue doesn't occur. I'm reasonably certain that the difference in my testing is that I'm copying the strings in the packet capture from the Wireshark "follow tcp stream" output and that's not necessarily the bit-for-bit accurate copy of the data as it arrived on the wire. So my question is this: how can I get an EXACT copy of the bit-for-bit SMTP data and send it again for reproduction purposes? Is there a way to "replay" a transmission? asked 01 Jun '16, 17:14  thecgmguy |
2 Answers:
You might find something in the Wiki that suits your needs. answered 01 Jun '16, 22:19  Jaap ♦ |
Yes, there is, look for "tcpreplay". Please note that it is important that you have captured the session establishment phase (SYN, SYN+ACK, ACK) - not for the tool to work but for your SNMP machine to accept the replayed packets. answered 01 Jun '16, 22:23  sindy |
