Simple generation at channel level
generate_tcp_packet

generate_udp_packet

generate_sequence_packets
 Generate the sequence of different udp and tcp packets.
   run program as
      anettest -d eth0 -f this_file.fws
		

synflood
   Sends multiple packets changing the address of source
   program may be started as
    anettest -d eth0 -f this_file.fws

generate_ipx_packet

tcp_with_vlan




Working with tcp sessions

http_server
      Simple HTTP server on localhost.
      run as:
         anettest -f this_file.fws

http_client
	Http client.

tcp_socket_client
	Tcp server that connects to server, sends data and displays answer. 
	There is a sample of corresponding server.

tcp_socket_server
	Tcp server that accepts new connections, waits for predefined request and sends response. 
	There is a sample of corresponding client.	

tcp_socket_server2
	Tcp server that accepts new connections, waits for predefined request and sends response. 
	There is a sample of corresponding client.	

tcp_gateway
	Transfers data between TCP client and server. 
	Client and server can be found in other samples or you can specify real not local addresses.

mail_reader
   Reads mail over POP3 protocol.
   run like this:
      anettest -T 999999 -d client:pop3.mail.ru:110 -f this_file.fws

send_http_message
 Connecting to www.mail.ru over TCP, then sends the HTTP request
 run program as
     anettest -T 5000 -d client:www.mail.ru:80 -f send_http_message.fws
 under UNIX you should not delete CR (^M) symboles from this file or you should add them (\r)
 you may watch the result with some sniffer




Udp

udp_socket_client
	Udp client using system socket, sends to 2 ports. There is a sample of corresponding server.

udp_socket_server
	Udp server using system socket, binds to 2 ports and accepts data for both displaying it. 
	There is a sample of corresponding client.




Tracing, processing, displaying

http_parser
   Traces requests to HTTP server and parses them.
   Outputs  for urls which ends up by html, htm, php or empty extension.
   Can distinguish parameters in url after ?.
   Runs as
      anettest -d eth0#0 -f this_file.fws

simple_sniffer
 Traces tcp and udp packets and displays info about them.
 run program as
     anettest -d eth0#0 -f this_file.fws

simple_sniffer1
 Traces tcp and udp packets and displays info about them.
 run program as
     anettest -d eth0 -f this_file.fws

scan1
 Traces TCP packets with destination port = 80 and displays destination IP address for each packet.
 Doesn't print packets with destination IP which has been already printed.
 run program as
     anettest -d eth0 -f this_file.fws

waiting_packets
   Waits for defined packets for a interval of time. Displays the result: accepted or not accepted (droped).
   run like this:
      anettest -d eth0 -f this_file.fws
 

scan_with_syscalls
   Traces TCP packets and for each destination IP address performs system calls, 
	running the browser, writing the address to file (for Windows).
   run like this:
      anettest -d eth0#0 -f this_file.fws




Tracing, processing, displaying (scanner mode)

scan
 Traces packets to and from, displays reports with number of packets, bytes, rate per second.
 run program as
     anettest -d eth0 -rf scan.fws

tracing_packets
   Periodically displays reports about each packet: is recieved and how mush.
   run program as
     anettest -vr -d eth0 -f tracing_packets.fws

mask
  Traces two kinds of packet: 1) any http packet, but not to mail.ru; 2) any http packet.
  run like this:
   anettest -d eth0 -r -f this_file.fws




Read/write trace(pcap) files

work_with_traces
   Changes content of trace file
   Runs as: anettest -d eth0 -f this_file.fws

work_with_traces1
   Watches trace file with smtp packets. Searches for packets with MAIL FROM command.
   Adds found email address to the list of variables.
   After watch, displays the filled list of variables.

scan_trace
   Watches trace file with smtp packets. Searches for packets with MAIL FROM command.
   Adds found email address to the list of variables.
   After watch, displays the filled list of variables.
   Run as:
      anettest -d eth0 -f this_file.fws




Send/receive at channel level

my_gateway
   Transmit packets from one interface to another (and will change their content if you uncomment some lines).
   Parameter 'sourceIP' may be defined prior to processing of this file if you want to set filter on source IP.
   Run like this:
      anettest -d eth0#0 -d eth1#1 -f this_file.fws
	  anettest -d eth0#0 -d eth1#1 define sourceIP 1.1.1.1 this_file.fws

ask_mac
   Sends arp request and waits reply, prints the answer: MAC address or timeout
   run program as
     anettest -d eth0 -f this_file.fws

arp_spoofing
   Arp spoofing. Waits for the defined arp request and sends reply to it.
   run program as
     anettest -d eth0 -f this_file.fws

arp_spoofing_all
   Arp spoofing. Waits for any arp request and sends reply to it.
   run program as
     anettest -d eth0 -f this_file.fws

arp_spoofing_all1
   Continuously waits for any arp requests and sends replies to them.
   run program as
     anettest -d eth0 -f this_file.fws

arp_request
   run program as
     anettest -d eth0 -f this_file.fws




Core script syntax

variables
   Using variables examples
   rus as:
      anettest -d eth0 -f this_file.fws

arrays
   Show the example how to use arrays of variables or fields
   Runs as: anettest -d eth0 -f this_file.fws

common_tests
  Common test of program Anettest

hexdump

conditions




Simple firewall test

compare_mode
 
   Sample file for progam AnetTest.
   Run program as
       anettest -c trace1.pcap -c trace2.pcap -c trace3.pcap -f compare_mode.fws
   Program will search all the packets defined below in trace-files.
   and will output info about packets for which search results don't correspond packet's requests (ACCEPT or DROP)

compare_mode1
Result:
Packet on line 18 (compare_mode1.fws) : droped (dev 2)
Packet on line 23 (compare_mode1.fws) : droped (dev 1)
Packet on line 34 (compare_mode1.fws) : droped (dev 1)

fasttest
   Fasttest regime is used for implementing fast test of packet filter.
   Packets in sequence must be different. They will be registered at first, then generated at one moment.
   While generation sniffers will work and registrate recieved packets.
   Generation is performed from the first interface specified by -d option (main interface).
   Requests after SEND command correspond to next opened interfaces (EXCEPT MAIN INTERFACE).
   Using extended regime is also allowed.




Imitation of network activity by trace file

convtest1
   Imitates SMTP session between client (on interface eth0) and server (on eth1).
   Sets request that all the packets must be successfully passed through (eth0 -> eth1 and eth1 -> eth0).
   Run as:
      anettest -d eth0#0 -d eth1#1 -f this_file.fws

convtest2
   Imitates SMTP session between client and server.
   NAT must be used between client and server. See file "natConfigSession.fws".
   Sets request that all the packets must be successfully passed through.
   Run as:
      anettest -d eth0#0 -d eth1#1 -d eth2#2 -f this_file.fws

sessionWithNat
   Runs conversation test for smtp client and server with NAT between them.
   Run as:
      anettest -d eth0#0 -d eth1#1 -d eth2#2 -f this_file.fws
   0 - public zone
   1 - private zone
   2 - DMZ
   configuration of NAT is in "natDefines" header
   Assumed arp table of SSPT-2:
      Interface          IP-address          MAC-address
      eth0               192.168.0.254     00:00:00:00:00:03
      eth0               192.168.0.2       00:00:00:00:00:04
      eth2               192.168.0.5       00:00:00:10:00:00

conversation_test
   Simple conversation test. The work of smtp client will be imitated using info from trace file.
   rus as:
      anettest -d eth0#0 -d eth1#1 -f this_file.fws