Skip to content

Latest commit

 

History

History
73 lines (48 loc) · 2.16 KB

README.md

File metadata and controls

73 lines (48 loc) · 2.16 KB

nflux

Network monitoring and firewall using EBPF, XDP and TC. Powered by Aya-rs

Built with ❤ in Rust

Table of Contents generated with mtoc

Nflux architecture

Look at what level it works XDP:

xdp

Powerful, right? Same for traffic control (TC).

tc

Note

nflux uses XDP for incoming packet processing (only works with physical interfaces). For outgoing packets, it uses TC. If you want to use it with a virtual interface, you need to use the tc mode which is not implemented yet.

Features

Pending to add...

Installation

Requirements

  • Docker

By the moment, the quickest way to install nflux is using containers. Let's see how to run nflux with docker-compose.

git clone https://github.com/containerscrew/nflux.git
make compose-build

Before running the container, you need to edit the configuration file nflux.toml. The most important configuration is the interface name.

ip link show # get the name of your PHYSICAL interface
# Once is changes in the conf file, lets run nflux
make compose-up

Warning

In Fedora, where selinux is enforced by default, I'm having some problems. Quick fix (not secure): sudo setenforce 0

By default, nflux will allow SSH (22) connections from any IP. Avoid blocking your SSH connection if testing in remote servers (VPS).

Local development

For local development, I don't use containers since the build process is slow. Visit this custom page for local development.

Contribution

Any improvement is welcome! If you want to help me improve in Rust and eBPF, I'd be delighted!

License

nflux is distributed under the terms of the AGPL3 license.