dae icon indicating copy to clipboard operation
dae copied to clipboard

Published 20 hours ago verified publisher icon daeuniverse

Dont add non-direct ip to ebpf rules

Open ZhiShengYuan opened this issue 1 year ago • 3 comments

Dont add non-direct ip to ebpf rules

ZhiShengYuan avatar Jun 10 '23 09:06 ZhiShengYuan

Please provide more context such as the use cases.

piyoki avatar Sep 02 '23 14:09 piyoki

Please provide more context such as the use cases.

A very obvious example is the situation where, for instance, American IPs go through American proxies, British IPs go through British proxies, and Japanese IPs go through Japanese proxies. These IPs clearly do not need, nor can they be routed within eBPF; instead, routing them takes place within the application itself. Within eBPF, the only IPs that are useful are those that do not need to pass through the application.

ZhiShengYuan avatar Sep 02 '23 14:09 ZhiShengYuan

Please provide more context such as the use cases.

Otherwise, we can observe an extremely ironic phenomenon: although there are tens of thousands of rules within eBPF, their effectiveness is equivalent to only a few thousand.

ZhiShengYuan avatar Sep 02 '23 14:09 ZhiShengYuan