kaffa/XDP-Firewall
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated README; added note regarding Barricade Firewall project.

Browse Source
This commit is contained in:
Christian Deacon
2020-09-15 19:03:08 +00:00
parent 9ffc60af00
commit 1b01eab2df
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@@ -4,6 +4,13 @@ An XDP firewall designed to read filtering rules based off of a config file. Thi
Additionally, if the host's NIC doesn't support XDP-native, the program will attempt to attach via XDP generic. The program firstly tries XDP-native, though. Additionally, if the host's NIC doesn't support XDP-native, the program will attempt to attach via XDP generic. The program firstly tries XDP-native, though.
## Barricade Firewall (Faster)
I'm working on a new firewall called [Barricade FW](https://github.com/Barricade-FW/Firewall) that is based off of this one. The new firewall will include more features and the XDP program itself is already faster than the XDP Firewall's program. This is due to using a eBPF map to indicate the current timestamp instead of using the kernel BPF function `bpf_ktime_get_ns()` which apparently impacts performance quite a bit according to [here](https://www.spinics.net/lists/xdp-newbies/msg01713.html).
The XDP program itself is fully functional in the new Barricade Firewall project and instead of using `libconfig`, it uses JSON to parse the config.
Feel free to check it out!
## Command Line Usage ## Command Line Usage
The following command line arguments are supported: The following command line arguments are supported: