Implement XDP firewall with real-time TUI monitoring

Features:
- High-performance packet filtering via eBPF/XDP
- Instant blocklist with dynamic CLI management
- Exact-match rules with Drop/Pass/Log actions
- CIDR-based IP range dropping via LPM trie
- Token-bucket rate limiting (IP-based and flow-based)
- Auto temp bans for rate limit violators
- Real-time event logging via BPF ring buffer
- Interactive TUI monitor with live stats

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-04-15 09:10:52 +07:00
commit 6101de6887
24 changed files with 3235 additions and 0 deletions

22
xdp-firewall/build.rs Normal file
View File

@@ -0,0 +1,22 @@
use std::{env, path::PathBuf};
fn main() {
let out_dir = PathBuf::from(env::var_os("OUT_DIR").unwrap());
let root = PathBuf::from(env::var_os("CARGO_MANIFEST_DIR").unwrap())
.parent()
.unwrap()
.to_path_buf();
let ebpf_target = root.join("target/bpfel-unknown-none/release/xdp-firewall");
if !ebpf_target.exists() {
let status = std::process::Command::new("cargo")
.args(["run", "--package", "xtask", "--", "build-ebpf"])
.current_dir(&root)
.status()
.expect("failed to build eBPF program");
assert!(status.success(), "eBPF build failed");
}
std::fs::copy(&ebpf_target, out_dir.join("xdp-firewall.o")).unwrap();
println!("cargo:rerun-if-changed={}", ebpf_target.display());
}