1bcaddce25
Chain two XDP programs via libxdp dispatcher on the same interface: xdp_blocker (priority 10) handles CIDR/country/whitelist blocking, xdp_ddos (priority 20) handles rate limiting, EWMA analysis, and AI anomaly detection. Whitelist maps are shared via BPF map pinning so whitelisted IPs bypass both blocklist checks and DDoS rate limiting. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
13 lines
308 B
Bash
Executable File
13 lines
308 B
Bash
Executable File
#!/bin/bash
|
|
# XDP Defense - Boot Restore Script
|
|
# Restores XDP programs and data on system startup
|
|
# Called by systemd ExecStartPre or manually
|
|
set -e
|
|
|
|
DEFENSE_CMD="/usr/local/bin/xdp-defense"
|
|
|
|
# Load XDP programs (blocker + ddos) via xdp-loader
|
|
"$DEFENSE_CMD" load
|
|
|
|
echo "XDP Defense boot restore complete"
|