Go to file
Jean-Louis Huynen 1cc633f48c Improves README 2019-02-14 08:37:22 +01:00
conf.sample nosocat without dying on disconnect 2019-01-17 09:17:00 +01:00
media Improves README 2019-02-14 08:37:22 +01:00
.gitignore update .gitignore 2019-01-17 09:16:13 +01:00
LICENSE Relicensing to MIT 2019-01-07 10:25:49 +01:00
Makefile update .gitignore 2019-01-17 09:16:13 +01:00
README.md Improves README 2019-02-14 08:37:22 +01:00
d4-goclient.go Better error/exiting/debug handling 2019-02-14 08:12:06 +01:00

README.md

d4-goclient

Release Software License Go Report Card

d4-goclient is a D4 project client (sensor) implementing the D4 encapsulation protocol.

The client can be used on different targets and architectures to collect network capture, logs, specific network monitoring and send it back to a D4 server.

For more information about the D4 project.

Installation

Fetch d4-goclient code and dependencies

go get github.com/satori/go.uuid
go get github.com/D4-project/d4-goclient

Use make to build binaries:

make arm5l  # for raspberry pi / linux
make amd64l # for amd64 / linux

Dependencies

  • golang 1.10 (tested)
  • go.uuid

Use

Launch a d4-server (if you don't have a server)

See https://github.com/D4-project/d4-core/tree/master/server $IP_SRV being the d4-server's address, $PORT its listening port

Pipe data into the client

Some file

cat /proc/cpuinfo | ./d4-goclient -c conf.sample/ |  socat - OPENSSL-CONNECT:$IP_SRV:$PORT,verify=0

tcpdump (libpcap) output, discarding our own traffic

$IP being the monitoring computer ip

tcpdump not dst $IP and not src $IP -w - | ./d4-goclient -c conf.sample/ |  socat - OPENSSL-CONNECT:$IP_SRV:$PORT,verify=0