Date: Sat, 11 May 1996 03:46:57 +0100 From: "Gary Palmer" <gpalmer@FreeBSD.ORG> To: Wes Santee <wes@bogon.net> Cc: Jaye Mathisen <mrcpu@cdsnet.net>, questions@FreeBSD.ORG Subject: Re: Packet Eater Available? Message-ID: <4512.831782817@palmer.demon.co.uk> In-Reply-To: Your message of "Fri, 10 May 1996 18:44:53 PDT." <199605110144.SAA20510@bogon.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Wes Santee wrote in message ID <199605110144.SAA20510@bogon.net>: > I'm not sure this affords me the flexiblity I'm after. Is there a way > using the IP firewalling option to turn on/off access to a port at > will? > For example, if process X connects to port 5000 of machine Y, can I > let that process connect, then after it is connected, start eating the > packets it's sending on that port? In other words, I'd like to be > able to turn it on and off during while the connection is active, but > without blocking or disconnecting the client (I'm trying to simulate > dropped packets to see how a piece of client software deals with > non-delivered packets). The firewall stuff is all configured at ``run time'', so you can add and delete rules from the kernel at will, including once a TCP/UDP stream has already been established as the firewall code doesn't care about that (it's designed to be run on routers which can't track if a client machine has a TCP/UDP stream open or not). It should do what you want. Gary -- Gary Palmer FreeBSD Core Team Member FreeBSD - Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4512.831782817>