As a developer, I want to implement a simple firewall for mina node in order to test network split

[vlad9486]

Add some REST endpoints for setup firewall with whitelist. Use XDP to implement the firewall.

[vlad9486]

Added a tool topology-tool in debugger docker image. Added a test in drone file.

Problem:

XDP module doesn't work on kata-clh runtime. The module is loaded and attached to the eth0 interface. We can check it:

$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1430 xdp qdisc fq state UP mode DEFAULT group default qlen 1000
    link/ether 56:d9:60:8d:6f:f0 brd ff:ff:ff:ff:ff:ff
    prog/xdp id 35 tag 17ceab131057819d jited 

dmesg shows no errors and no relevant information. But packets are not blocked, nodes can still communicate.

However, XDP only works on the kata-qemu runtime.

[vlad9486]

This is fixed by using the `genaric' mode for XDP attach. It will not be the best performance, but it will be good enough.

[vlad9486]

Remove unsafe impl Send. I should do a little refactoring of the event loop to avoid most of the unsafe code.