Gatekeeper is an open-source DDoS protection system designed for network operators in institutions, service providers, and enterprise networks. It offers a scalable, geographically distributed architecture with a centralized policy for managing traffic decisions, enabling robust defense against multi-vector DDoS attacks.

How It Works

Gatekeeper leverages DPDK for high-speed packet processing, binding network interfaces directly to userspace via the vfio-pci driver. This bypasses the kernel's network stack, significantly reducing latency and increasing throughput. A centralized Lua-based policy engine dictates traffic handling rules across the distributed nodes, allowing for complex, coordinated responses to sophisticated attacks.

Quick Start & Requirements

• Installation: Debian packages are available for Ubuntu 24.04 LTS from the Releases page. Alternatively, build from source.
• Prerequisites:
  • Ubuntu 24.04 LTS (for packages)
  • Intel VT-d enabled in BIOS
  • Kernel with IOMMU support (kernel > 3.6, intel_iommu=on boot parameter recommended)
  • DPDK-compatible network interface cards (NICs)
  • Build dependencies include git, clang, debuild, doxygen, libhugetlbfs-bin, build-essential, gcc-multilib, linux-headers, libmnl0, libmnl-dev, libkmod2, libkmod-dev, libnuma-dev, libelf1, libelf-dev, libc6-dev-i386, autoconf, flex, bison, libncurses5-dev, libreadline-dev, python3, python3-pyelftools, libcap-dev, libcap2, meson, ninja-build, pkg-config.
• Configuration: Edit /etc/gatekeeper/net.lua for port/IP settings and /etc/gatekeeper/envvars to set GATEKEEPER_INTERFACES with NIC PCI addresses.
• Running: sudo systemctl start gatekeeper and sudo systemctl enable gatekeeper.
• Resources: Requires significant system configuration for DPDK and hugepages.
• Documentation: Gatekeeper wiki

Highlighted Details

• First open-source DDoS protection system.
• Geographically distributed architecture with centralized policy.
• Scalable to handle peak bandwidth requirements.
• Utilizes DPDK for high-performance packet processing.

Maintenance & Community

• Project appears to be actively maintained by AltraMayor.
• No explicit community links (Discord/Slack) are provided in the README.

Licensing & Compatibility

• The README does not explicitly state a license. The presence of debuild suggests a Debian packaging context, which often implies open-source licenses, but this requires verification.

Limitations & Caveats

• Requires advanced system configuration, including BIOS settings (VT-d) and kernel parameters (intel_iommu=on), which can be complex.
• Strict dependency on DPDK and specific kernel modules.
• Targeted at institutional/enterprise network operators, not individual users.
• License status is not clearly defined in the README, which could impact commercial use.