simulator network host route helper script and docs

Squashed commit of the following: commit 685951b5385062035ac558df1112353c9441c910 Author: Adam Feuer <adam@starcat.io> Date: Mon Feb 24 16:33:00 2020 -0800 fixed typo in readme commit ad1d3289b48af0de3095e3f365429017e57278b3 Author: Adam Feuer <adam@starcat.io> Date: Mon Feb 24 16:07:48 2020 -0800 simulator host route helper script and docs Squashed commit of the following: commit cf5cddcf55a155303cb5abb1aa026f6dcaf369ca Author: Adam Feuer <adam@starcat.io> Date: Mon Feb 24 15:50:40 2020 -0800 syslog on console to fix compile error commit def1bb73fcfbc8b115c55d9f4544b97d583807f2 Author: Adam Feuer <adam@starcat.io> Date: Mon Feb 24 15:46:13 2020 -0800 formatting as per PR feedback; removed ping commit b179fd8831b77fbbe85527a4ab3161e1f1ca1e43 Author: Adam Feuer <adam@starcat.io> Date: Mon Feb 24 15:45:49 2020 -0800 formatting as per PR feedback commit e3280bede9798d9a00b118e126c02ceab497e33a Author: Adam Feuer <adam@starcat.io> Date: Mon Feb 24 13:56:50 2020 -0800 add simhostroute.sh description to readme commit 09a6b0ca3bacf005c2a79102141ae8cc3eb91849 Author: Adam Feuer <adam@starcat.io> Date: Sun Feb 23 17:38:40 2020 -0800 fixed error in simhostroute.sh usage docs commit d838582119d43ee2002ce3808051c82b23e98c58 Author: Adam Feuer <adam@starcat.io> Date: Sun Feb 23 17:28:35 2020 -0800 added tcpblaster defconfig and updated docs commit af3d2d6591f12d1127027fdd363858052094e624 Author: Adam Feuer <adam@starcat.io> Date: Sun Feb 23 17:21:29 2020 -0800 added info about capabilities and running as root commit 6359cfdfedefc818b169455401942d3d33a59f41 Author: Adam Feuer <adam@starcat.io> Date: Sun Feb 23 17:20:42 2020 -0800 updated network linux readme commit 47feb08aa74e4b1fc6c802567bc777d31e7c9a83 Author: Adam Feuer <adam@starcat.io> Date: Sun Feb 23 17:09:04 2020 -0800 initial addition
2020-02-24 16:34:35 -08:00 · 2020-02-24 16:34:35 -08:00 · 7fa1486181
commit 7fa1486181
parent 511e548613
4 changed files with 292 additions and 21 deletions
--- a/boards/sim/sim/sim/NETWORK-LINUX.txt
+++ b/boards/sim/sim/sim/NETWORK-LINUX.txt
@ -1,5 +1,5 @@
-NETWORK SUPPORT ON LINUX
-^^^^^^^^^^^^^^^^^^^^^^^^
+Network Support on Linux
+========================

 The simulation uses the TUN/TAP driver under Linux to provide network support.
 It can operate in one of two modes: host routed, or bridged.  In the host
@ -11,8 +11,8 @@ to set up, but is much more flexible, and is likely to be easier to maintain
 in the end.


-HOST ROUTE MODE
-^^^^^^^^^^^^^^^
+Host Route Mode
+---------------

 If CONFIG_SIM_NET_HOST_ROUTE is enabled, the simulation will create and
 maintain a host route from the assigned IP address to the instance's tap
@ -27,14 +27,52 @@ able to see it until the simulation is stopped.  The host route will force all
 traffic destined for that IP to be sent to the tap interface.

 NOTE:  If you configure an IP address that is not on the same subnet as your
-       host, additional manual setup will be required.  This is not
-       recommended; you should use bridge mode instead.
+       host, additional manual setup will be required. A helper script,
+       `tools/simhostroute.sh` is provided that can do this setup on Linux.
+       On Windows or macOS using host route mode is not recommended.
+
+Recent versions of Linux require setting kernel capabilities to allow the nuttx
+executable access to the tap network driver. You can see more about the tun/tap
+driver requiring Linux capabilities here:
+
+https://github.com/torvalds/linux/blob/master/Documentation/networking/tuntap.txt
+
+The `boards/sim/sim/sim/configs/tcpblaster/defconfig` is known to work in this
+configuration.
+
+To compile:
+
+    $ cp boards/sim/sim/sim/configs/tcpblaster/defconfig .config
+    $ make menuconfig  # optional, to adjust configuration
+    $ make clean; make
+
+You can do the following after compiling the NuttX simulator:
+
+On Linux:
+
+    $ # necessary on recent Linux distributions
+    $ sudo setcap cap_net_admin+ep ./nuttx
+    $ # set up the host route and IP tables rules
+    $ # replace ens33 with your Ethernet or wireless interface
+    $ sudo ./tools/simhostroute.sh ens33 on
+    $ # start the NuttX simulator
+    $ ./nuttx
+
+On the NuttX Simulator:
+
+    nsh> ifconfig eth0 10.0.1.2
+    nsh> ifup eth0
+
+On Linux:
+
+    $ # is nuttx up?
+    $ ping 10.0.1.2


-BRIDGE MODE
-^^^^^^^^^^^
+Bridge Mode
+-----------

-BASIC USAGE
+Basic Usage
 -----------
 If CONFIG_SIM_NET_BRIDGE is enabled, the simulation's tap interface will
 automatically be added to the Linux bridge device specified by the
@ -54,11 +92,11 @@ multiple simulations, they will all be added to the same bridge and can talk
 amongst themselves.


-OPTION 1:  ROUTING LOCAL TRAFFIC TO THE BRIDGE
----------------------------------------------
-If you want the host to be able to talk to your simluations, you will
+Option 1: Routing Local Traffic to the Bridge
+---------------------------------------------
+If you want the host to be able to talk to the simulator, you will
 also need to assign the bridge an IP address (this will be the default
-gateway you assign to your simluations) and add a network route.  Note
+gateway you assign to the simulator) and add a network route.  Note
 that the subnet chosen should not already be in use.  For example, if
 you want to use the 172.26.23.0/24 subnet for your simluations, you
 would do something like the following:
@ -70,9 +108,9 @@ The standard Linux ifconfig utility will automatically add the appropriate
 network route, so no further effort is needed.


-OPTION 2:  LIVE NETWORK ACCESS
------------------------------
-There are two main methods of giving your simulations access to your network
+Option 2: Live Network Access
+-----------------------------
+There are two main methods of giving the simulator access to your network
 at large.  One is to set up your Linux host as a router and configure your
 network so that it knows where to find the appropriate subnet.  This is far
 too complex for most use cases, so you can safely ignore it unless you have
@ -111,16 +149,21 @@ as an ethernet hub; your simluation has direct access to the normal gateway as
 if the simluation were a device physically connected to the network.


-CONFIGURING AT STARTUP
+Configuring at Startup
 ----------------------
 Most Linux distributions have a mechanism for configuring a bridge at startup.
 See your distribution's documentation for more information.

+Setup Script
+------------

-NOTES
-^^^^^
+There is a script, `tools/simbridge.sh` that will do the setup for you.

-  o Users of VMware ESXi should be aware that the bridge will place the contained
+
+Notes
+-----
+
+  - Users of VMware ESXi should be aware that the bridge will place the contained
    ethernet interface into promiscuous mode (don't ask me why).  ESXi will
    reject this by default, and nothing will work.  To fix this, edit the
    properties of the relevant vSwitch or VLAN, select the Security tab, and
@ -131,7 +174,7 @@ NOTES

    I don't know if VMware's consumer products have similar issues or not.

-  o tools/simbridge.sh could make the bridge setup easier:
+  - tools/simbridge.sh could make the bridge setup easier:

      # tools/simbridge.sh eth0 on
      # tools/simbridge.sh eth0 off
--- a/boards/sim/sim/sim/configs/tcpblaster/defconfig
+++ b/boards/sim/sim/sim/configs/tcpblaster/defconfig
@ -0,0 +1,137 @@
+#
+# This file is autogenerated: PLEASE DO NOT EDIT IT.
+#
+# You can use "make menuconfig" to make any modifications to the installed .config file.
+# You can then do "make savedefconfig" to generate a new defconfig file that includes your
+# modifications.
+#
+CONFIG_ARCH="sim"
+CONFIG_ARCH_BOARD="sim"
+CONFIG_ARCH_BOARD_SIM=y
+CONFIG_ARCH_CHIP="sim"
+CONFIG_ARCH_SIM=y
+CONFIG_BOARDCTL_POWEROFF=y
+CONFIG_BUILTIN=y
+CONFIG_CLOCK_MONOTONIC=y
+CONFIG_DEBUG_ERROR=y
+CONFIG_DEBUG_FEATURES=y
+CONFIG_DEBUG_NET=y
+CONFIG_DEBUG_NET_ERROR=y
+CONFIG_DEBUG_SYMBOLS=y
+CONFIG_DEV_LOOP=y
+CONFIG_DEV_ZERO=y
+CONFIG_DRIVERS_VIDEO=y
+CONFIG_ELF=y
+CONFIG_EXAMPLES_FTPC=y
+CONFIG_EXAMPLES_TCPBLASTER=y
+CONFIG_EXAMPLES_TCPECHO=y
+CONFIG_EXECFUNCS_HAVE_SYMTAB=y
+CONFIG_FS_BINFS=y
+CONFIG_FS_HOSTFS=y
+CONFIG_FS_LITTLEFS=y
+CONFIG_FS_PROCFS=y
+CONFIG_FS_TMPFS=y
+CONFIG_IDLETHREAD_STACKSIZE=2048
+CONFIG_INPUT=y
+CONFIG_IOB_NBUFFERS=1024
+CONFIG_IOB_NCHAINS=128
+CONFIG_IOB_NOTIFIER=y
+CONFIG_IOB_THROTTLE=16
+CONFIG_LIBC_EXECFUNCS=y
+CONFIG_LIBC_IOCTL_VARIADIC=y
+CONFIG_LIBC_LOCALE=y
+CONFIG_LIBC_LOCALTIME=y
+CONFIG_LIBM=y
+CONFIG_MAX_TASKS=16
+CONFIG_MAX_WDOGPARMS=2
+CONFIG_MM_REGIONS=2
+CONFIG_MQ_MAXMSGSIZE=64
+CONFIG_MTD=y
+CONFIG_NET=y
+CONFIG_NETDB_DNSCLIENT=y
+CONFIG_NETDB_DNSCLIENT_MAXRESPONSE=176
+CONFIG_NETDB_DNSCLIENT_RECV_TIMEOUT=3
+CONFIG_NETDB_DNSSERVER_IPv4ADDR=0x771d1d1d
+CONFIG_NETDEVICES=y
+CONFIG_NETDEV_LATEINIT=y
+CONFIG_NETDEV_PHY_IOCTL=y
+CONFIG_NETDEV_STATISTICS=y
+CONFIG_NETINIT_DRIPADDR=0x0a000101
+CONFIG_NETINIT_IPADDR=0x0a000102
+CONFIG_NETINIT_NETLOCAL=y
+CONFIG_NETUTILS_DHCPC=y
+CONFIG_NETUTILS_FTPC=y
+CONFIG_NETUTILS_TELNETD=y
+CONFIG_NETUTILS_TFTPC=y
+CONFIG_NETUTILS_WEBCLIENT=y
+CONFIG_NET_ARP_SEND=y
+CONFIG_NET_BROADCAST=y
+CONFIG_NET_ICMP=y
+CONFIG_NET_ICMP_SOCKET=y
+CONFIG_NET_ICMPv6=y
+CONFIG_NET_ICMPv6_SOCKET=y
+CONFIG_NET_IPv6=y
+CONFIG_NET_LOOPBACK=y
+CONFIG_NET_SENDFILE=y
+CONFIG_NET_SLIP=y
+CONFIG_NET_SOLINGER=y
+CONFIG_NET_STATISTICS=y
+CONFIG_NET_TCP=y
+CONFIG_NET_TCPBACKLOG=y
+CONFIG_NET_TCP_WRITE_BUFFERS=y
+CONFIG_NET_TUN=y
+CONFIG_NET_TUN_PKTSIZE=1500
+CONFIG_NET_UDP=y
+CONFIG_NET_UDP_BINDTODEVICE=y
+CONFIG_NET_UDP_WRITE_BUFFERS=y
+CONFIG_NFILE_DESCRIPTORS=8
+CONFIG_NSH_ARCHINIT=y
+CONFIG_NSH_BUILTIN_APPS=y
+CONFIG_NSH_FILE_APPS=y
+CONFIG_NSH_READLINE=y
+CONFIG_NSH_TELNETD_CLIENTSTACKSIZE=4096
+CONFIG_NSOCKET_DESCRIPTORS=10
+CONFIG_POSIX_SPAWN_PROXY_STACKSIZE=2048
+CONFIG_PREALLOC_MQ_MSGS=4
+CONFIG_PREALLOC_TIMERS=4
+CONFIG_PSEUDOFS_SOFTLINKS=y
+CONFIG_PSEUDOTERM=y
+CONFIG_PSEUDOTERM_BSD=y
+CONFIG_PTHREAD_CLEANUP=y
+CONFIG_PTHREAD_CLEANUP_STACKSIZE=2
+CONFIG_PTHREAD_MUTEX_TYPES=y
+CONFIG_PTHREAD_STACK_DEFAULT=8192
+CONFIG_RAMMTD=y
+CONFIG_READLINE_CMD_HISTORY=y
+CONFIG_READLINE_TABCOMPLETION=y
+CONFIG_SCHED_CHILD_STATUS=y
+CONFIG_SCHED_HAVE_PARENT=y
+CONFIG_SCHED_HPWORK=y
+CONFIG_SCHED_ONEXIT=y
+CONFIG_SERIAL_TERMIOS=y
+CONFIG_SIG_DEFAULT=y
+CONFIG_SIG_EVTHREAD=y
+CONFIG_SIM_M32=y
+CONFIG_STACK_COLORATION=y
+CONFIG_SYSLOG_BUFFER=y
+CONFIG_SYSLOG_CONSOLE=y
+CONFIG_SYSLOG_TIMESTAMP=y
+CONFIG_SYSTEM_CLE=y
+CONFIG_SYSTEM_NSH=y
+CONFIG_SYSTEM_NSH_STACKSIZE=4096
+CONFIG_SYSTEM_NTPC=y
+CONFIG_SYSTEM_PING6=y
+CONFIG_SYSTEM_PING=y
+CONFIG_SYSTEM_PING_STACKSIZE=4096
+CONFIG_SYSTEM_SYSTEM=y
+CONFIG_SYSTEM_TELNET_CLIENT=y
+CONFIG_SYSTEM_TELNET_CLIENT_STACKSIZE=4096
+CONFIG_SYSTEM_TIME64=y
+CONFIG_TASK_NAME_SIZE=32
+CONFIG_TELNET_CHARACTER_MODE=y
+CONFIG_TELNET_TXBUFFER_SIZE=64
+CONFIG_TTY_SIGINT=y
+CONFIG_TTY_SIGINT_CHAR=0x3
+CONFIG_TTY_SIGSTP=y
+CONFIG_USERMAIN_STACKSIZE=4096
+CONFIG_USER_ENTRYPOINT="nsh_main"
--- a/tools/README.txt
+++ b/tools/README.txt
@ -931,6 +931,18 @@ sethost.sh
      -h will show this help test and terminate
      <config> selects configuration file.  Default: .config

+simhostroute.sh
+---------------
+
+   Helper script used to set up the tap driver, host routes,
+   and IP Tables rules to support networking with the
+   simulator under Linux.  General usage:
+
+     $ tools/simhostroute.sh
+     Usage: tools/simhostroute.sh <interface> <on|off>
+
+  See boards/sim/sim/sim/NETWORK-LINUX.txt for further information
+
 simbridge.sh
 ------------

--- a/tools/simhostroute.sh
+++ b/tools/simhostroute.sh
@ -0,0 +1,79 @@
+#!/bin/bash
+
+#****************************************************************************
+# tools/simhostroute.sh
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.  The
+# ASF licenses this file to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance with the
+# License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+#****************************************************************************
+
+# Helper script to set up host route to NuttX simulator
+# and set up IP Tables to allow it to access the 
+# internet.
+#
+# This script needs to be run as root.
+#
+# Note that on Linux you may also have to set kernel capabilities
+# on the nuttx executable to allow NuttX to access the tap device:
+#
+# sudo setcap cap_net_admin+ep ./nuttx
+
+if [ $# != 2 ]; then
+  echo "Usage: $0 <interface> <on|off>"
+  exit 1
+fi
+
+IF_HOST=$1
+STATUS=$2
+
+IF_BRIDGE=nuttx0
+IP_NET="10.0.1.0/24"
+IP_NETMASK="255.255.255.0"
+IP_BROADCAST="10.0.0.255"
+IP_HOST="10.0.1.1"
+IP_NUTTX="10.0.1.2"
+
+if [ "$STATUS" == "on" ]; then
+    ip link add $IF_BRIDGE type bridge
+    ifconfig $IF_BRIDGE $IP_HOST
+    ifconfig $IF_BRIDGE up
+    ifconfig -a
+    ip addr add $IP_HOST dev $IF_BRIDGE 
+    ifconfig $IF_BRIDGE netmask $IP_NETMASK
+    ip route delete $IP_NET
+    ip route add $IP_NET dev $IF_BRIDGE src $IP_HOST
+    ip route add $IP_NUTTX/32 dev $IF_BRIDGE src $IP_HOST
+
+    # nat to allow NuttX to access the internet
+    iptables -t nat -A POSTROUTING -o $IF_HOST -j MASQUERADE
+    iptables -A FORWARD -i $IF_HOST -o $IF_BRIDGE -m state --state RELATED,ESTABLISHED -j ACCEPT
+    iptables -A FORWARD -i $IF_BRIDGE -o $IF_HOST -j ACCEPT
+
+    ip route show
+else
+    ip route delete $IP_NET
+    ip route delete $IP_NUTTX/32
+
+    # delete nat rules to clean up
+    iptables -t nat -A POSTROUTING -o $IF_HOST -j MASQUERADE
+    iptables -D FORWARD -i $IF_HOST -o $IF_BRIDGE -m state --state RELATED,ESTABLISHED -j ACCEPT
+    iptables -D FORWARD -i $IF_BRIDGE -o $IF_HOST -j ACCEPT
+
+    ip link delete $IF_BRIDGE type bridge
+
+    ip route show
+fi
+