Enable eBPF XDP/TC kernel feature for IPFire

9 Apr 2024


      Hi,
I have been working on enabling eBPF XDP/TC kernel feature for IPFire,
please refer to
https://upload.wikimedia.org/wikipedia/commons/3/37/Netfilter-packet-flow.sv...
for where XDP fit in Linux network datapath, XDP will not interfere
with existing IPFire firewall rules. XDP is especially good at DDoS
packet filtering at high speed, see
https://netdevconf.info/0x15/slides/30/Netdev%200x15%20Accelerating%20synpro...
I think we only need to enable XDP/TC network filtering capability
without eBPF tracing capability which some users are concerned about
potential host security information leaks.
Please let me know what you think, thanks!
Vincent

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Enable eBPF XDP/TC kernel feature for IPFire