Golang PoC software for reliable file transfers over a data diode. DIY gigabit data diode hardware instructions

presentation title page

DIY Data Diode

Simple DIY gigabit data diode (hardware and software). Presented at SEC-T 2021.

Hardware

By doing a simple hardware mod to a fiber converter you can build your own data diode for around €60. See the /hardware folder for modding instructions

Software

PoC golang code for reliable file transfers over a data diode. With recommended OS optimizations it should reach 750+ Mbit/s file transfers.

Build instructions

With local golang available

# apt install golang
cd src && go build -o ../bin/godiode . ; cd ..

With golang in docker

# apt install golang
docker-compose run --rm build

The built binary will end up in ./bin/godiode

Running

Usage

Usage: godiode 
   
     send|receive 
   
   
  -baddr string
    	bind address
  -bw int
    	throttle bw to X Mbit/s (sender only)
  -conf string
    	JSON config file (default "/etc/godiode.json")
  -delete
    	delete files (receiver only)
  -interface string
    	interface to bind to
  -maddr string
    	multicast address (default "239.252.28.12:5432")
  -packetsize int
    	maximum UDP payload size (default 1472)
  -secret string
    	HMAC secret
  -tmpdir string
    	tmp dir to use (receiver only)
  -verbose
    	verbose output

Receiver

Replace eth0 with nic connected to diode, received data will end up in ./in

mkdir -p in/ && ./bin/godiode --verbose --interface eth0 receive in/

Or using docker...

docker-compose run --rm godiode --verbose --interface eth0 receive /in

Sender

Place folder structure to transfer under ./out and replace IP with whatever you assigned the nic connected to the diode.

mkdir -p out && ./bin/godiode --verbose --baddr 10.72.0.1:1234 send out/

Or using docker...

docker-compose run --rm godiode --verbose --baddr 10.72.0.1:1234 send /out

Optimize for speed

Use jumbo frames

For optimal performance it's recommended to use jumbo frames. Enable on your interfaces (both sender and receiver):

# replace eth0 with nic connected to diode
sudo ip link set mtu 9000 eth0

Instruct sender/receiver to use larger packets with maxpacket-flag to godiode

godiode --packetsize 8972 send /out

Increase send/receive buffers

Receiver will try and allocate a receive buffer of 300xPacketsize, so with jumbo frames the net.core.rm_max should be set to at least 2700000 in either /etc/sysctl.conf or manually with

sudo sysctl net.core.rmem_max=2700000
Owner
Klockcykel
Security-aware fullstack dev for hire
Klockcykel
https://github.com/klockcykel/godiode
Similar Resources

transfer.sh - Easy and fast file sharing from the command-line.

Easy and fast file sharing from the command-line. This code contains the server with everything you need to create your own instance.

Jan 2, 2023

Easy and fast file sharing from the command-line.

Easy and fast file sharing from the command-line. This code contains the server with everything you need to create your own instance.

Jan 2, 2023

aqua is a simple file uploading and sharing server for personal use.

aqua is a simple file uploading and sharing server for personal use.

aqua is a simple file uploading and sharing server for personal use. It is built to be easy to set up and host on your own server, for example to use it in combination with uploading tools like ShareX.

Jul 7, 2022

Built in user interface, LAN file transfer, such as mobile phone, computer, tablet, different operating system

Built in user interface, LAN file transfer, such as mobile phone, computer, tablet, different operating system

Modao Built in user interface, LAN file transfer, such as mobile phone, computer, tablet, different operating systems, etc., as well as text transfer

May 7, 2022

mini file transfer tool, use it just curl o wget

miniTransfer mini file transfer tool, use it just curl o wget How to use upload file curl -T localFileName 127.0.0.1:1234 # default save as localFileN

Jan 12, 2022

peer-to-peer file sharing

what i want is a tool to use to send files my many virtual machines. I want to do this myself, and i want to make it work as expected. So maybe a daem

Jun 13, 2022

wholeaked is a file-sharing tool that allows you to find the responsible person in case of a leakage

wholeaked is a file-sharing tool that allows you to find the responsible person in case of a leakage

wholeaked is a file-sharing tool that allows you to find the responsible person in case of a leakage

Dec 25, 2022

Simple temporary file upload and transfer web application coding with Go language.

Temp File Transfer Web Application Simple temporary file upload and transfer web application coding with Go language. Explore the Golang » Live Demo T

Dec 2, 2022

pcp - 📦 Command line peer-to-peer data transfer tool based on libp2p.

pcp - 📦 Command line peer-to-peer data transfer tool based on libp2p.

pcp - Command line peer-to-peer data transfer tool based on libp2p.

Jan 5, 2023
Comments
  • Alternative for soldering

    Alternative for soldering

    When i opened the TP-link and saw the size of the pcb i got worried and used a different setup using a PLC fiber splitter. See https://github.com/Vrolijk/OSDD/blob/main/datadiode_hardware_setups.md for the setup. Have you also considered this setup?

    I did noticed double packets in wireshark when i send data on the TX side because of the TX-RX loop. I wondered if you also have this on your setup when you solder the connection?

    Regards, René

  • Resendcount

    Resendcount

    Since we can not be sure all files have arrived and to enable connecting to a live stream I've added two flags resendcount - How many times to resend all files resendmanifest - Resend the manifest in between every file

Related tags
P2P and File Sharing data airgap diode datadiode
Distributed File Store Application Consist of API Server to handle file operations and command line tool to do operations

Filestore Distributed File Store Application Consist of API Server to handle file operations and command line tool to do operations (store named binar

Nov 7, 2021
Delta : File Sharing system for golang

delta is File Sharing system its good for Local networks or small teams Cross-platform delta runs anywhere Go can compile for: Windows, Mac, Linux, AR

Nov 29, 2021
Subspace - File sharing application for golang

subspace File sharing application. Supported Platforms OS 386 amd64 arm6 arm64 L

Jan 29, 2022
Rsync - rsync (File syncing) in golang

Go rsync Minimal file syncing based on the rsync algorithm completely written

Jun 27, 2022
FileTransferGo - File Transfer With Golang

FileTransferGo Packages used ?? Go: Gin (http server) ?? Cobra (CLI command fram

Jun 24, 2022
JuiceFS is a distributed POSIX file system built on top of Redis and S3.
 JuiceFS is a distributed POSIX file system built on top of Redis and S3.

JuiceFS is an open-source POSIX file system built on top of Redis and object storage

Jan 5, 2023
Syncthing is a continuous file synchronization program.
Syncthing is a continuous file synchronization program.

Syncthing is a continuous file synchronization program. It synchronizes files between two or more computers. We strive to fulfill the goals below. The goals are listed in order of importance, the most important one being the first.

Jan 9, 2023
fsync - a file sync server

fsync - a file sync server

Aug 25, 2022
Yet another netcat for fast file transfer

nyan Yet another netcat for fast file transfer When I need to transfer a file in safe environment (e.g. LAN / VMs), I just want to use a simple comman

Apr 30, 2022
A web based drag and drop file transfer tool for sending files across the internet.

DnD A file transfer tool. Demo Usage Get go get github.com/0xcaff/dnd or download the latest release (you don't need go to run it) Run dnd Now navig

Dec 16, 2022