Infrastructure Layer
AttacksPacket Loss Attack
The Packet Loss Gremlin randomly injects a percentage of packet loss (or packet corruption) into IP packets at the transport layer, targeted by supplied port and host arguments.
Linux
The Packet Loss Gremlin uses existing Quality of Service (QOS) and Differentiated Services (diffserv) facilities in the Linux kernel to emulate natural packet loss (and optionally packet corruption).
This Gremlin does not interact with iptables
, and so it does not interfere with any existing iptables
rulesets.
This Gremlin requires the NET_ADMIN
capability, which is enabled for Gremlin by default at installation time. See capabilities(7)
Options
Parameter | Flag | Required | Default | Version | Description |
---|---|---|---|---|---|
IP Addresses | -i IP address | False | 0.0.1 | Only impact traffic to these IP addresses. Also accepts CIDR values (i.e. 10.0.0.0/24 ). | |
Device | -d interface | False | Device discovery | 0.0.1 | Impact traffic over this network interface. |
Hostnames | -h hostnames | False | ^api.gremlin.com | 0.0.1 | Only impact traffic to these hostnames. |
Egress Ports | -p port numbers | False | ^53 | 0.0.1 | Only impact egress traffic to these destination ports. Also accepts port ranges (e.g. 8080-8085 ). |
Source Ports | -s port numbers | False | 0.0.1 | Only impact egress traffic from these source ports. Also accepts port ranges (e.g. 8080-8085 ). | |
Percent | -r <0-100> | False | 1 | 0.0.1 | Percentage of packets to drop (10 is 10%). |
Protocol | -P {TCP, UDP, ICMP} | False | all | 1.5.3 | Only impact a specific protocol. |
Corrupt | -c | False | False | 0.0.1 | Corrupt the packets instead of just dropping them. |
Providers | WebUI and API Only | False | 0.0.1 | External service providers to affect. | |
Tags | WebUI and API Only | False | 0.0.1 | Only impact traffic to hosts running Gremlin clients associated with these tags. | |
Length | -l int | False | 60 | 0.0.1 | The length of the attack (seconds). |