From a80458efffad22aa7d98e200a7cbde04e484f05d Mon Sep 17 00:00:00 2001
From: Christian Deacon <christianmdeacon@gmail.com>
Date: Thu, 13 Jun 2024 20:24:40 -0400
Subject: [PATCH] Uncomment DOSTATSONBLOCKMAP by default.

---
 src/xdpfw.h | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/src/xdpfw.h b/src/xdpfw.h
index e4872c8..ac6e53c 100644
--- a/src/xdpfw.h
+++ b/src/xdpfw.h
@@ -8,6 +8,17 @@
 #define MAX_CPUS 256
 #define NANO_TO_SEC 1000000000
 
+#define __u128 __uint128_t
+
+// Additional options for XDP program.
+//#define DEBUG
+
+// Feel free to comment this out if you don't want the `blocked` entry on the stats map to be incremented every single time a packet is dropped from the source IP being on the blocked map. Commenting this line out should increase performance when blocking malicious traffic.
+#define DOSTATSONBLOCKMAP
+
+// When this is defined, a check will occur inside the IPv4 and IPv6 filters. For IPv6 packets, if no IPv6 source/destination IP addresses are set, but there is an IPv4 address, it will ignore the filter. The same goes for IPv4, if there is no IPv4 source/destination IP addresses set, if an IPv6 address is set, it will ignore the filter.
+#define ALLOWSINGLEIPV4V6
+
 #ifdef __BPF__
 #define likely(x) __builtin_expect(!!(x), 1)
 #define unlikely(x) __builtin_expect(!!(x), 0)
@@ -22,13 +33,6 @@
 #define htonl(x) (x)
 #define ntohl(x) (x)
 #endif
-
-#define __u128 __uint128_t
-
-// Additional options for XDP program.
-//#define DEBUG
-//#define DOSTATSONBLOCKMAP   // Feel free to comment this out if you don't want the `blocked` entry on the stats map to be incremented every single time a packet is dropped from the source IP being on the blocked map. Commenting this line out should increase performance when blocking malicious traffic.
-#define ALLOWSINGLEIPV4V6 // When this is defined, a check will occur inside the IPv4 and IPv6 filters. For IPv6 packets, if no IPv6 source/destination IP addresses are set, but there is an IPv4 address, it will ignore the filter. The same goes for IPv4, if there is no IPv4 source/destination IP addresses set, if an IPv6 address is set, it will ignore the filter.
 #endif
 
 struct tcpopts