Security●●●Banger
XDP firewall that auto-syncs open ports – built after my VPS got DDoS'd
XDP drops packets at NIC before kernel stack—beats fail2ban's kernel reaction cost entirely.
WizardrySolve My ProblemDark Horse
kennethhh
103mo ago
Back to browse
My VPS got DDoS'd into a kernel panic, so I learned XDP
by kennethhh·Mar 18, 2026·1 point·0 comments
AI Analysis
●●SolidWizardryNiche Gem
Drops packets in 34-65ns at NIC level before fail2ban ever sees them.
Strengths
- •BPF ARRAY maps give O(1) port lookup with no hash collisions
- •Netlink Process Connector enables event-driven sync without polling
- •Direct bpf(2) syscall removes bpftool dependency for deployment
Weaknesses
- •Requires Linux kernel with XDP support, no Windows or macOS option
- •More tutorial writeup than polished product with docs and support
Category
Target Audience
VPS administrators, DevOps engineers dealing with DDoS
Similar To
fail2ban · Cloudflare Magic Transit · xdp-project
Similar Projects
Security●●●Banger
Inner Warden – Self-Defending Security Agent: eBPF+LSM+XDP (Rust, 29MB)
Six eBPF kernel programs block attacks at wire-speed before Falco even sees them.
WizardrySolve My ProblemDark Horse
maiconburn
203mo ago
Security●●Solid
A bare-metal network mitigation layer using eBPF and nftables
XDP drops packets before the kernel stack while nftables handles stateful logic.
Big BrainShip It
bardhyliis
203d ago
Developer Tools●●●Banger
Godshell – Talking in Natural Language to Your Kernel via eBPF and LLMs
Direct eBPF kernel tracing beats slow CLI probing for AI sysadmin tasks.
WizardryBig BrainNiche Gem
raulgooo
303mo ago
Security●●Solid
Poolnarc – catch hidden Linux cryptominers from two eBPF hooks
eBPF behavioral detection catches miners spoofing thread names without signature databases.
WizardryBig Brain
r3tr0
5118d ago
Security●●Solid
CargoWall – eBPF Firewall for GitHub Actions
eBPF firewall for GitHub Actions stops supply chain attacks at the kernel level.
Big BrainSolve My Problem
caleblloyd
1422mo ago