randpkt(1) — Linux manual page

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | DIAGNOSTIC OPTIONS | EXAMPLES | SEE ALSO

RANDPKT(1)                                                     RANDPKT(1)

NAME         top

       randpkt - Random packet generator

SYNOPSIS         top

       randpkt [ -b <maxbytes> ] [ -c <count> ] [ -F <file format> ] [ -r
       ] [ -t <type> ] <filename>

       randpkt -h|--help

       randpkt -v|--version

DESCRIPTION         top

       randpkt is a small utility that creates a trace file full of
       random packets.

       By creating many randomized packets of a certain type, you can
       test packet sniffers to see how well they handle malformed
       packets. The sniffer can never trust the data that it sees in the
       packet because you can always sniff a very bad packet that
       conforms to no standard. randpkt produces very bad packets.

       When creating packets of a certain type, randpkt uses a sample
       packet that is stored internally to randpkt. It uses this as the
       starting point for your random packets, and then adds extra random
       bytes to the end of this sample packet.

       For example, if you choose to create random ARP packets, randpkt
       will create a packet which contains a predetermined Ethernet II
       header, with the Type field set to ARP. After the Ethernet II
       header, it will put a random number of bytes with random values.

OPTIONS         top

       -b <maxbytes>

           Default 5000.

           Defines the maximum number of bytes added to the sample
           packet. If you choose a maxbytes value that is less than the
           size of the sample packet, then your packets would contain
           only the sample packet... not much variance there! randpkt
           exits on that condition.

       -c <count>

           Default 1000.

           Defines the number of packets to generate.

       -F <file format>

           Default pcapng.

           Sets the file format of the output capture file. randpkt can
           write the file in several formats; randpkt -F provides a list
           of the available output formats. Note that not all output
           formats support all packet types.

       -h|--help
           Print the version number and options and exit.

       -r

           The packet type is determined randomly for each packet. This
           requires an output format that can support different
           encapsulations per packet, like pcapng.

       -t <type>

           Default Ethernet II frame.

           Defines the type of packet to generate:

               arp             Address Resolution Protocol
               bgp             Border Gateway Protocol
               bvlc            BACnet Virtual Link Control
               dns             Domain Name Service
               eth             Ethernet
               fddi            Fiber Distributed Data Interface
               giop            General Inter-ORB Protocol
               icmp            Internet Control Message Protocol
               ip              Internet Protocol
               ipv6            Internet Protocol Version 6
               llc             Logical Link Control
               m2m             WiMAX M2M Encapsulation Protocol
               megaco          MEGACO
               nbns            NetBIOS-over-TCP Name Service
               ncp2222         NetWare Core Protocol
               sctp            Stream Control Transmission Protocol
               syslog          Syslog message
               tds             TDS NetLib
               tcp             Transmission Control Protocol
               tr              Token-Ring
               udp             User Datagram Protocol
               usb             Universal Serial Bus
               usb-linux       Universal Serial Bus with Linux specific header

       -v|--version
           Print the full version information and exit.

DIAGNOSTIC OPTIONS         top

       --log-level <level>
           Set the active log level. Supported levels in lowest to
           highest order are "noisy", "debug", "info", "message",
           "warning", "critical", and "error". Messages at each level and
           higher will be printed, for example "warning" prints
           "warning", "critical", and "error" messages and "noisy" prints
           all messages. Levels are case insensitive.

       --log-fatal <level>
           Abort the program if any messages are logged at the specified
           level or higher. For example, "warning" aborts on any
           "warning", "critical", or "error" messages.

       --log-domains <list>
           Only print messages for the specified log domains, e.g.
           "GUI,Epan,sshdump". List of domains must be comma-separated.
           Can be negated with "!" as the first character (inverts the
           match).

       --log-debug <list>
           Force the specified domains to log at the "debug" level. List
           of domains must be comma-separated. Can be negated with "!" as
           the first character (inverts the match).

       --log-noisy <list>
           Force the specified domains to log at the "noisy" level. List
           of domains must be comma-separated. Can be negated with "!" as
           the first character (inverts the match).

       --log-fatal-domains <list>
           Abort the program if any messages are logged for the specified
           log domains. List of domains must be comma-separated.

       --log-file <path>
           Write log messages and stderr output to the specified file.

EXAMPLES         top

       To see a description of the randpkt options use:

           randpkt

       To generate a capture file with 1000 DNS packets use:

           randpkt -b 500 -t dns rand_dns.pcapng

       To generate a small capture file with just a single LLC frame use:

           randpkt -b 100 -c 1 -t llc single_llc.pcapng

SEE ALSO         top

       pcap(3), editcap(1).SH COLOPHON This page is part of the wireshark
       (Interactively dump and analyze network traffic) project.
       Information about the project can be found at 
       ⟨https://www.wireshark.org/⟩. If you have a bug report for this
       manual page, see
       ⟨https://gitlab.com/wireshark/wireshark/-/issues⟩. This page was
       obtained from the project's upstream Git repository
       ⟨https://gitlab.com/wireshark/wireshark.git⟩ on 2025-08-11. (At
       that time, the date of the most recent commit that was found in
       the repository was 2025-08-11.) If you discover any rendering
       problems in this HTML version of the page, or you believe there is
       a better or more up-to-date source for the page, or you have
       corrections or improvements to the information in this COLOPHON
       (which is not part of the original manual page), send a mail to
       [email protected]

                                2025-03-07                     RANDPKT(1)

Pages that refer to this page: randpktdump(1)