The netfilter simulator provides a means to run netfilter code in userspace; this allows significantly easier debugging and testing of what would otherwise be kernel-bound code.
The simulator is compiled with the netfilter code under test, which is imported from a kernel source tree. A simple command-line interface is given to test the code, by altering the kernel environment or sending packets in on various interfaces.
nfsim is released under the GNU General Public License .
Latest snapshot: nfsim-20080411.tar.gz
Older versions are available from the snapshots directory.
A brief HOWTO document is available: the Netfilter Simulator HOWTO
The paper itself is included in the conference proceedings; you can download them from the OLS 2005 website. The nfsim paper is in volume 2.
Jeremy Kerr, Rusty Russell.