Giter Site home page Giter Site logo

wisemeninc / godiode Goto Github PK

View Code? Open in Web Editor NEW

This project forked from klockcykel/godiode

0.0 0.0 0.0 4.74 MB

Golang PoC software for reliable file transfers over a data diode. DIY gigabit data diode hardware instructions

License: MIT License

Go 100.00%

godiode's Introduction

presentation title page

DIY Data Diode

Simple DIY gigabit data diode (hardware and software). Presented at SEC-T 2021.

Hardware

By doing a simple hardware mod to a fiber converter you can build your own data diode for around โ‚ฌ60. See the /hardware folder for modding instructions

Software

PoC golang code for reliable file transfers over a data diode. With recommended OS optimizations it should reach 750+ Mbit/s file transfers.

Build instructions

With local golang available

# apt install golang
cd src && go build -o ../bin/godiode . ; cd ..

With golang in docker

# apt install golang
docker-compose run --rm build

The built binary will end up in ./bin/godiode

Running

Usage

Usage: godiode <options> send|receive <dir>
  -baddr string
    	bind address
  -bw int
    	throttle bw to X Mbit/s (sender only)
  -conf string
    	JSON config file (default "/etc/godiode.json")
  -delete
    	delete files (receiver only)
  -interface string
    	interface to bind to
  -maddr string
    	multicast address (default "239.252.28.12:5432")
  -packetsize int
    	maximum UDP payload size (default 1472)
  -secret string
    	HMAC secret
  -tmpdir string
    	tmp dir to use (receiver only)
  -verbose
    	verbose output

Receiver

Replace eth0 with nic connected to diode, received data will end up in ./in

mkdir -p in/ && ./bin/godiode --verbose --interface eth0 receive in/

Or using docker...

docker-compose run --rm godiode --verbose --interface eth0 receive /in

Sender

Place folder structure to transfer under ./out and replace IP with whatever you assigned the nic connected to the diode.

mkdir -p out && ./bin/godiode --verbose --baddr 10.72.0.1:1234 send out/

Or using docker...

docker-compose run --rm godiode --verbose --baddr 10.72.0.1:1234 send /out

Optimize for speed

Use jumbo frames

For optimal performance it's recommended to use jumbo frames. Enable on your interfaces (both sender and receiver):

# replace eth0 with nic connected to diode
sudo ip link set mtu 9000 eth0

Instruct sender/receiver to use larger packets with maxpacket-flag to godiode

godiode --packetsize 8972 send /out

Increase send/receive buffers

Receiver will try and allocate a receive buffer of 300xPacketsize, so with jumbo frames the net.core.rm_max should be set to at least 2700000 in either /etc/sysctl.conf or manually with

sudo sysctl net.core.rmem_max=2700000

godiode's People

Contributors

klockcykel avatar idstam avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.