kaffa/xdp-defense
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4ae44405044028d9b1ba448e559eb9c267731625
xdp-defense/config/xdp-defense.service
kaffa 4ae4440504 Unify legacy data path /etc/xdp-blocker → /etc/xdp-defense 
All config/data paths now use /etc/xdp-defense/ consistently,
eliminating the legacy xdp-blocker directory reference.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-07 16:40:46 +09:00

26 lines
727 B
Desktop File
Raw Blame History

[Unit]
Description=XDP Defense - Unified CIDR Blocker + DDoS Defense
After=network-online.target
Wants=network-online.target
Documentation=man:xdp-defense(8)
[Service]
Type=simple
ExecStartPre=/usr/local/bin/xdp-defense load
ExecStart=/usr/local/bin/xdp-defense daemon start-foreground
ExecStop=/usr/local/bin/xdp-defense stop-all
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-failure
RestartSec=5
# Security hardening
ProtectSystem=strict
ReadWritePaths=/var/lib/xdp-defense /etc/xdp-defense /sys/fs/bpf /tmp
ProtectHome=true
NoNewPrivileges=false
CapabilityBoundingSet=CAP_NET_ADMIN CAP_BPF CAP_SYS_ADMIN CAP_PERFMON
AmbientCapabilities=CAP_NET_ADMIN CAP_BPF CAP_SYS_ADMIN CAP_PERFMON
[Install]
WantedBy=multi-user.target
Reference in New Issue View Git Blame Copy Permalink