Add CDN filter and fix xdp-cdn-update bugs
- Add xdp_cdn_filter BPF program (priority 5) to allow only CDN/whitelist on port 80/443 - Fix \r carriage return bug preventing BunnyCDN IPv4 loading (594 IPs were silently failing) - Fix BPF map flush code to handle list-type keys from bpftool JSON output - Fix per-cpu stats parsing to use formatted values from bpftool - Replace in-loop counter with post-load BPF map verification for accurate counts - Remove xdp_cdn_load.py (consolidated into xdp-cdn-update) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
kaffa
5
Makefile
5
Makefile
@@ -17,7 +17,7 @@ CLANG ?= clang
|
||||
CLANG_FLAGS := -O2 -g -Wall -target bpf \
|
||||
-I/usr/include -I/usr/include/bpf -I/usr/include/xdp
|
||||
|
||||
BPF_OBJECTS := $(BPF_DIR)/xdp_blocker.o $(BPF_DIR)/xdp_ddos.o
|
||||
BPF_OBJECTS := $(BPF_DIR)/xdp_cdn_filter.o $(BPF_DIR)/xdp_blocker.o $(BPF_DIR)/xdp_ddos.o
|
||||
|
||||
.PHONY: all build install uninstall enable disable clean check-deps status
|
||||
|
||||
@@ -100,3 +100,6 @@ check-deps:
|
||||
@python3 -c "import yaml" 2>/dev/null || (echo "ERROR: python3-yaml not found" && exit 1)
|
||||
@test -f /usr/include/xdp/xdp_helpers.h || (echo "ERROR: xdp_helpers.h not found" && exit 1)
|
||||
@echo "All dependencies satisfied"
|
||||
|
||||
$(BPF_DIR)/xdp_cdn_filter.o: $(BPF_DIR)/xdp_cdn_filter.c
|
||||
$(CLANG) $(CLANG_FLAGS) -c $< -o $@
|
||||
|
||||
Reference in New Issue
Block a user