There isn't really functionality to do this, I've always found it better to use freebsd's dummy net for such things. I have some instructions to get this up and going here ( This is old but worked the last time i had to emulate wan conditions with this stuff):
Dummynet howto... I needed to emulate a real wan connection for some testing I'm doing. This was a PITA to find out on my own, so I'm documenting everything. This is just on a livecd right now, so you have to issue these commands every time you reboot, which sucks, but luckily it runs on BSD which, hardly ever needs to reboot. First you'll want to grab a copy of the Frenzy Freebsd Live CD here: http://frenzy.org.ua/en/index.shtml After it boots, I issue these commands (note, i'm running this on a box with 3 nics, 1 for managment, 2 for the bridge) You could pull it off with just two nics as well, later I'm going to turn it into a router too, so it will do routing as well as introducing bw settings latency, loss, etc. Also on the Todo list is make a vmware image of all of this with scripts to easily change settings for the bridge/router... For right now this is what I do to get it up and running: #setup networking ifconfig em0 172.16.62.11 up route add default 172.16.62.254 ifconfig bridge create ifconfig bridge0 addm em1 addm em2 up ifconfig em1 up ifconfig em2 up #load dummynet kldload dummynet #ipfw commands sysctl net.link.bridge.ipfw=1 ipfw add pipe 1 ip from any to any ipfw pipe 1 config bw 2Mbits/s delay 30ms plr .01 ipfw list # we need to make sure that the any to any rule with the pipe is the highest any to any rule.. ipfw delete 65000 ipfw list # From Lucas: adds memory for network buffers #the queue for dummynet can take a lot of memory and it behaves badly when it runs out sysctl kern.ipc.nmbclusters=32768 #To watch traffic on the bridge, simply type tcpdump -i bridge0 Booyah!!!, just found this to backup settings to a floppy: http://frenzy.org.ua/en/releases/1.0/doc/doc_en-backup.html This will turn one of those dumb pizzaboxs into a usable router/wan emulator.... or could even use the floppy backup and just emulate a floppy disk on vmware... More to come on this... Here are some links that I found helpful when figuring all this out: http://info.iet.unipi.it/~luigi/ip_dummynet/ http://www.freebsd-howto.com/HOWTO/Ipfw-HOWTO http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-bridging.html http://www.freebsd.org/cgi/man.cgi?query=if_bridge&sektion=4 On Fri, Jan 22, 2010 at 12:54 PM, Calomel Org <kep...@calomel.org> wrote: > Andres, > > You can add packet loss by using the probability argument on a pf > rule. You use either a block or pass rule. > > probability <number> > > A probability attribute can be attached to a rule, with a > value set between 0 and 1, bounds not included. In that case, the > rule will be honored using the given probability value only. For ex- > ample, the following rule will drop 20% of incoming ICMP packets: > > block in proto icmp probability 20% > > > I do not believe you can add latency timings using PF. I agree, this > would be very helpful for testing. > > -- > Calomel @ https://calomel.org > Open Source Research and Reference > > > On Fri, Jan 22, 2010 at 03:13:09PM -0500, Andres Salazar wrote: > >Hello, > > > >Is it possible to do some rule in pf to simulate 300ms of latency? > >This is for testing purposes. > > > >A plus would be to simulate 1% packet loss. > > > >Many Thanks!!
