# PrimAITE Router Simulation Demo

This demo uses the ARCD Use Case 2 Network (seen below) to demonstrate the capabilities of the Network simulator in PrimAITE.

## The Network
First let's create our network. The network comes 'pre-packaged' with PrimAITE in the `primaite.simulator.network.networks` module.

> ℹ️ You'll see a bunch of logs associated with parts of the Network that aern't an 'electronic' device on the Network and thus don't have a stsrem to log to. Soon these logs are going to be pushed to a Network Logger so we're not clogging up the PrimAITE application logs.

In [1]:
from primaite.simulator.network.networks import arcd_uc2_network

In [2]:
network = arcd_uc2_network()

Most of the Network components have a `.show()` function that prints a table of information about that object. We can view the Nodes and Links on the Network by calling `network.show()`.

In [3]:
network.show()

+------------------------------------------------+
|                     Nodes                      |
+-------------------+----------+-----------------+
| Node              | Type     | Operating State |
+-------------------+----------+-----------------+
| router_1          | Router   | ON              |
| switch_1          | Switch   | ON              |
| switch_2          | Switch   | ON              |
| domain_controller | Server   | ON              |
| database_server   | Server   | ON              |
| web_server        | Server   | ON              |
| backup_server     | Server   | ON              |
| security_suite    | Server   | ON              |
| client_1          | Computer | ON              |
| client_2          | Computer | ON              |
+-------------------+----------+-----------------+
+-----------------------------------------------------------------------------+
|                                 IP Addresses                                |
+-------------------+---

## Nodes

Now let's inspect some of the nodes. We can directly access a node on the Network by calling .`get_node_by_hostname`. Like Network, a Node, along with some core services like ARP, have a `.show()` method.

### Router Nodes

First we'll inspect the Router node and some of it's core services.

Calling `router.show()` displays the Ethernet interfaces on the Router. If you need a table in markdown format, pass `markdown=True`.

In [4]:
network.get_node_by_hostname("router_1").show()

+---------------------------------------------------------------+
|                  router_1 Network Interfaces                  |
+------+-------------------+-----------------+-------+----------+
| Port | MAC Address       | Address         | Speed | Status   |
+------+-------------------+-----------------+-------+----------+
| 1    | 7c:0a:49:bd:2d:5f | 192.168.1.1/24  | 100   | Enabled  |
| 2    | 6e:3e:9f:58:c3:f8 | 192.168.10.1/24 | 100   | Enabled  |
| 3    | 44:c9:4c:25:4c:9b | 127.0.0.1/8     | 100   | Disabled |
| 4    | 4a:99:e4:a0:87:ba | 127.0.0.1/8     | 100   | Disabled |
| 5    | ca:5c:3b:6e:52:ef | 127.0.0.1/8     | 100   | Disabled |
+------+-------------------+-----------------+-------+----------+


Calling `router.arp.show()` displays the Router ARP Cache.

In [5]:
network.get_node_by_hostname("router_1").arp.show()

+-------------------------------------------------------+
|                   router_1 ARP Cache                  |
+---------------+-------------------+-------------------+
| IP Address    | MAC Address       | Via               |
+---------------+-------------------+-------------------+
| 192.168.10.21 | ca:f5:26:85:a7:54 | 6e:3e:9f:58:c3:f8 |
| 192.168.10.22 | 21:bb:1b:75:02:fb | 6e:3e:9f:58:c3:f8 |
| 192.168.1.10  | 6d:3e:3e:b3:f6:6f | 7c:0a:49:bd:2d:5f |
| 192.168.1.14  | 7c:cd:b5:ba:46:33 | 7c:0a:49:bd:2d:5f |
| 192.168.1.12  | 30:3c:b4:54:b2:ef | 7c:0a:49:bd:2d:5f |
| 192.168.1.16  | 82:23:ff:c5:03:45 | 7c:0a:49:bd:2d:5f |
| 192.168.1.110 | 92:17:67:5f:09:f0 | 7c:0a:49:bd:2d:5f |
+---------------+-------------------+-------------------+


Calling `router.acl.show()` displays the Access Control List.

In [6]:
network.get_node_by_hostname("router_1").acl.show()

+---------------------------------------------------------------------------------------------------------------------------------------+
|                                                      router_1 Access Control List                                                     |
+-------+--------+----------+--------+--------------+------------------------+--------+--------------+------------------------+---------+
| Index | Action | Protocol | Src IP | Src Wildcard | Src Port               | Dst IP | Dst Wildcard | Dst Port               | Matched |
+-------+--------+----------+--------+--------------+------------------------+--------+--------------+------------------------+---------+
| 0     | PERMIT | ANY      | ANY    | ANY          | 5432 (POSTGRES_SERVER) | ANY    | ANY          | 5432 (POSTGRES_SERVER) | 0       |
| 1     | PERMIT | ANY      | ANY    | ANY          | 53 (DNS)               | ANY    | ANY          | 53 (DNS)               | 0       |
| 2     | PERMIT | ANY      | ANY 

Calling `router.router_table.show()` displays the static routes the Router provides.

In [7]:
network.get_node_by_hostname("router_1").route_table.show()

+-------------------------------------+
|         router_1 Route Table        |
+-------+---------+----------+--------+
| Index | Address | Next Hop | Metric |
+-------+---------+----------+--------+
+-------+---------+----------+--------+


Calling `router.sys_log.show()` displays the Router system log. By default, only the last 10 log entries are displayed, this can be changed by passing `last_n=<number of log entries>`.

In [8]:
network.get_node_by_hostname("router_1").sys_log.show(last_n=10)

+-----------------------------+
|       router_1 Sys Log      |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+


### Switch Nodes

Next we'll inspect the Switch node and some of it's core services.

Calling `switch.show()` displays the Switch ports on the Switch.

In [9]:
network.get_node_by_hostname("switch_1").show()

+---------------------------------------------+
|            switch_1 Switch Ports            |
+------+-------------------+-------+----------+
| Port | MAC Address       | Speed | Status   |
+------+-------------------+-------+----------+
| 1    | e0:06:93:2c:45:cf | 100   | Enabled  |
| 2    | ab:84:4b:96:bc:b6 | 100   | Enabled  |
| 3    | d8:07:d0:d6:27:52 | 100   | Enabled  |
| 4    | ef:da:44:ee:68:1d | 100   | Enabled  |
| 5    | b6:76:3d:1d:7e:be | 100   | Disabled |
| 6    | 02:ce:fa:da:9a:a4 | 100   | Disabled |
| 7    | 8c:96:32:d5:ef:4b | 100   | Enabled  |
| 8    | e6:5e:9e:61:f6:71 | 100   | Enabled  |
+------+-------------------+-------+----------+


Calling `switch.sys_log.show()` displays the Switch system log. By default, only the last 10 log entries are displayed, this can be changed by passing `last_n=<number of log entries>`.

In [10]:
network.get_node_by_hostname("switch_1").sys_log.show()

+-----------------------------+
|       switch_1 Sys Log      |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+


### Computer/Server Nodes

Finally, we'll inspect a Computer or Server Node and some of its core services.

Calling `computer.show()` displays the NICs on the Computer/Server.

In [11]:
network.get_node_by_hostname("security_suite").show()

+-----------------------------------------------------------------------+
|                 security_suite Network Interface Cards                |
+------+------+-------------------+-------------------+-------+---------+
| Port | Type | MAC Address       | Address           | Speed | Status  |
+------+------+-------------------+-------------------+-------+---------+
| 1    | NIC  | 92:17:67:5f:09:f0 | 192.168.1.110/24  | 100   | Enabled |
| 2    | NIC  | 64:6f:aa:ba:cb:d0 | 192.168.10.110/24 | 100   | Enabled |
+------+------+-------------------+-------------------+-------+---------+
+---------------------------+
| security_suite Open Ports |
+-------------+-------------+
| Port        | Name        |
+-------------+-------------+
| 21          | FTP         |
| 53          | DNS         |
| 80          | HTTP        |
| 123         | NTP         |
| 219         | ARP         |
+-------------+-------------+


Calling `computer.arp.show()` displays the Computer/Server ARP Cache.

In [12]:
network.get_node_by_hostname("security_suite").arp.show()

+-----------------------------------------------------+
|               security_suite ARP Cache              |
+-------------+-------------------+-------------------+
| IP Address  | MAC Address       | Via               |
+-------------+-------------------+-------------------+
| 192.168.1.1 | 7c:0a:49:bd:2d:5f | 92:17:67:5f:09:f0 |
+-------------+-------------------+-------------------+


Calling `switch.sys_log.show()` displays the Computer/Server system log. By default, only the last 10 log entries are displayed, this can be changed by passing `last_n=<number of log entries>`.

In [13]:
network.get_node_by_hostname("security_suite").sys_log.show()

+-----------------------------+
|    security_suite Sys Log   |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+


## Basic Network Comms Check

We can perform a good old ping to check that Nodes are able to communicate with each other.

In [14]:
network.show(nodes=False, links=False)

+-----------------------------------------------------------------------------+
|                                 IP Addresses                                |
+-------------------+------+----------------+---------------+-----------------+
| Node              | Port | IP Address     | Subnet Mask   | Default Gateway |
+-------------------+------+----------------+---------------+-----------------+
| router_1          | 1    | 192.168.1.1    | 255.255.255.0 | None            |
| router_1          | 2    | 192.168.10.1   | 255.255.255.0 | None            |
| router_1          | 3    | 127.0.0.1      | 255.0.0.0     | None            |
| router_1          | 4    | 127.0.0.1      | 255.0.0.0     | None            |
| router_1          | 5    | 127.0.0.1      | 255.0.0.0     | None            |
| domain_controller | 1    | 192.168.1.10   | 255.255.255.0 | 192.168.1.1     |
| database_server   | 1    | 192.168.1.14   | 255.255.255.0 | 192.168.1.1     |
| web_server        | 1    | 192.168.1.1

We'll first ping client_1's default gateway.

In [15]:
network.get_node_by_hostname("client_1").ping("192.168.10.1")

Pinging 192.168.10.1:
Reply from 192.168.10.1: bytes=32, time=<1ms, TTL=62
Reply from 192.168.10.1: bytes=32, time=<1ms, TTL=62
Reply from 192.168.10.1: bytes=32, time=<1ms, TTL=62
Reply from 192.168.10.1: bytes=32, time=<1ms, TTL=62
Ping statistics for 192.168.10.1: Packets: Sent = 4, Received = 4, Lost = 0 (0.0% loss)


True

In [16]:
network.get_node_by_hostname("client_1").sys_log.show(15)

+-----------------------------+
|       client_1 Sys Log      |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+


Next, we'll ping the interface of the 192.168.1.0/24 Network on the Router (port 1).

In [17]:
network.get_node_by_hostname("client_1").ping("192.168.1.1")

Pinging 192.168.1.1:
Reply from 192.168.10.1: bytes=32, time=<1ms, TTL=62
Reply from 192.168.10.1: bytes=32, time=<1ms, TTL=62
Reply from 192.168.10.1: bytes=32, time=<1ms, TTL=62
Reply from 192.168.10.1: bytes=32, time=<1ms, TTL=62
Ping statistics for 192.168.1.1: Packets: Sent = 4, Received = 4, Lost = 0 (0.0% loss)


True

And finally, we'll ping the web server.

In [18]:
network.get_node_by_hostname("client_1").ping("192.168.1.12")

Pinging 192.168.1.12:
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Ping statistics for 192.168.1.12: Packets: Sent = 4, Received = 4, Lost = 0 (0.0% loss)


True

To confirm that the ping was received and processed by the web_server, we can view the sys log

In [19]:
network.get_node_by_hostname("web_server").sys_log.show()

+-----------------------------+
|      web_server Sys Log     |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+


## Advanced Network Usage

We can now use the Network to perform some more advaced things.

Let's attempt to prevent client_2 from being able to ping the web server. First, we'll confirm that it can ping the server first...

In [20]:
network.get_node_by_hostname("client_2").ping("192.168.1.12")

Pinging 192.168.1.12:
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Ping statistics for 192.168.1.12: Packets: Sent = 4, Received = 4, Lost = 0 (0.0% loss)


True

If we look at the client_2 sys log we can see that the four ICMP echo requests were sent and four ICMP each replies were received:

In [21]:
network.get_node_by_hostname("client_2").sys_log.show()

+-----------------------------+
|       client_2 Sys Log      |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+


Now we'll add an ACL to block ICMP from 192.168.10.22

In [22]:
from primaite.simulator.network.transmission.network_layer import IPProtocol
from primaite.simulator.network.transmission.transport_layer import Port
from primaite.simulator.network.hardware.nodes.network.router import  ACLAction
network.get_node_by_hostname("router_1").acl.add_rule(
    action=ACLAction.DENY,
    protocol=IPProtocol.ICMP,
    src_ip_address="192.168.10.22",
    position=1
)

True

In [23]:
network.get_node_by_hostname("router_1").acl.show()

+----------------------------------------------------------------------------------------------------------------------------------------------+
|                                                         router_1 Access Control List                                                         |
+-------+--------+----------+---------------+--------------+------------------------+--------+--------------+------------------------+---------+
| Index | Action | Protocol | Src IP        | Src Wildcard | Src Port               | Dst IP | Dst Wildcard | Dst Port               | Matched |
+-------+--------+----------+---------------+--------------+------------------------+--------+--------------+------------------------+---------+
| 0     | PERMIT | ANY      | ANY           | ANY          | 5432 (POSTGRES_SERVER) | ANY    | ANY          | 5432 (POSTGRES_SERVER) | 0       |
| 1     | DENY   | ICMP     | 192.168.10.22 | ANY          | ANY                    | ANY    | ANY          | ANY                 

Now we attempt (and fail) to ping the web server

In [24]:
network.get_node_by_hostname("client_2").ping("192.168.1.12")

Pinging 192.168.1.12:
Ping statistics for 192.168.1.12: Packets: Sent = 4, Received = 0, Lost = 4 (100.0% loss)


False

We can check that the ping was actually sent by client_2 by viewing the sys log

In [25]:
network.get_node_by_hostname("client_2").sys_log.show()

+-----------------------------+
|       client_2 Sys Log      |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+


We can check the router sys log to see why the traffic was blocked

In [26]:
network.get_node_by_hostname("router_1").sys_log.show()

+-----------------------------+
|       router_1 Sys Log      |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+


Now a final check to ensure that client_1 can still ping the web_server.

In [27]:
network.get_node_by_hostname("client_1").ping("192.168.1.12")

Pinging 192.168.1.12:
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Ping statistics for 192.168.1.12: Packets: Sent = 4, Received = 4, Lost = 0 (0.0% loss)


True

In [28]:
network.get_node_by_hostname("client_1").sys_log.show()

+-----------------------------+
|       client_1 Sys Log      |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+
