# PrimAITE Router Simulation Demo

This demo uses the ARCD Use Case 2 Network (seen below) to demonstrate the capabilities of the Network simulator in PrimAITE.

## The Network
First let's create our network. The network comes 'pre-packaged' with PrimAITE in the `primaite.simulator.network.networks` module.

> ℹ️ You'll see a bunch of logs associated with parts of the Network that aern't an 'electronic' device on the Network and thus don't have a stsrem to log to. Soon these logs are going to be pushed to a Network Logger so we're not clogging up the PrimAITE application logs.

In [1]:
from primaite.simulator.network.networks import arcd_uc2_network

In [2]:
network = arcd_uc2_network()

Most of the Network components have a `.show()` function that prints a table of information about that object. We can view the Nodes and Links on the Network by calling `network.show()`.

In [3]:
network.show()

+------------------------------------------------+
|                     Nodes                      |
+-------------------+----------+-----------------+
| Node              | Type     | Operating State |
+-------------------+----------+-----------------+
| router_1          | Router   | ON              |
| switch_1          | Switch   | ON              |
| switch_2          | Switch   | ON              |
| domain_controller | Server   | ON              |
| database_server   | Server   | ON              |
| web_server        | Server   | ON              |
| backup_server     | Server   | ON              |
| security_suite    | Server   | ON              |
| client_1          | Computer | ON              |
| client_2          | Computer | ON              |
+-------------------+----------+-----------------+
+-----------------------------------------------------------------------------+
|                                 IP Addresses                                |
+-------------------+---

## Nodes

Now let's inspect some of the nodes. We can directly access a node on the Network by calling .`get_node_by_hostname`. Like Network, a Node, along with some core services like ARP, have a `.show()` method.

### Router Nodes

First we'll inspect the Router node and some of it's core services.

Calling `router.show()` displays the Ethernet interfaces on the Router. If you need a table in markdown format, pass `markdown=True`.

In [4]:
network.get_node_by_hostname("router_1").show()

+---------------------------------------------------------------+
|                  router_1 Network Interfaces                  |
+------+-------------------+-----------------+-------+----------+
| Port | MAC Address       | Address         | Speed | Status   |
+------+-------------------+-----------------+-------+----------+
| 1    | 3f:c3:3d:00:74:c4 | 192.168.1.1/24  | 100   | Enabled  |
| 2    | eb:31:e8:11:28:ac | 192.168.10.1/24 | 100   | Enabled  |
| 3    | 7b:4f:23:8d:b5:18 | 127.0.0.1/8     | 100   | Disabled |
| 4    | cd:89:ba:42:ee:04 | 127.0.0.1/8     | 100   | Disabled |
| 5    | 8d:92:27:76:79:c5 | 127.0.0.1/8     | 100   | Disabled |
+------+-------------------+-----------------+-------+----------+


Calling `router.arp.show()` displays the Router ARP Cache.

In [5]:
network.get_node_by_hostname("router_1").arp.show()

+-------------------------------------------------------+
|                   router_1 ARP Cache                  |
+---------------+-------------------+-------------------+
| IP Address    | MAC Address       | Via               |
+---------------+-------------------+-------------------+
| 192.168.10.21 | f6:6d:35:8a:67:d8 | eb:31:e8:11:28:ac |
| 192.168.10.22 | 6a:b1:ff:36:ef:40 | eb:31:e8:11:28:ac |
| 192.168.1.10  | 00:c3:ff:62:87:8f | 3f:c3:3d:00:74:c4 |
| 192.168.1.14  | 2e:e8:cb:a5:97:12 | 3f:c3:3d:00:74:c4 |
| 192.168.1.12  | 90:94:52:a6:1f:c5 | 3f:c3:3d:00:74:c4 |
| 192.168.1.16  | c3:e5:81:c9:8b:74 | 3f:c3:3d:00:74:c4 |
| 192.168.1.110 | 18:9d:a1:f0:6f:0b | 3f:c3:3d:00:74:c4 |
+---------------+-------------------+-------------------+


Calling `router.acl.show()` displays the Access Control List.

In [6]:
network.get_node_by_hostname("router_1").acl.show()

+---------------------------------------------------------------------------------------------------------------------------------------+
|                                                      router_1 Access Control List                                                     |
+-------+--------+----------+--------+--------------+------------------------+--------+--------------+------------------------+---------+
| Index | Action | Protocol | Src IP | Src Wildcard | Src Port               | Dst IP | Dst Wildcard | Dst Port               | Matched |
+-------+--------+----------+--------+--------------+------------------------+--------+--------------+------------------------+---------+
| 0     | PERMIT | ANY      | ANY    | ANY          | 5432 (POSTGRES_SERVER) | ANY    | ANY          | 5432 (POSTGRES_SERVER) | 0       |
| 1     | PERMIT | ANY      | ANY    | ANY          | 53 (DNS)               | ANY    | ANY          | 53 (DNS)               | 0       |
| 2     | PERMIT | ANY      | ANY 

Calling `router.router_table.show()` displays the static routes the Router provides.

In [7]:
network.get_node_by_hostname("router_1").route_table.show()

+-------------------------------------+
|         router_1 Route Table        |
+-------+---------+----------+--------+
| Index | Address | Next Hop | Metric |
+-------+---------+----------+--------+
+-------+---------+----------+--------+


Calling `router.sys_log.show()` displays the Router system log. By default, only the last 10 log entries are displayed, this can be changed by passing `last_n=<number of log entries>`.

In [8]:
network.get_node_by_hostname("router_1").sys_log.show(last_n=10)

+-----------------------------+
|       router_1 Sys Log      |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+


### Switch Nodes

Next we'll inspect the Switch node and some of it's core services.

Calling `switch.show()` displays the Switch ports on the Switch.

In [30]:
network.get_node_by_hostname("switch_1").show()

+---------------------------------------------+
|            switch_1 Switch Ports            |
+------+-------------------+-------+----------+
| Port | MAC Address       | Speed | Status   |
+------+-------------------+-------+----------+
| 1    | 08:79:a7:3f:b5:96 | 100   | Enabled  |
| 2    | 75:c5:30:0f:5d:92 | 100   | Enabled  |
| 3    | f1:62:75:5d:d9:59 | 100   | Enabled  |
| 4    | 08:0e:a9:03:d7:3c | 100   | Enabled  |
| 5    | ae:40:29:58:c7:95 | 100   | Disabled |
| 6    | 7d:54:38:7f:79:e8 | 100   | Disabled |
| 7    | 63:ea:45:e6:f4:22 | 100   | Enabled  |
| 8    | a9:ea:54:9f:35:f8 | 100   | Enabled  |
+------+-------------------+-------+----------+
+---------------------------------------------+
|            switch_2 Switch Ports            |
+------+-------------------+-------+----------+
| Port | MAC Address       | Speed | Status   |
+------+-------------------+-------+----------+
| 1    | 42:08:3f:1e:ea:dd | 100   | Enabled  |
| 2    | a8:1b:b2:78:12:34 | 100   | Ena

Calling `switch.arp.show()` displays the Switch ARP Cache.

In [10]:
network.get_node_by_hostname("switch_1").arp.show()
#network.get_node_by_hostname("switch_1").software_manager

+--------------------------------+
|       switch_1 ARP Cache       |
+------------+-------------+-----+
| IP Address | MAC Address | Via |
+------------+-------------+-----+
+------------+-------------+-----+


Calling `switch.sys_log.show()` displays the Switch system log. By default, only the last 10 log entries are displayed, this can be changed by passing `last_n=<number of log entries>`.

In [11]:
network.get_node_by_hostname("switch_1").sys_log.show()

+-----------------------------+
|       switch_1 Sys Log      |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+


### Computer/Server Nodes

Finally, we'll inspect a Computer or Server Node and some of its core services.

Calling `computer.show()` displays the NICs on the Computer/Server.

In [12]:
network.get_node_by_hostname("security_suite").show()

+-----------------------------------------------------------------------+
|                 security_suite Network Interface Cards                |
+------+------+-------------------+-------------------+-------+---------+
| Port | Type | MAC Address       | Address           | Speed | Status  |
+------+------+-------------------+-------------------+-------+---------+
| 1    | NIC  | 18:9d:a1:f0:6f:0b | 192.168.1.110/24  | 100   | Enabled |
| 2    | NIC  | 9e:b2:c8:04:d8:97 | 192.168.10.110/24 | 100   | Enabled |
+------+------+-------------------+-------------------+-------+---------+
+---------------------------+
| security_suite Open Ports |
+-------------+-------------+
| Port        | Name        |
+-------------+-------------+
| 21          | FTP         |
| 53          | DNS         |
| 80          | HTTP        |
| 123         | NTP         |
| 219         | ARP         |
+-------------+-------------+


Calling `computer.arp.show()` displays the Computer/Server ARP Cache.

In [13]:
network.get_node_by_hostname("security_suite").arp.show()

+-----------------------------------------------------+
|               security_suite ARP Cache              |
+-------------+-------------------+-------------------+
| IP Address  | MAC Address       | Via               |
+-------------+-------------------+-------------------+
| 192.168.1.1 | 3f:c3:3d:00:74:c4 | 18:9d:a1:f0:6f:0b |
+-------------+-------------------+-------------------+


Calling `switch.sys_log.show()` displays the Computer/Server system log. By default, only the last 10 log entries are displayed, this can be changed by passing `last_n=<number of log entries>`.

In [14]:
network.get_node_by_hostname("security_suite").sys_log.show()

+-----------------------------+
|    security_suite Sys Log   |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+


## Basic Network Comms Check

We can perform a good old ping to check that Nodes are able to communicate with each other.

In [15]:
network.show(nodes=False, links=False)

+-----------------------------------------------------------------------------+
|                                 IP Addresses                                |
+-------------------+------+----------------+---------------+-----------------+
| Node              | Port | IP Address     | Subnet Mask   | Default Gateway |
+-------------------+------+----------------+---------------+-----------------+
| router_1          | 1    | 192.168.1.1    | 255.255.255.0 | None            |
| router_1          | 2    | 192.168.10.1   | 255.255.255.0 | None            |
| router_1          | 3    | 127.0.0.1      | 255.0.0.0     | None            |
| router_1          | 4    | 127.0.0.1      | 255.0.0.0     | None            |
| router_1          | 5    | 127.0.0.1      | 255.0.0.0     | None            |
| domain_controller | 1    | 192.168.1.10   | 255.255.255.0 | 192.168.1.1     |
| database_server   | 1    | 192.168.1.14   | 255.255.255.0 | 192.168.1.1     |
| web_server        | 1    | 192.168.1.1

We'll first ping client_1's default gateway.

In [16]:
network.get_node_by_hostname("client_1").ping("192.168.10.1")

Pinging 192.168.10.1:
Reply from 192.168.10.1: bytes=32, time=<1ms, TTL=62
Reply from 192.168.10.1: bytes=32, time=<1ms, TTL=62
Reply from 192.168.10.1: bytes=32, time=<1ms, TTL=62
Reply from 192.168.10.1: bytes=32, time=<1ms, TTL=62
Ping statistics for 192.168.10.1: Packets: Sent = 4, Received = 4, Lost = 0 (0.0% loss)


True

In [17]:
network.get_node_by_hostname("client_1").sys_log.show(15)

+-----------------------------+
|       client_1 Sys Log      |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+


Next, we'll ping the interface of the 192.168.1.0/24 Network on the Router (port 1).

In [18]:
network.get_node_by_hostname("client_1").ping("192.168.1.1")

Pinging 192.168.1.1:
Reply from 192.168.10.1: bytes=32, time=<1ms, TTL=62
Reply from 192.168.10.1: bytes=32, time=<1ms, TTL=62
Reply from 192.168.10.1: bytes=32, time=<1ms, TTL=62
Reply from 192.168.10.1: bytes=32, time=<1ms, TTL=62
Ping statistics for 192.168.1.1: Packets: Sent = 4, Received = 4, Lost = 0 (0.0% loss)


True

And finally, we'll ping the web server.

In [19]:
network.get_node_by_hostname("client_1").ping("192.168.1.12")

Pinging 192.168.1.12:
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Ping statistics for 192.168.1.12: Packets: Sent = 4, Received = 4, Lost = 0 (0.0% loss)


True

To confirm that the ping was received and processed by the web_server, we can view the sys log

In [20]:
network.get_node_by_hostname("web_server").sys_log.show()

+-----------------------------+
|      web_server Sys Log     |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+


## Advanced Network Usage

We can now use the Network to perform some more advaced things.

Let's attempt to prevent client_2 from being able to ping the web server. First, we'll confirm that it can ping the server first...

In [21]:
network.get_node_by_hostname("client_2").ping("192.168.1.12")

Pinging 192.168.1.12:
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Ping statistics for 192.168.1.12: Packets: Sent = 4, Received = 4, Lost = 0 (0.0% loss)


True

If we look at the client_2 sys log we can see that the four ICMP echo requests were sent and four ICMP each replies were received:

In [22]:
network.get_node_by_hostname("client_2").sys_log.show()

+-----------------------------+
|       client_2 Sys Log      |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+


Now we'll add an ACL to block ICMP from 192.168.10.22

In [23]:
from primaite.simulator.network.transmission.network_layer import IPProtocol
from primaite.simulator.network.transmission.transport_layer import Port
from primaite.simulator.network.hardware.nodes.network.router import  ACLAction
network.get_node_by_hostname("router_1").acl.add_rule(
    action=ACLAction.DENY,
    protocol=IPProtocol.ICMP,
    src_ip_address="192.168.10.22",
    position=1
)

True

In [24]:
network.get_node_by_hostname("router_1").acl.show()

+----------------------------------------------------------------------------------------------------------------------------------------------+
|                                                         router_1 Access Control List                                                         |
+-------+--------+----------+---------------+--------------+------------------------+--------+--------------+------------------------+---------+
| Index | Action | Protocol | Src IP        | Src Wildcard | Src Port               | Dst IP | Dst Wildcard | Dst Port               | Matched |
+-------+--------+----------+---------------+--------------+------------------------+--------+--------------+------------------------+---------+
| 0     | PERMIT | ANY      | ANY           | ANY          | 5432 (POSTGRES_SERVER) | ANY    | ANY          | 5432 (POSTGRES_SERVER) | 0       |
| 1     | DENY   | ICMP     | 192.168.10.22 | ANY          | ANY                    | ANY    | ANY          | ANY                 

Now we attempt (and fail) to ping the web server

In [25]:
network.get_node_by_hostname("client_2").ping("192.168.1.12")

Pinging 192.168.1.12:
Ping statistics for 192.168.1.12: Packets: Sent = 4, Received = 0, Lost = 4 (100.0% loss)


False

We can check that the ping was actually sent by client_2 by viewing the sys log

In [26]:
network.get_node_by_hostname("client_2").sys_log.show()

+-----------------------------+
|       client_2 Sys Log      |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+


We can check the router sys log to see why the traffic was blocked

In [27]:
network.get_node_by_hostname("router_1").sys_log.show()

+-----------------------------+
|       router_1 Sys Log      |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+


Now a final check to ensure that client_1 can still ping the web_server.

In [28]:
network.get_node_by_hostname("client_1").ping("192.168.1.12")

Pinging 192.168.1.12:
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Reply from 192.168.1.12: bytes=32, time=<1ms, TTL=59
Ping statistics for 192.168.1.12: Packets: Sent = 4, Received = 4, Lost = 0 (0.0% loss)


True

In [29]:
network.get_node_by_hostname("client_1").sys_log.show()

+-----------------------------+
|       client_1 Sys Log      |
+-----------+-------+---------+
| Timestamp | Level | Message |
+-----------+-------+---------+
+-----------+-------+---------+
