From 75ee52555c5ba14c12d07137b1ae406f790a0304 Mon Sep 17 00:00:00 2001
From: Christian Deacon <christianmdeacon@gmail.com>
Date: Wed, 26 Feb 2025 11:21:12 -0500
Subject: [PATCH] Update README.

---
 README.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/README.md b/README.md
index f33aeb7..46dc426 100644
--- a/README.md
+++ b/README.md
@@ -305,6 +305,17 @@ export LD_LIBRARY_PATH=/usr/local/lib
 sudo xdpfw
 ```
 
+### Filter Logging
+This tool uses `bpf_ringbuf_reserve()` and `bpf_ringbuf_submit()` for filter match logging. At this time, there is no rate limit for the amount of log messages that may be sent. Therefore, if you're encountering a spoofed attack that is matching a filter rule with logging enabled, it will cause additional processing and disk load.
+
+I recommend only enabling filter logging at this time for debugging. If you'd like to disable filter logging entirely (which will improve performance slightly), you may comment out the `ENABLE_FILTER_LOGGING` line [here](https://github.com/gamemann/XDP-Firewall/blob/master/src/common/config.h#L27).
+
+```C
+//#define ENABLE_FILTER_LOGGING
+```
+
+I will most likely implement functionality to rate limit log messages from XDP in the future.
+
 ## My Other XDP Projects
 I just wanted to share other open source projects I've made which also utilize XDP (or AF_XDP sockets) for those interested. I hope code from these other projects help programmers trying to utilize XDP in their own projects!