I came across a nice tool, potentially useful for pen testing: TCP/IP-aware version of TCL expect. Written by Eloy Paris from Cisco Systems it is currently distributed in sources only. I didn't have much time to play with it yet, but it looks very promising. Tomorrow will try to use it for SIP REGISTER flooding, currently done with sipp. (In a way, SIPP is similar to NetExpect, can execute send-expect scenarios, but seems to be focused on SIP protocol.)
A bunch of slides illustrating what NetExpect can do can be found here.
On Ubuntu 10 installation goes as following (instructions at http://netexpect.org/wiki/PortabilityPage are for older versions of Ubuntu):
sudo apt-get install libglib2.0-dev tcl8.4-dev wireshark-dev libpcap-dev libdumbnet-dev libnet1-dev
sudo mv /usr/include/pcap.h /usr/include/pcap.h-
./configure --prefix=/usr/local/netexpect-0.18 --with-tcl=/usr/lib/tcl8.4 --with-tcl-includes=/usr/include/tcl8.4
sudo mv /usr/include/pcap.h- /usr/include/pcap.h
sudo make install
The commands above will install the binaries under /usr/local/netexpect-0.18/bin.