kaffa/XDP-Firewall
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated README.

Browse Source
This commit is contained in:
Christian Deacon
2020-05-08 12:29:06 +00:00
parent c483f769a0
commit 6896159cec
1 changed files with 16 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
README.md
View File

@@ -22,13 +22,13 @@ Config option `filters` is an array. Each filter includes the following options:
* `enabled` => If true, this rule is enabled.
* `action` => What action to perform against the packet if matched. 0 = Block. 1 = Allow.
* `srcip` => The source IP the packet must have to match (e.g. 10.50.0.3).
* `dstip` => The destination IP the packet must have to match (e.g. 10.50.0.4).
* `min_ttl` => The minimum TTL (time to live) the packet must have to match.
* `max_ttl` => The maximum TTL (time to live) the packet must have to match.
* `max_len` => The maximum packet length the packet must have to match. This includes the entire frame (ethernet header, IP header, L4 header, and data).
* `min_len` => The minimum packet length the packet must have to match. This includes the entire frame (ethernet header, IP header, L4 header, and data).
* `tos` => The TOS (type of service) the packet must have to match.
* `srcip` => The source IP the packet must match (e.g. 10.50.0.3).
* `dstip` => The destination IP the packet must match (e.g. 10.50.0.4).
* `min_ttl` => The minimum TTL (time to live) the packet must match.
* `max_ttl` => The maximum TTL (time to live) the packet must match.
* `max_len` => The maximum packet length the packet must match. This includes the entire frame (ethernet header, IP header, L4 header, and data).
* `min_len` => The minimum packet length the packet must match. This includes the entire frame (ethernet header, IP header, L4 header, and data).
* `tos` => The TOS (type of service) the packet must match.
* `pps` => The maximum packets per second a source IP can send before matching.
* `bps` => The maximum amount of bytes per second a source IP can send before matching.
* `blocktime` => The time in seconds to block the source IP if the rule matches and the action is block (0). Default value is `1`.
@@ -117,5 +117,14 @@ filters = (
);
```
## Building
You can use `git` and `make` to build this project. The following should work:
```
git clone --recursive https://github.com/gamemann/XDP-Firewall.git
cd XDP-Firewall
make && make install
```
## Credits
* [Christian Deacon](https://www.linkedin.com/in/christian-deacon-902042186/) - Creator.