Simulating and Manipulating Networks

Simulating and Manipulating Networks


Developing for mobile is hard. There are nearly 20,000 separate Android handsets all with varying hardware, half of which are running an OS version nearly two years old. Mix that in with some models supporting only CDMA, others only on GSM, and some with support for dual-SIM cards. Don’t even get me started with the recent branching out into smart watches, in-car dash systems, and health devices. Then we can jump into iOS, Windows, and Blackberry (Who am I kidding, RIM isn’t even worth mentioning nowadays); all with their own plethora of offerings along with other newcomers.

And then we have to deal with the mobile networks: 3G, LTE, Wi-Fi hotspots, HSPA+, and Edge – Yeesh!

Oh yeah, and I18n support – because, you know – you don’t want to leave out 80% of the world’s population by only targeting English.

That’s a lot to consider; and we’re barely scratching the surface here. So let’s focus on one thing: Mobile networks.

A lot of folks out there aren’t lucky enough to have a Google Fiber connection, or widespread LTE networks within their country; and we as app developers need to be prepared for that. So how can we possibly test to ensure that our app is prepared for the real world?!

We needed to answer just that.


Our goals:

  • To be able to simulate LTE, 3G, HSPA+, and any other custom network speed.
  • To be able to delay, drop, corrupt, and duplicate packets.
  • To be able to connect real devices and set each to respond to these various network conditions.
  • To be able to configure of these settings easily.

Materials & Prerequisites:

  • Raspberry Pi (Any model, we used a B+)
  • Case for Raspberry Pi
  • Panda Ultra PWIUSBA203 wi-fi dongle (Any wireless adapter that supports Master/AP mode should work – but you may need extra tweaking outside of the scope of this article. You can discover the supported interfaces by running iw list and looking for AP within the supported interfaces section.)
  • MicroSD card
  • MicroSD card reader
  • An ethernet cord
  • A 5V 1A+ power adapter
  • Must be comfortable working within a Linux environment
  • Kali Linux Raspberry Pi image (Because Pentesting is fun! Instructions to download are below.)


The nitty gritty

Let’s prep our device – it’s a simple setup; install the Raspberry Pi into it’s case, place the wi-fi adapter into one of the open USB ports, connect the ethernet cord into both the RasPi and your home router. Don’t provider power to the device just yet! First we need to prep the system.

Download Kali Linux from their website (Using another Debian based distribution should work just as well)

The direct link can be found here. The SHA1-hash is b25bce29053de290748ea5e40f82cbabb64bc75b. For reference, you can view the full downloads page. The file will need to be decompressed.

Place your microSD card into it’s reader and ensure it’s mounted on to your computer; now we need to write the image to disk. The below instructions are for OSX users:

Open up your terminal and first we’ll find out where our SD card is mounted, we can do this by entering diskutil list and finding the correct entry that matches our SD card. Take note of the /dev/disk# entry. In this case, ours is /dev/disk4

#: TYPE                    NAME        SIZE     IDENTIFIER
0: FDisk_partition_scheme             *15.9 GB     disk4
1: Windows_FAT_32          NO NAME     64.0 MB     disk4s1
2: Linux                               3.1 GB      disk4s2

For the following, replace all entries of <disk> with your disk’s entry (eg: /dev/disk4) – Be sure to triple check it is the correct entry so you are not acting on another disk!

Unmount the disk with diskutil unmountDisk <disk>

We can write our Kali image to the disk, replacing <path-to-kali-image> of course with the absolute path to the .img file we downloaded earlier:

dd if=<path-to-kali-image> of=<disk> bs=1m

This will take a few minutes as the image is ~3GB. If you would like to check the progress, simply hit CRLT+T.

Once complete, the command will return you to your prompt without any output.

Now the fun begins! Eject the SD card from your computer and place it into the RasPi and attach the power source. Give the operating system a minute to boot up, and we’re good to go!

Find the IP of the new device; whether through your router, nmap, or any other way. Once found, SSH to your device. In our case, the IP is

ssh [email protected] # The default Kali password is "toor"

We’re just about finished! We’ve written a script that will set everything up; to download and install it – all we need is:

wget -O /tmp/ && sh /tmp/

Kick back, let the script do it’s work, and when it’s finished run network-emulator to get going! There will be a config.yaml file in the current directory that can be used as a template.

A quick little run-down of the configuration file:
-      # List as many IPs as you'd like, this is the first element of the array.
class_id: 10           # Must be unique across all IP addresses - best to just match it with the final octet of the IP address
ingress: 10mbps        # The incoming network speed in megabits per second. Also supported: kbps
egress: 10mbps         # The outgoing network speed
egress_delay: 0ms      # A delay sent on all outgoing packets in milliseconds
egress_corrupt: 0      # Percentage of corrupt outgoing packets
egress_loss: 0         # Percentage of lost outgoing packets
egress_duplicate: 0    # Percentage of duplicated outgoing packets
ingress_delay: 0ms     # Below is all the same - except for incoming packets
ingress_corrupt: 0
ingress_loss: 0
ingress_duplicate: 0


You should now have a fully functioning access point up and running, with the capabilities to granularly control various aspects of traffic going to each connected device. In order to connect to the access point, you should see an SSID named “JacobianEmulator” with the password “JacobianEngineering” – These can be changed by editing /etc/hostapd/hostapd.conf and restarting the hostapd service.

That’s it – now go have some fun!