gatekeeper  by AltraMayor

Open-source DDoS protection system

created 9 years ago
1,488 stars

Top 28.3% on SourcePulse

GitHubView on GitHub
Project Summary

Gatekeeper is an open-source DDoS protection system designed for network operators in institutions, service providers, and enterprise networks. It offers a scalable, geographically distributed architecture with a centralized policy for managing traffic decisions, enabling robust defense against multi-vector DDoS attacks.

How It Works

Gatekeeper leverages DPDK for high-speed packet processing, binding network interfaces directly to userspace via the vfio-pci driver. This bypasses the kernel's network stack, significantly reducing latency and increasing throughput. A centralized Lua-based policy engine dictates traffic handling rules across the distributed nodes, allowing for complex, coordinated responses to sophisticated attacks.

Quick Start & Requirements

  • Installation: Debian packages are available for Ubuntu 24.04 LTS from the Releases page. Alternatively, build from source.
  • Prerequisites:
    • Ubuntu 24.04 LTS (for packages)
    • Intel VT-d enabled in BIOS
    • Kernel with IOMMU support (kernel > 3.6, intel_iommu=on boot parameter recommended)
    • DPDK-compatible network interface cards (NICs)
    • Build dependencies include git, clang, debuild, doxygen, libhugetlbfs-bin, build-essential, gcc-multilib, linux-headers, libmnl0, libmnl-dev, libkmod2, libkmod-dev, libnuma-dev, libelf1, libelf-dev, libc6-dev-i386, autoconf, flex, bison, libncurses5-dev, libreadline-dev, python3, python3-pyelftools, libcap-dev, libcap2, meson, ninja-build, pkg-config.
  • Configuration: Edit /etc/gatekeeper/net.lua for port/IP settings and /etc/gatekeeper/envvars to set GATEKEEPER_INTERFACES with NIC PCI addresses.
  • Running: sudo systemctl start gatekeeper and sudo systemctl enable gatekeeper.
  • Resources: Requires significant system configuration for DPDK and hugepages.
  • Documentation: Gatekeeper wiki

Highlighted Details

  • First open-source DDoS protection system.
  • Geographically distributed architecture with centralized policy.
  • Scalable to handle peak bandwidth requirements.
  • Utilizes DPDK for high-performance packet processing.

Maintenance & Community

  • Project appears to be actively maintained by AltraMayor.
  • No explicit community links (Discord/Slack) are provided in the README.

Licensing & Compatibility

  • The README does not explicitly state a license. The presence of debuild suggests a Debian packaging context, which often implies open-source licenses, but this requires verification.

Limitations & Caveats

  • Requires advanced system configuration, including BIOS settings (VT-d) and kernel parameters (intel_iommu=on), which can be complex.
  • Strict dependency on DPDK and specific kernel modules.
  • Targeted at institutional/enterprise network operators, not individual users.
  • License status is not clearly defined in the README, which could impact commercial use.
Health Check
Last commit

7 months ago

Responsiveness

Inactive

Pull Requests (30d)
0
Issues (30d)
0
Star History
32 stars in the last 90 days

Explore Similar Projects

Feedback? Help us improve.