Samplicator On Windows
Samplicator, compiled for windows server can be found here http://builds.anuview.net/samplicatorWindows.zip
It requires windows server 2008+ to run as it needs to spoof the source IP of the traffic. https://docs.microsoft.com/en-us/windows/desktop/WinSock/tcp-ip-raw-sockets-2
Unzip the contents to the root of the c: drive
This should leave you with a folder c:\samplicator
Edit the samplicate.2055.conf file as required, the example entry
0.0.0.0/0.0.0.0:172.21.21.12/3001
Will tell samplicator to listen on port 2055 (defined in the runsamplicator.bat file) and send all flows to 172.21.21.12 port 3001, can can add multiple lines
When you make any changes to this file, you must restart the samplicator service.
To install as a service run the installSamplicator.bat file.
To remove service, run the removeSamplicator.bat file.
Samplicator settings are shown below
Usage: ./samplicate [option...] receiver... Supported options: -p <port> UDP port to accept flows on (default 2000) -s <address> Interface address to accept flows on (default any) -d <level> debug level -b <size> set socket buffer size (default 65536) -n don't compute UDP checksum (leave at 0) -S maintain (spoof) source addresses -x <delay> transmit delay in microseconds -c configfile specify a config file to read -f fork program into background -h print this usage message and exit ---------------- Specifying receivers: A.B.C.D[/port[/freq][,ttl]]... where: A.B.C.D is the receiver's IP address port is the UDP port to send to (default 2000) freq is the sampling rate (default 1) ttl is the sending packets TTL value (default 64) ---------------Config file format: a.b.c.d[/e.f.g.h]: receiver ... where: a.b.c.d is the senders IP address e.f.g.h is a mask to apply to the sender (default 255.255.255.255) receiver see above. Receivers specified on the command line will get all packets, those specified in the config-file will get only packets with a matching source.