mirror of https://github.com/D4-project/d4-core
Merge branch 'master' of https://github.com/D4-project/d4-core
Terrtia
commit
d84ca76736
68
README.md
68
README.md
|
|
@ -1,17 +1,77 @@
|
||||||
# D4 core
|
# D4 core
|
||||||
|
|
||||||
Software components used for the D4 project
|
D4 core are software components used in the D4 project. The software includes everything to create your own sensor network or connect
|
||||||
|
to an existing sensor network using simple clients.
|
||||||
|
|
||||||
## D4 core client
|
## D4 core client
|
||||||
|
|
||||||
|
[D4 core client](https://github.com/D4-project/d4-core/tree/master/client) is a simple and minimal implementation of the [D4 encapsulation protocol](https://github.com/D4-project/architecture/tree/master/format). There is also a [portable D4 client](https://github.com/D4-project/d4-goclient) in Go including the support for the SSL/TLS connectivity.
|
||||||
|
|
||||||
|
### Requirements
|
||||||
|
|
||||||
|
- Unix-like operating system
|
||||||
|
- make
|
||||||
|
- a recent C compiler
|
||||||
|
|
||||||
|
### Usage
|
||||||
|
|
||||||
|
The D4 client can be used to stream any byte stream towards a D4 server.
|
||||||
|
|
||||||
|
As an example, you directly stream tcpdump output to a D4 server with the following
|
||||||
|
script:
|
||||||
|
|
||||||
|
````
|
||||||
|
tcpdump -n -s0 -w - | ./d4 -c ./conf | socat - OPENSSL-CONNECT:$D4-SERVER-IP-ADDRESS:$PORT,verify=0
|
||||||
|
````
|
||||||
|
|
||||||
~~~~
|
~~~~
|
||||||
|
d4 - d4 client
|
||||||
|
Read data from the configured <source> and send it to <destination>
|
||||||
|
|
||||||
|
Usage: d4 -c config_directory
|
||||||
|
|
||||||
|
Configuration
|
||||||
|
|
||||||
|
The configuration settings are stored in files in the configuration directory
|
||||||
|
specified with the -c command line switch.
|
||||||
|
|
||||||
|
Files in the configuration directory
|
||||||
|
|
||||||
|
key - is the private HMAC-SHA-256-128 key.
|
||||||
|
The HMAC is computed on the header with a HMAC value set to 0
|
||||||
|
which is updated later.
|
||||||
|
snaplen - the length of bytes that is read from the <source>
|
||||||
|
version - the version of the d4 client
|
||||||
|
type - the type of data that is send. pcap, netflow, ...
|
||||||
|
source - the source where the data is read from
|
||||||
|
destination - the destination where the data is written to
|
||||||
|
~~~~
|
||||||
|
|
||||||
|
### Installation
|
||||||
|
|
||||||
|
~~~~
|
||||||
|
cd client
|
||||||
git submodule init
|
git submodule init
|
||||||
git submodule update
|
git submodule update
|
||||||
~~~~
|
~~~~
|
||||||
|
|
||||||
|
## D4 core server
|
||||||
|
|
||||||
|
D4 core server is a complete server to handle clients (sensors) including the decapsulation of the [D4 protocol](https://github.com/D4-project/architecture/tree/master/format), control of
|
||||||
|
sensor registrations, management of decoding protocols and dispatching to adequate decoders/analysers.
|
||||||
|
|
||||||
### Requirements
|
### Requirements
|
||||||
|
|
||||||
- uuid-dev
|
- Python 3.6
|
||||||
- make
|
- GNU/Linux distribution
|
||||||
- a recent C compiler
|
|
||||||
|
### Installation
|
||||||
|
|
||||||
|
~~~~
|
||||||
|
cd server
|
||||||
|
./install_server.sh
|
||||||
|
./LAUNCH.sh -l
|
||||||
|
~~~~
|
||||||
|
|
||||||
|
The web interface is accessible via `http://127.0.0.1:7000/`
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue