Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/aojea/netkat

netcat using netstack userspace library and eBPF
https://github.com/aojea/netkat

ebpf gvisor netcat netstack

Last synced: 25 days ago
JSON representation

netcat using netstack userspace library and eBPF

Host: GitHub
URL: https://github.com/aojea/netkat
Owner: aojea
License: apache-2.0
Created: 2021-05-05T19:13:42.000Z (over 3 years ago)
Default Branch: main
Last Pushed: 2021-09-20T08:59:59.000Z (about 3 years ago)
Last Synced: 2024-09-28T20:05:29.488Z (about 1 month ago)
Topics: ebpf, gvisor, netcat, netstack
Language: Go
Homepage:
Size: 9.95 MB
Stars: 136
Watchers: 3
Forks: 4
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# netkat

netcat version using raw sockets to avoid iptables and/or other OS filtering mechanisms.

### Motivation

Kubernetes environments have a LOT of iptables, hence the necessity to bypass iptables sometimes, for testing, debugging, troubleshooting, ...

![](https://i.imgur.com/ZwEMrbQ.jpg =400x)

## Requirements

It only works on Linux with a Kernel version > 5.2
It requires CAP_NET_RAW and CAP_SYS_RESOURCE capabilities
... or just run it with `sudo` ;)

## Install

```sh
make build
```

## Usage

It requires root privileges:

```sh
sudo ./bin/netkat
Usage: nk [options] [hostname] [port]

-debug
Debug
-interface string
Specify interface to use. Default interface with default route
-listen
Bind and listen for incoming connections
-source-port int
Specify source port to use
-udp
Use UDP instead of default TCP
```

### Docker image

It can be used as a container image, based in alpine:

```sh
docker run -it --privileged aojea/netkat:latest 192.168.68.1 80
2021/05/31 21:29:42 Using source address 172.17.0.2/16
2021/05/31 21:29:42 Creating raw socket
2021/05/31 21:29:42 Adding ebpf ingress filter on interface eth0
2021/05/31 21:29:42 filter {LinkIndex: 99, Handle: 0:1, Parent: ffff:fff2, Priority: 0, Protocol: 3}
2021/05/31 21:29:42 Creating user TCP/IP stack
2021/05/31 21:29:42 Dialing ...
2021/05/31 21:29:42 Connection established
```

## Development

netkat uses the [gvisor userspace TCP/IP stack "netstack"](https://pkg.go.dev/gvisor.dev/gvisor/pkg/tcpip)

It creates a RAW socket attached to the interface with the route to the destination IP,
attaching a BPF filter for the traffic mathing the connection parameters specified as
arguments.

It also creates an ingress queue and attaches an eBPF filter, to drop the traffic of
the connection directed to the RAW socket, preventing that the host stack drops the
connection.

More details [here](development.md)

## References

- [eCHO episode 14: netkat with Antonio Ojea](https://hackmd.io/@Echo-Live/014)