I want to build a more-or-less self-contained box that I can plug two or more endpoints into (routers, mainly) that will simulate a WAN. I want to be able to mess up traffic in all sorts of ways, both "passive" (for example, natural network problems like latency, packet loss, bandwidth restrictions) and "active" (such as DoS attacks, MiTM attacks, and other more nefarious actions). I want to be able to bang on my router configurations in all sorts of ways without attracting unwanted attention or affecting my production network.
As far as I can tell, there are no free solutions for doing this, which is fine, but I'd like to figure out what tools to use.
So far, I think for the "active" side of things, Metasploit is the clear choice. The "passive", however I'm not so sure about. Here's what I've been looking at:
MAYBE:
TCNG: Old, though. Last release in 2004.
ns-2: Seems more "research-y" but has potential.
ns-3: Also has potential.
Cisco Packet Tracer: Not exactly free. It is pretty, but does it have the "fuzzing" aspect?
DummyNet: It seems a bit raw, but it's been suggested it might be the best option.
EDIT:
CORE: The Common Open Research Emulator seems really promising.
REJECTED:
GNS-3: More for hardware emulation.
Lagfactory: Seems to have vanished.
Fiddler: HTTP(S) traffic only
NetLimiter: Doesn't seem to have intentional network damage feature
LanForge ICE: Looks to be expensive.
Thoughts or suggestions very much appreciated!