Implement XDP firewall with real-time TUI monitoring
Features: - High-performance packet filtering via eBPF/XDP - Instant blocklist with dynamic CLI management - Exact-match rules with Drop/Pass/Log actions - CIDR-based IP range dropping via LPM trie - Token-bucket rate limiting (IP-based and flow-based) - Auto temp bans for rate limit violators - Real-time event logging via BPF ring buffer - Interactive TUI monitor with live stats Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
22
xdp-firewall/build.rs
Normal file
22
xdp-firewall/build.rs
Normal file
@@ -0,0 +1,22 @@
|
||||
use std::{env, path::PathBuf};
|
||||
|
||||
fn main() {
|
||||
let out_dir = PathBuf::from(env::var_os("OUT_DIR").unwrap());
|
||||
let root = PathBuf::from(env::var_os("CARGO_MANIFEST_DIR").unwrap())
|
||||
.parent()
|
||||
.unwrap()
|
||||
.to_path_buf();
|
||||
let ebpf_target = root.join("target/bpfel-unknown-none/release/xdp-firewall");
|
||||
|
||||
if !ebpf_target.exists() {
|
||||
let status = std::process::Command::new("cargo")
|
||||
.args(["run", "--package", "xtask", "--", "build-ebpf"])
|
||||
.current_dir(&root)
|
||||
.status()
|
||||
.expect("failed to build eBPF program");
|
||||
assert!(status.success(), "eBPF build failed");
|
||||
}
|
||||
|
||||
std::fs::copy(&ebpf_target, out_dir.join("xdp-firewall.o")).unwrap();
|
||||
println!("cargo:rerun-if-changed={}", ebpf_target.display());
|
||||
}
|
||||
Reference in New Issue
Block a user