What I would do is have the virii run in a virtual environment, with a sniffer on the nic tracking all of the traffic in/out on the card, and have the gateway firewall drop all incoming/outgoing packets to the virtual machine....tcpreplay, ethereal, virtual pc/vmware are great tools for this..