aircoreboy
Regular Contributor
Is it possible to use iptables to create inbound packet loss per ip address?
Iptable command to cause packet loss
- Thread starter aircoreboy
- Start date
ColinTaylor
Part of the Furniture
Can you explain your scenario a bit more.
Also, what do you mean by "per IP address", an IP address on your LAN? Unsolicited traffic from the internet will be dropped by iptables FORWARD chain. That's 100% packet loss for the sender.
Also, what do you mean by "per IP address", an IP address on your LAN? Unsolicited traffic from the internet will be dropped by iptables FORWARD chain. That's 100% packet loss for the sender.
aircoreboy
Regular Contributor
What I want to do is to randomly drop a percentage of all incoming packets to one of my lan devices, to basically simulate a poor internet connection!
Nullity
Very Senior Member
There is a linux module called "netem". Maybe you could compile it in if it is not included.
http://www.linuxfoundation.org/collaborate/workgroups/networking/netem
FreeBSD has dummynet.
http://www.linuxfoundation.org/collaborate/workgroups/networking/netem
FreeBSD has dummynet.
ColinTaylor
Part of the Furniture
I don't think it's possible to do it with iptables on the router because it doesn't have the required modules (statistic or random).
hardtotell
Regular Contributor
HOWTO
Enable the statistic match module in the firmware build configuration
Build the firmware
Copy the new kernel module to your router /jffs/bin folder. My routers is RT-AC68U and RT-AC56U, both ARM architectures. Use 'find' command to search for the kernel module, xt_statistic.ko.
Now login to the router to install and load the module
Now this works
Undo it when you're done playing around
Download: http://www.megafileupload.com/21Eh/xt_statistic_asuswrt-merlin-378.53-arm.rar
MD5: 1bbd3bfc76be38b3a1903d11ffb420bb
Enable the statistic match module in the firmware build configuration
Code:
vi ~/asuswrt-merlin/release/src-rt-6.x.4708/linux/linux-2.6.36/config_base.6a
OLD LINE: # CONFIG_NETFILTER_XT_MATCH_STATISTIC is not set
NEW LINE: CONFIG_NETFILTER_XT_MATCH_STATISTIC=mBuild the firmware
Code:
make clean
make {target-platform}Copy the new kernel module to your router /jffs/bin folder. My routers is RT-AC68U and RT-AC56U, both ARM architectures. Use 'find' command to search for the kernel module, xt_statistic.ko.
Code:
find ~/asuswrt-merlin -type f -name "xt_statistic.ko"
### here it is: ~/asuswrt-merlin/release/src/router/arm-uclibc/target/lib/modules/2.6.36.4brcmarm/kernel/net/netfilter/xt_statistic.koNow login to the router to install and load the module
Code:
insmod /jffs/bin/xt_statistic.ko
modprobe xt_statisticNow this works
Code:
iptables -A INPUT -m statistic --mode random --probability 0.1 -j DROP
iptables -A OUTPUT -m statistic --mode random --probability 0.1 -j DROPUndo it when you're done playing around
Code:
iptables -D INPUT -m statistic --mode random --probability 0.1 -j DROP
iptables -D OUTPUT -m statistic --mode random --probability 0.1 -j DROPDownload: http://www.megafileupload.com/21Eh/xt_statistic_asuswrt-merlin-378.53-arm.rar
MD5: 1bbd3bfc76be38b3a1903d11ffb420bb
Last edited:
Similar threads
Similar threads
| Thread starter | Title | Forum | Replies | Date |
|---|---|---|---|---|
| P | IPtable rule for PING | Asuswrt-Merlin | 2 |
Similar threads
Latest threads
-
i have gtaxe16000 running 3004 ... interested in upgrading to 3006 but?
- Started by lgkahn
- Replies: 0
-
USA - AT&T fiber - IP passthrough configuration [2026]
- Started by Bill_Stewart
- Replies: 0
-
-
Safest method of backing of MTD partitions (ex. mtd10)
- Started by Jeffrey Young
- Replies: 3
-
Support SNBForums w/ Amazon
If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!
Sign Up For SNBForums Daily Digest
Get an update of what's new every day delivered to your mailbox. Sign up here!