16 stable releases

3.4.4 Feb 5, 2024
3.3.6 Jan 28, 2024

#5 in #tunneling

Download history 25/week @ 2024-09-24 2/week @ 2024-10-01

169 downloads per month

MIT license

35KB
755 lines

Crates.io docs.rs Build Status Github

Zika

IP Tunneling over MQTT

Designed to allow remote access for IoT/Edge devices connected to an existing MQTT network.

Working Mechanism

IP packets are sent as MQTT payloads on 2 topics:

  • Client -> Server: <topic> (payload prepended by tunnel ID)
  • Server -> Client: <topic>/<base64-tunnel-id>

Server: can handle multiple tunnels from multiple clients, each mapped to a different local IP

Client: can create multiple tunnels to multiple servers, each mapped to a different local IP

The MQTT connection is assumed to be secure & have authentication mechanisms in place. Zika offers no extra layers of security on top of the MQTT connection, it's possible capture/inject arbitrary IP packets to/from the target device if the MQTT connection/broker is compromised.

Config & Run

See zika_config.example.toml

Copy zika-client and zika_config.toml to the same directory

Run zika-client

  • Linux: setcap cap_net_admin+eip zika-client
  • macOS: requires sudo
  • Windows: run as Administrator, requires wintun.dll in same directory

Building

$ cargo build

Dependencies

~19–48MB
~860K SLoC