Submit a ticketCall us

WebinarDatabase Roundtable – Expert Database Professionals Feel Your Pain

In this video broadcast, Head Geek™ Tom LaRock is joined by Karen Lopez, Tim Chapman, and David Klee. They’ve known each other for many years, so this discussion was like four friends getting together to talk data and databases. They discussed diagnostic data collection, common performance root causes, reactive tuning versus proactive, and more. Join us for an engaging discussion on these topics! Plus, Tom LaRock will be available to answer your questions live.

Register now.

Home > Success Center > Kiwi Syslog Server > Kiwi Sys - Knowledgebase Articles > Spoof Network Packet

Spoof Network Packet

Table of contents

Updated August 6th, 2016

Overview

 

When Forwarding Packets, If you want to retain the original source address you can use the “Spoof Network Packet” option.

Environment

Kiwi Syslog Server

Detail

 

This feature is only available in the licensed version, requires WinPcap 4.1+ installation.

This option only applies to syslog messages forwarded via UDP protocol with IPv4 address only.

 

This option only applies to syslog messages forwarded via UDP protocol.

The network packet will be spoofed to appear as though the fowarded message has come directly from the originating devices' IP address, and not the address of the Syslog Server.  Kiwi Syslog Server will use the Selected Network Adapter to send the spoofed UDP/IP packet.

 

Important Note:

This option also requires that WinPcap version 4.1 and above is installed.  WinPcap (Windows Packet Capture library) is available for download from: WinPcap, The Packet Capture and Network Monitoring Library for Windows (© 2013 Riverybed Technology, available at https://www.winpcap.org/, obtained on July 26th, 2017.)

 

Test button

Use the Test button to send a test Syslog message to the host(s) specified.

 

Note:  If the "Spoof Network Packet" option is used, then the "Original Address=" tag will not be used.  The Syslog packet will be fowarded to the destination address as though it has been sent from the originating IP address.

 

Not working

In the Error log you will see the following:
“Forward Syslog Message [Spoof UDP packet] Failed : WinPCap version 3.0 and above is required for packet spoofing”
 

Resolution

Reinstall WinPCap version 3.0 so that it is detected by Kiwi.

 

 

Last modified

Tags

Classifications

Public