Re: How To Temporarily Suspend Network Traffic

On Tue, Feb 01, 2011 at 08:26:53PM +0200, Volkan YAZICI wrote:
On Tue, 1 Feb 2011 13:15:15 -0500, Gregory Seidman writes:
On Tue, Feb 01, 2011 at 07:40:06PM +0200, Volkan YAZICI wrote:
# while /bin/true; do \
> iptables -A OUTPUT -i wlan0 -j DROP && \
> usleep 100000 && \
> iptables -D OUTPUT -i wlan0 -j DROP

command (usleep is a small C program I wrote, see the attachment),
transfer hangs after some point and stops for ~30-40secs and finishes
when I stop the while loop. Do I miss anything? Any suggestions?

Here you are interrupting for 100,000 usecs (which is 100msecs, I believe),
but you don't sleep at all between interruptions in the while loop. That
means that it only has the time between the execution of the iptables
command at the end of the loop and the execution of the iptables command at
the beginning of the loop to actually transmit any packets. It is
unsurprising that it hangs. Make sure you sleep for a while after removing
the iptables rule.

Indeed, sleeping more than I want is what I try to avoid. In other
words, I'm inclined to believe that running iptables externally doesn't
provide an interruption mechanism in milli/microsecond granularity. Any
other suggestions?

Well, I suggested before that you look into the iptables code and make the
system calls it does rather than executing it externally.


