I need to dump some incoming packets and then prevent them from going up the stack, so that applications won't process them.
Now, tcpdump works at layer 2, right? So ideally I should find some tool that I'd use right after tcpdump that drops selected packets. The filter I apply in tcpdump and when I drop packets is going to be the same.
Anything that already does this?
Now, tcpdump works at layer 2, right? So ideally I should find some tool that I'd use right after tcpdump that drops selected packets.
Tcpdump captures from a network at the link layer, yes. However, "captures", in this case, means "passively taps into the network, getting copies of all packets received and sent". It does not tap into the network in a fashion that allows it to prevent those packets from being processed by the network stack. Think of it as being similar to tapping a phone line - whoever's tapping the line can listen to the conversation, but they can't prevent somebody on one side of the conversation from hearing what the person on the other side says.
Anything that already does this?
There might be, but the mechanism that it would use to do so is probably going to be very dependent on the operating system it's running on. What operating system is the machine on which you need to trap the packets running.