An eBPF based packetfilter for tracking incoming requests and filtering based on a set of rules.
- llvm >= 10
- clang >= 10
- Retrieve the archive signature for
llvm-10:
wget --no-check-certificate -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add -
- Add the PPA where to install from:
add-apt-repository 'deb http://apt.llvm.org/bionic/ llvm-toolchain-bionic-10 main'
- Update packages:
sudo apt update. - Install the dependencies:
sudo apt-get install llvm-10 \
lldb-10 \
llvm-10-dev \
libllvm10 \
llvm-10-runtime
The BPF program under /bpf is intentionally targeting the Azure VM running Ubuntu 18.04 and the kernel version that comes with it - version 5.4.0-1064-azure (as opposed to the CO-RE paradigm) as it is intended to run on such a machine.
Make sure to disable LRO (Large receive offloading) as XDP does not support jumbo frames or LRO:
sudo ethtool --offload eth0 lro off
An example config-file is provided under /examples.
sudo ./target/debug/packetfilter run --config-file=/path/to/config.json