Thursday, March 30, 2017

Block UDP Traffic via IPTables

While testing an application to verify all code flow paths, one of the scenarios demanded that the application handle dropped UDP packet stream. Now we had a recorded UDP stream at hand which we could play at will.

To simulate UDP packet drop, we added a rule in IPTables to drop/block all UDP packets destined for our UDP destination port 10222. The following command does it for you. 

To Block all udp traffic destined for port 10222
[root@paragpc ~]# iptables -A INPUT -p udp -i eth1 --dport 10222 -j DROP
where:
  • -A is for add/Append iptable rule
  • -p is for protocol
  • -i  = --in-interface eth1  (there is similarly -o =--out-interface
  • -j = JUMP
Refer the man page of iptables for more details. 

However don't forget to remove the rule once your test case is over.
Remove iptable rule dropping udp traffic destined for port 10222 [-D is for Delete iptable rule]
[root@paragpc ~]# iptables -D INPUT -p udp -i eth1 --dport 10222 -j DROP
However if you wish to permanently save the rule run the following command(source).
service iptables save



Using Tcpdump to dump and read network traffic

Another Quick FYI tip. There are many network analyzer/reader utilities available on both Linux and Windows platform. There is of-course ...