Infrastructure Layer

Packet Loss Attack

The Packet Loss Gremlin randomly injects a percentage of packet loss (or packet corruption) into IP packets at the transport layer, targeted by supplied port and host arguments.


The Packet Loss Gremlin uses existing Quality of Service (QOS) and Differentiated Services (diffserv) facilities in the Linux kernel to emulate natural packet loss (and optionally packet corruption).

This Gremlin does not interact with iptables, and so it does not interfere with any existing iptables rulesets.

This Gremlin requires the NET_ADMIN capability, which is enabled for Gremlin by default at installation time. See capabilities(7)


IP Addresses-i IP addressFalse0.0.1Only impact traffic to these IP addresses. Also accepts CIDR values (i.e.
Device-d interfaceFalseDevice discovery0.0.1Impact traffic over this network interface.
Hostnames-h hostnamesFalse^api.gremlin.com0.0.1Only impact traffic to these hostnames.
Egress Ports-p port numbersFalse^530.0.1Only impact egress traffic to these destination ports. Also accepts port ranges (e.g. 8080-8085).
Source Ports-s port numbersFalse0.0.1Only impact egress traffic from these source ports. Also accepts port ranges (e.g. 8080-8085).
Percent-r <0-100>False10.0.1Percentage of packets to drop (10 is 10%).
Protocol-P {TCP, UDP, ICMP}Falseall1.5.3Only impact a specific protocol.
Corrupt-cFalseFalse0.0.1Corrupt the packets instead of just dropping them.
ProvidersWebUI and API OnlyFalse0.0.1External service providers to affect.
TagsWebUI and API OnlyFalse0.0.1Only impact traffic to hosts running Gremlin clients associated with these tags.
Length-l intFalse600.0.1The length of the attack (seconds).