Software Defined Firewall with Rust and eBpf-XDP

Prerequisites

Install bpf-linker: cargo install bpf-linker

Build eBPF

cargo xtask build-ebpf

To perform a release build you can use the --release flag. You may also change the target architecture with the --target flag.

Build Userspace

cargo build

Run

RUST_LOG=info cargo xtask run

Architecture

Userspace application will manage blacklist and whitelist ip in a map: BLACKLIST and WHITELIST. eBpf program will using that map for checking BLACKLIST or WHITELIST

The list can be updated by some ways

API and token
Config file and dynamic reload by send POST to api/reload_config

BLACKLIST map

Map between ip address and port range

WHITELIST map

Map between ip address and port range

Name		Name	Last commit message	Last commit date
Latest commit History 12 Commits
.cargo		.cargo
.github/workflows		.github/workflows
.vscode		.vscode
sdf-common		sdf-common
sdf-ebpf		sdf-ebpf
sdf		sdf
xtask		xtask
.gitignore		.gitignore
Cargo.toml		Cargo.toml
Dockerfile		Dockerfile
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.cargo

.cargo

.github/workflows

.github/workflows

.vscode

.vscode

sdf-common

sdf-common

sdf-ebpf

sdf-ebpf

sdf

sdf

xtask

xtask

.gitignore

.gitignore

Cargo.toml

Cargo.toml

Dockerfile

Dockerfile

README.md

README.md

Repository files navigation

Software Defined Firewall with Rust and eBpf-XDP

Prerequisites

Build eBPF

Build Userspace

Run

Architecture

BLACKLIST map

WHITELIST map

About

Releases

Packages 1

Languages

giangndm/firewall-xdp-rs

Folders and files

Latest commit

History

Repository files navigation

Software Defined Firewall with Rust and eBpf-XDP

Prerequisites

Build eBPF

Build Userspace

Run

Architecture

BLACKLIST map

WHITELIST map

About

Resources

Stars

Watchers

Forks

Languages