On Tue, Jun 04, 2002 at 04:54:47PM +0300, Oleg Goldshmidt wrote: > Amir Sela <[EMAIL PROTECTED]> writes: > > > Anyone knows of a netfilter module that can be used (or any other way) to > > deliberately stall a packet in the router ? I want to create a situation in > > which machine A communicates with machine C on a LAN, through machine B, the > > linux router, and to stall the packets for a pre-determined amount of time. > > I can think of a couple of ways to do it with a little bit of C coding. > > 1) hack the proper place in the kernel.
I'm sure shlomi will let me know if I'm wrong, but I'm reasonably certain this exactly is what his IP-Noise project does. Check out http://www-comnet.technion.ac.il/~cn1w02/ > 2) fully user-space solution: > > a) grab every incoming packet with pcap > > b) set iptables to DROP the packet (or ipchains to DENY, what have you) > > alternatively, iptables supports a QUEUE chain which is supposed > to pass the packet to userland; it should be supported by the > kernel to work, and I have never tried it (I did the a+b trick with > ipchains - for a different purpose), so I don't know if it > has the same effect as a+b here. It works. If anyone needs help with it, ask choo ;) Alternatively, ask me. -- Sterday 13 Forelithe 7466 http://vipe.technion.ac.il/~mulix/ http://syscalltrack.sf.net/
msg19815/pgp00000.pgp
Description: PGP signature
