I have a linux application that is sending a stream of UDP packets to a particular ip and port. I need a way of suppressing this packet stream so the packets never reach the network, with the ability to toggle it on and off, without affecting the sending application.
My first attempt was to just drop the packets on the OUTBOUND chain in iptables, but this caused the sending application to receive an error when sending the packets, which is unacceptable.
If I add the following rule, my application gets a -1 returned from sendto() instead of the number of bytes sent:
iptables -A OUTPUT -d 192.168.1.10 -j DROP
The second attempt was to add a static route for the udp destination ip to redirect the packet to the loopback. This only works when the sender does not bind to an interface, which is what the real application is doing (and it can't be changed).
My other attempts involved using iptables to NAT the destination ip or turn the TTL to zero. It seems like the application needs to be restarted for these changes to take affect, and therefore I can't toggle the stream in a running application.
