Description:
High-traffic infrastructure running on Linux environments requires defenses operating below the application layer. Standard reverse proxies (like Nginx) add latency. We need to implement kernel-level network management to drop malicious API traffic before it even reaches the Node.js runtime.
Acceptance Criteria:
Write custom eBPF (Extended Berkeley Packet Filter) programs targeting modern Ubuntu kernel networking stacks (XDP).
Implement ultra-fast rate-limiting and IP blacklisting at the network interface controller (NIC) level.
Provide automated bash scripts to compile and load the eBPF bytecode safely into the host operating system alongside the application deployment.
Description:
High-traffic infrastructure running on Linux environments requires defenses operating below the application layer. Standard reverse proxies (like Nginx) add latency. We need to implement kernel-level network management to drop malicious API traffic before it even reaches the Node.js runtime.
Acceptance Criteria:
Write custom eBPF (Extended Berkeley Packet Filter) programs targeting modern Ubuntu kernel networking stacks (XDP).
Implement ultra-fast rate-limiting and IP blacklisting at the network interface controller (NIC) level.
Provide automated bash scripts to compile and load the eBPF bytecode safely into the host operating system alongside the application deployment.