CAS BACNET WIRESHARK STORM TOOL
Replay BACnet client messages, directing them to a new IP so you can replicate a site problem where the server could not handle an incoming request properly. (That is one use case example). Now you can move your BACnet logs offsite and replay them instead of inspecting them manually looking for errors.
The CAS BACnet Wireshark Storm application is a tool to help test BACnet server applications with problematic BACnet UDP messages. The tool loads a Wireshark PCap log file and resends the UDP messages to a destination IP address. The BACnet server at the destination IP address will then process the incoming UDP message and attempt to respond to them as if they were coming from an actual BACnet client.
USE CASES
- Testing specific problematic BACnet messages
- Testing denial of service (DOS), flood of BACnet messages
- Testing large sequences of messages from remote sites
- BACnet Pre-BTL testing
- Regression and unit testing
EXECUTING THE TOOL
Adding Wireshark Logs:
The BACnet Wireshark Storm will send the UDP messages found in PCap Wireshark logs contained in the same directory as the application (CASBACnetStorm.exe). In the case that multiple logs have been added to the same directory as the executable, the BACnet Wireshark Storm will send the UDP messages from each log in succession.
Command Line Syntax:
CASBACnetStorm [destination IP address] [packet delay] [source port]
Command Line Arguments:
- Destination IP Address (Optional) - The IP address that the stream of UDP messages will be sent to. Default: 192.168.1.113
- Packet Delay (Optional) - The amount of time in milliseconds between sending each packet. A value of zero will send the packets as fast as possible. This can be useful for DOS testing. Default: 10 ms
- Source Port (Optional) - The source UDP port that the messages will be sent from. Default: 47808
Command Line Examples:
The following example will rebroadcast all the UDP packets found in the Wireshark logs (located in the same directory as CASBACnetStorm.exe) to 192.168.1.113 as fast as possible:
CASBACnetStorm 192.168.1.113 0
The following example will rebroadcast all the UDP packets found in the Wireshark logs (located in the same directory as CASBACnetStorm.exe) to 192.168.1.113 with a 25 millisecond wait time between sending each packet:
CASBACnetStorm 192.168.1.113 25
Important: CAS BACnet Wireshark Storm requires Wireshark to be installed.
Note: Only *.pcap Wireshark log files are supported at this time.
Note: See section 4 of the CAS BACnet Wireshark Storm Manual to learn how to create a Wireshark log of your network.
