> I just want an IPv4/IPv6 proxy that does nothing other than delay, rate-limit, and/or drop packets.
About 15 years ago I needed to emulate a network over a satellite link. We had limited amount of time on the dish and it was a fairly costly affair. We had a small rack of hardware together with a bunch of measuring instruments that would be in the field for data acquisition. It would be sending back data home where it would be processed and then sent back into the field. The (limited) bandwidth reserved and the inherent latency on the link gave us some interesting issues to deal with, but it required a few iterations to get things working smoothly.
The rack had a Linux box which acted as a router (among other things), and while it was in the office we'd just hook it up via ethernet. So I used tc[0] on there to introduce a fixed latency on transmission and cap the outgoing bandwith to whatever was available on the link. I did the same on the homestation for outgoing traffic but there I just used an old box with two ethernet ports and set it up as a bridge.
For dropping packets I used iptables, and some other things.
It requires some familiarity with the LARTC[1], which isn't the most readable document, and how things work in Linux. It gave us exactly what we needed without having to pay for time on the dish for testing.
It's been over a decade and the details are extremely vague, but I'm sure that if you want to you could mark certain packets with netfilter and then delay those packets somehow, rather than just delay the entire network device. I remember that with iptables we used to mark packets from SSH in the mangle table and then use that mark with tc to give traffic marked priority on the outgoing device.
It's not exactly a proxy, but back in the day it worked for that specific use case.
tc is the way to go if the options are sufficient. You can bridge two interfaces (also virtual ones) in a VM and set qdiscs. Also works asynchronously, e.g., different rules for up/downlink. Instead of a VM setup one could use a cheap linux/openWrt router or an SBC-type board.
About 15 years ago I needed to emulate a network over a satellite link. We had limited amount of time on the dish and it was a fairly costly affair. We had a small rack of hardware together with a bunch of measuring instruments that would be in the field for data acquisition. It would be sending back data home where it would be processed and then sent back into the field. The (limited) bandwidth reserved and the inherent latency on the link gave us some interesting issues to deal with, but it required a few iterations to get things working smoothly.
The rack had a Linux box which acted as a router (among other things), and while it was in the office we'd just hook it up via ethernet. So I used tc[0] on there to introduce a fixed latency on transmission and cap the outgoing bandwith to whatever was available on the link. I did the same on the homestation for outgoing traffic but there I just used an old box with two ethernet ports and set it up as a bridge.
For dropping packets I used iptables, and some other things.
It requires some familiarity with the LARTC[1], which isn't the most readable document, and how things work in Linux. It gave us exactly what we needed without having to pay for time on the dish for testing.
It's been over a decade and the details are extremely vague, but I'm sure that if you want to you could mark certain packets with netfilter and then delay those packets somehow, rather than just delay the entire network device. I remember that with iptables we used to mark packets from SSH in the mangle table and then use that mark with tc to give traffic marked priority on the outgoing device.
It's not exactly a proxy, but back in the day it worked for that specific use case.
[0] : https://linux.die.net/man/8/tc
[1] : https://tldp.org/HOWTO/Adv-Routing-HOWTO/