Reputation: 3210
Using iptables to emulate broken connection
I have some bug in tcp communication betweeen my soft and server. On timeout router silently closes connection without informing client about it ( normally it is made with FIN packet ).
My tcpdump log in this situation:
Soft tries to push message in opened connection.
09:29:41.438050 IP CLIENTIP.33668 > SERVERIP.8101: Flags [P.], seq 163:228, ack 144, win 229, options [nop,nop,TS val 96713087 ecr 4169733508], length 65
On the server (actually middle ) side this connection was already broken and server answeres with Reset package.
09:29:41.447415 IP SERVERIP.8101 > CLIENTIP.33668: Flags [R], seq 3072817047, win 0, length 0
I am trying to debug this case but this situtation happenes only after pretty long timeouts.
My Idea was to emulate this situation using iptables. For example change destination port for my client:
sudo iptables -t nat -D OUTPUT -p tcp --destination-port 8101 -j DNAT --to-destination SERVERIP:8102
But this rule works only for new tcp connection, but i need to change packet content on already established connection. Does somebody know how can i write tcpdump rule to destination port on all packages ?
Upvotes: 1
Views: 401
Answers (1)
Reputation: 6284
Have you looked into using something like netem to add delay or drop packets? I think it might work better for you than iptables.
Upvotes: 1
Related Questions
- Logging Dropped Packets in IPTables?
- Howto intercept tcp packet and modify in the fly?
- TCP: Improving reliability with a broken connection
- How do I break an arbitrary TCP/IP connection on Linux?
- Simulate a network disconnect during testing
- TCP Packet Mangling using NFQUEUE
- How to simulate an incoming tcp packet?
- simulate incoming packets on a network interface in linux
- Simulate dropped packets on Linux, based on protocol (UDP, TCP etc)
- TCP/IP server mock/stub software needed