gamemann
Enhancement: Enable Pinning for map_stats to Support Real-Time Statistics
Enhancement: Enable Pinning for map_stats to Support Real-Time Statistics
Background
Thank you to the author for providing such a powerful and flexible XDP firewall. After carefully studying this project, I found it highly effective for my use case. However, I encountered an issue when scaling to handle a large number of IP blocks (hundreds of thousands or millions).
Issue
Using the xdpfw-add or xdpfw-del CLI to control traffic is significantly inefficient for large-scale IP blocking. Additionally, since I start xdpfw using systemctl rather than the xdpfw CLI, my Rust-based solution, which directly manipulates the map to improve performance, cannot access real-time statistics. This limitation prevents effective monitoring of traffic data.
Proposed Solution
To enable real-time statistics, I propose adding support for pinning map_stats. After researching, I found that modifying src/loader/prog.c is sufficient to achieve this. I have implemented the functionality and tested it successfully.
Request
If this change is acceptable, I would like to submit it via a pull request. Please let me know if any adjustments are needed or if there are additional considerations.
Thank you for your time and feedback!
