Replies: 1 comment
-
|
Btw Nice project. Thank you |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hey all!
I just wanted to start this discussion to see if anybody would be interested in the idea. Unfortunately, I don't have much time right now, but I'm hoping once I get my future project off the ground called The Modding Community (TMC), I can try implementing this system myself if nobody else would like to into the XDP Firewall.
I'd like to make an API back-bone along with a command line utility that can automatically add firewall rules to the XDP Firewall. It'd be neat to implement a machine learning system that analyzes data and feeds the firewall rules to help with (D)DoS mitigation.
There is already a fork of this repository I found that appears to be implementing something like this.
https://github.com/sehbeygi79/XDP-Firewall-ML
With that said, it'd be neat if we could utilize a separate XDP program that is offloaded to the NIC for basic dropping from a BPF Map (e.g. malicious source IPs or ports). We just need to find out a way to have the XDP Firewall loaded into the XDP DRV or SKB hook and then have the separate XDP/BPF project load into the NIC via offload mode.
@sehbeygi79 Going to attempt to tag you here in the case you may be interested in the above 😃 (I found your project really interesting!)
Thank you for your time!
Beta Was this translation helpful? Give feedback.
All reactions