On Sat, Dec 27, 2014 at 02:45:27PM +0200, [email protected] via dtrace-discuss wrote:
> Is there any method to drop network connection via Dtrace (or other > methods) on Solaris 11.X? I'm not aware of any destructive action in DTrace that would directly disrupt network traffic, at least on illumos. With some effort, it may be possible to use other destructive actions (such as copyout) to make it so that userland software does not send or receive data to/from a particular socket, but that would not necessarily have the same effect. At one point there was work pending in illumos to make uregs[] writable, which would make this easier, but it does not seem to have been integrated. If any networking-related actions exist in the Oracle Solaris Dynamic Tracing system, your Oracle support representative should be able to tell you all about them. On illumos systems, you could set up a temporary filter using ipf that would cause any TCP traffic to a given port to return a RST packet and effectively close the connection. See http://illumos.org/man/5/ipfilter for a starting point on packet filtering. This could be done in a system() action if you want to trigger it from DTrace, but note that such actions are taken asynchronously with respect to probe firing. If you are not using illumos, you will need to determine whether this functionality is available on your system and obtain appropriate documentation from Oracle instead. We also have ipdadm on illumos. See https://github.com/illumos/illumos-gate/blob/master/usr/src/man/man1m/ipdadm.1m for information about it. It is unlikely that this facility exists on your system, however, and unlike ipfilter and BSD's tcpdrop, it does not discriminate among packets based on source, destination, or protocol. ------------------------------------------- dtrace-discuss Archives: https://www.listbox.com/member/archive/184261/=now RSS Feed: https://www.listbox.com/member/archive/rss/184261/25769126-e243886f Modify Your Subscription: https://www.listbox.com/member/?member_id=25769126&id_secret=25769126-8d47a7b2 Powered by Listbox: http://www.listbox.com
