Countertrace is a Linux 2.4 kernel software that manages iptables QUEUE targets in userland, while operating with Netfilter.
Countertrace uses Netfilter to determine whether packets should be dropped or permitted based on a userland program. The program drops packets with a TTL less than the number of hops being projected and generates ICMP time-exceeded messages for those packets with the source address of the bogus hop. If latency is being simulated, the messages are queued for a specified period before being sent.
To use Countertrace, the NetPacket, Time::HiRes, and IPTables::IPv4::IPQueue perl modules, Net::RawSock, and a Linux 2.4 kernel with iptables and QUEUE target support are required. If latency is not being simulated, the iptables TTL match support may also be useful.
The configuration for Countertrace involves specifying hops in the order in which they are to be simulated. Latency is accumulative, with the program determining the sum of all previously specified latency values at run time. Other configuration commands are available for logging purposes.
To use Countertrace, iptables must be configured to pass packets to the program for processing using the QUEUE target. If latency is not being simulated, the iptables TTL match support can filter packets. However, if Countertrace encounters issues, iptables will drop any queued packets, rendering the system unreachable. To avoid this, a backdoor address should be specified.
Overall, Countertrace is a useful program for creating imaginary IP hops and introducing latency. However, proper configuration and caution should be taken to avoid connectivity issues. An example startup script is provided for user reference.
Version 1.0: N/A