开发者

Testing a broken IP

开发者 https://www.devze.com 2022-12-22 12:41 出处:网络
I\'m trying to test an application and I need to make an valid IP not respond from a one of my test servers but not the others.I could do this for an fqdn using /etc/hosts but I\'d like开发者_运维百科

I'm trying to test an application and I need to make an valid IP not respond from a one of my test servers but not the others. I could do this for an fqdn using /etc/hosts but I'd like开发者_运维百科 to do it for an IP.

To clarify I actually I want both servers to respond but I need one of the devices the servers manage to only be reachable from one of the servers. I'm testing a master / worker application and I want to make sure the master cannot talk to the device directly.

The firewall rule would be perfect, would that have to be implemented on the router? Or, is there a way I could do it on server. I was hoping for something I could do on the dev boxes directly, since I "own" those, but I'd need IT support to change a router. I have access to Linux and Solaris dev boxes if you have suggestions for implementing a firewall rule.


Here is how I interpreted your question.

You have two servers, and a device which is managed by ONE of the two servers. Both servers will TRY to manage the device, but you want to prevent the second one from being able to communicate to it.

On the second server (assuming linux) I would run

iptables -A OUTPUT --dst <dst of your device> -j DROP

this will drop any outbound traffic on that server destined for the device.


If you can't/won't unplug the server, add a firewall rule that drops all incoming traffic from that server.


If I understand correctly, you want one of the servers to not respond? The simple way is to just turn it (the server) off.


it sounds like you want to simulate the application not responding. If so, what kind of app? If it is something like PHP then a sleep statement is your friend. If it sleeps for 600 seconds then that looks a lot like an overloaded server. Another option for arbitrary services is netcat. To have your server listen on port 12345 but never respond, use something like this:

    nc -l -p 12345

or you can cat a file as the initial response to simulate a service that only responds once and then goes stupid:

    echo -e "220 somehost.com ESMTP Postfix\n\r" | nc -q 1 -l -p 25


There are several options:

  • Unplug the server.
  • Reboot the server. That'll take it off the net for a minute or so.
  • Shut the server down completely.
  • Hit it with something hard
0

精彩评论

暂无评论...
验证码 换一张
取 消