Add Feature detect Hex and String?

gamemann / XDP-Firewall

A firewall that utilizes the Linux kernel's XDP hook. The XDP hook allows for very fast network processing on Linux systems. This is great for dropping malicious traffic from a (D)DoS attack. IPv6 is supported with this firewall! I hope this helps network engineers/programmers interested in utilizing XDP!

https://deaconn.net/

MIT License

492 stars 87 forks source link

Add Feature detect Hex and String? #37

Closed namecloudz closed 2 months ago

namecloudz commented 1 year ago

i want you add feature detect hex and string to protection.

gamemann commented 1 year ago

Hey, I'm sorry for the delay on this!

Initially, this firewall included payload matching via hex and string. However, I ran into a lot of XDP/BPF limitations and ended up removing support in this firewall. Unfortunately, I haven't found a full solution yet. I did make this repository which includes working XDP code to perform dynamic payload matching, but it doesn't include an option to match payload at a certain offset in the payload which doesn't allow us to perform partial matching.