| Applicable Versions | NetSim Standard | NetSim Pro |
| Applicable Releases | v12 | v13 |
NetSim allows users to interact with the simulation at runtime via a socket or through a file. The Real-Time Interaction option in NetSim, lets the NetSimCore.exe (server) to wait for the client to connect using the socket port. The client can be a socket program written in any programming language. In this case we will be considering a python socket program.
After the connection is established, various commands supported by NetSim's Interactive Simulation/SDN modules can be executed to view/modify certain device parameters during run-time.
Let us consider the following network scenario:
In the above network, Sensors 4, 5, 7 and 8 are sending traffic out to Wired Node 3. Nodes 5, 7 and 8 use UDP protocol whereas, Node 4 uses TCP protocol for communication.
Following application metrics is observed upon running the simulation for 100 seconds:
NetSim's Interactive Simulation command library supports the following Firewall / Access Control List(ACL) based commands:
ACL ENABLE - ACL must be enabled in a device using this command prior to using any of the following commands
ACLCONFIG - Allows users to switch to ACL configuration mode to execute ACL commands in a device
ACL PRINT - Prints the general syntax of ACL commands that can be executed to set firewall rules
PRINT - Prints the ACL rules if any that were added previously for a device.
Command syntax: [PERMIT, DENY] [INBOUND, OUTBOUND, BOTH] PROTO SRC DEST SPORT DPORT IFID
Example: Blocking TCP packets at the Gateway
Assuming that any TCP traffic, is to be blocked at the gateway, we can use the following python socket program which will interact with NetSim simulation during run-time to add firewall rules at the gateway device:
####################################################################################
# Copyright (C) 2019 #
# TETCOS, Bangalore. India #
# #
# Tetcos owns the intellectual property rights in the Product and its content. #
# The copying, redistribution, reselling or publication of any or all of the #
# Product or its content without express prior written consent of Tetcos is #
# prohibited. Ownership and / or any other right relating to the software and all #
# intellectual property rights therein shall remain at all times with Tetcos. #
# ---------------------------------------------------------------------------------#
# An example script to send client request to NetSim server using socket programming in Python
import socket # for socket
import sys
import time
#----------------------Socket code-----------------------
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
print ("Socket successfully created.")
except socket.error as err:
print ("Socket creation failed with error %s" %(err))
# default port for socket
port = 8999
try:
host_ip = socket.gethostbyname('127.0.0.1')
except socket.gaierror:
# this means could not resolve the host
print ("Error resolving host.")
sys.exit()
# connecting to the server
s.connect((host_ip, port))
print ("Connection established to NetSim.")
# setting the current node for which commands will be executed
name = '6_LOWPAN_Gateway_1'
name = name + '\0'
s.send(name.encode())
# ACL is enabled prior to executing other ACL commands
command = 'acl enable'
command = command + '\0'
s.send(command.encode())
resp = s.recv(1024).decode('utf-8')
cont = '__continue__'
while cont not in resp:
resp = resp + s.recv(1024).decode('utf-8')
print ("Received:", resp)
# entering ACL configuration mode to add firewall rules
command = 'aclconfig'
command = command + '\0'
s.send(command.encode())
resp = s.recv(1024).decode('utf-8')
cont = '__continue__'
while cont not in resp:
resp = resp + s.recv(1024).decode('utf-8')
print ("Received:", resp)
# adding a ACL rule to deny TCP traffic from the wireless Zigbee interface of the Gateway node
command = 'deny both tcp any any 0 0 1'
command = command + '\0'
s.send(command.encode())
resp = s.recv(1024).decode('utf-8')
cont = '__continue__'
while cont not in resp:
resp = resp + s.recv(1024).decode('utf-8')
print ("Received:", resp)
# Retreiving and printing the ACL table entries
command = 'print'
command = command + '\0'
s.send(command.encode())
resp = s.recv(1024).decode('utf-8')
cont = '__continue__'
while cont not in resp:
resp = resp + s.recv(1024).decode('utf-8')
print ("Received:", resp)
s.close()For the python program to interact with NetSim during the simulation, Interactive Simulation parameters has to be set to 'True' under the Real-Time Interaction tab, before running the simulation.
This lets the NetSimCore.exe (server) to wait for the client (Python script) to connect using the socket port.
Run simulation for 100 seconds. NetSim Simulation Console starts and waits for client application to connect as shown below:
The socket client code to connect to NetSimCore.exe is written in socketInterface.py.
Run the python script socketInterface.py in a new command window as shown below:
Python interface interacts with NetSim Simulation and firewall rules are added in the Gateway node to block any incoming TCP traffic as shown below:
Following application metrics is observed at the end of the simulation:
TCP packets are blocked at the gateway node, due to which no packets were received by the destination.
This is also evident from the packet trace log file as shown below:
The TCP SYN packet sent from Sensor 4 is not being forwarded by the gatway. Sensor 4 retries TCP connection attempt as per the maximum retry limit configured in TCP properties and stops its attempts.
Please find the attached NetSim Configuration file (Configuration.netsim) and the python script (SocketInterface.py) used in this example.