Previously whitelist only accepted named presets (cloudflare, aws, etc).
Now `xdp-defense whitelist add 8.8.8.8/32` works directly for both
IPv4 and IPv6 addresses, writing to the shared pinned BPF map.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Chain two XDP programs via libxdp dispatcher on the same interface:
xdp_blocker (priority 10) handles CIDR/country/whitelist blocking,
xdp_ddos (priority 20) handles rate limiting, EWMA analysis, and AI
anomaly detection. Whitelist maps are shared via BPF map pinning so
whitelisted IPs bypass both blocklist checks and DDoS rate limiting.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
