Rechercher une page de manuel

Chercher une autre page de manuel:


Langue: en

Version: 16 May 2003 (ubuntu - 07/07/09)

Section: 1 (Commandes utilisateur)


nemesis-udp - UDP Protocol (The Nemesis Project)


nemesis-udp [-vZ?] [-d Ethernet-device ] [-D destination-IP-address ] [-F fragmentation-options ] [-H source-MAC-address ] [-I IP-ID ] [-M destination-MAC-address ] [-O IP-options-file ] [-P payload-file ] [-S source-IP-address ] [-t IP-TOS ] [-T IP-TTL ] [-x source-port ] [-y destination-port ]


The Nemesis Project is designed to be a command line-based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol, and should allow for useful scripting of injected packets from simple shell scripts.

nemesis-udp provides an interface to craft and inject UDP packets allowing the user to specify any portion of a UDP packet as well as lower-level IP packet information.

UDP Options

-P payload-file
This will case nemesis-udp to use the specified payload-file as the payload when injecting UDP packets. For packets injected using the raw interface (where -d is not used), the maximum payload size is 65467 bytes. For packets injected using the link layer interface (where -d IS used), the maximum payload size is 1432 bytes. Payloads can also be read from stdin by specifying '-P -' instead of a payload file.

Windows systems are limited to a maximum payload size of 1432 bytes for UDP packets.

-v verbose-mode
Display the injected packet in human readable form. Use twice to see a hexdump of the injected packet with printable ASCII characters on the right. Use three times for a hexdump without decoded ASCII.
-x source-port
Specify the source-port within the UDP header.
-y destination-port
Specify the destination-port within the UDP header.


-D destination-IP-address
Specify the destination-IP-address within the IP header.
-F fragmentation-options (-F[D],[M],[R],[offset])
Specify the fragmentation options:
 -FD (don't fragment)
 -FM (more fragments)
 -FR (reserved flag)
 -F <offset>

within the IP header. IP fragmentation options can be specified individually or combined into a single argument to the -F command line switch by separating the options with commas (eg. '-FD,M') or spaces (eg. '-FM 223'). The IP fragmentation offset is a 13-bit field with valid values from 0 to 8189. Don't fragment (DF), more fragments (MF) and the reserved flag (RESERVED or RB) are 1-bit fields.

NOTE: Under normal conditions, the reserved flag is unset.

Specify the IP-ID within the IP header.
-O IP-options-file
This will cause nemesis-dns to use the specified IP-options-file as the options when building the IP header for the injected packet. IP options can be up to 40 bytes in length. The IP options file must be created manually based upon the desired options. IP options can also be read from stdin by specifying '-O -' instead of an IP-options-file.
-S source-IP-address
Specify the source-IP-address within the IP header.
Specify the IP-type-of-service (TOS) within the IP header. Valid type of service values:
 2  (Minimize monetary cost)
 4  (Maximize reliability)
 8  (Maximize throughput)
 24 (Minimize delay)

NOTE: Under normal conditions, only one type of service is set within a packet. To specify multiple types, specify the sum of the desired values as the type of service.

Specify the IP-time-to-live (TTL) within the IP header.
-d Ethernet-device
Specify the name (for UNIX-like systems) or the number (for Windows systems) of the Ethernet-device to use (eg. fxp0, eth0, hme0, 1).
-H source-MAC-address
Specify the source-MAC-address (XX:XX:XX:XX:XX:XX).
-M destination-MAC-address
Specify the defination-MAC-address (XX:XX:XX:XX:XX:XX).
-Z list-network-interfaces
Lists the available network interfaces by number for use in link-layer injection.

NOTE: This feature is only relevant to Windows systems.


Nemesis-udp returns 0 on a successful exit, 1 if it exits on an error.


Send concise and clearly written bug reports to


Jeff Nathan <>

Originally developed by Mark Grimes <>


nemesis-arp(1), nemesis-dns(1), nemesis-ethernet(1), nemesis-icmp(1), nemesis-igmp(1), nemesis-ip(1), nemesis-ospf(1), nemesis-rip(1), nemesis-tcp(1)
Les paillotes sont stables, il aurait juste fallu un
firewall digne de ce nom. Encore que certains apprentis
sorciers oublient de remettre en etat /var/log/messages.
-+- Liu in Guide du Linuxien pervers - "Bien protéger sa paillote" -+-