Linux command
xdp-filter 命令
安全
权限或系统影响较大,执行前请核对目标。
常用示例
Load
sudo xdp-filter load -p allow -m skb [network_interface]
Unload
sudo xdp-filter unload [network_interface]
Deny
sudo xdp-filter port [destination_port]
Example
sudo xdp-filter ip -m src [source_ip]
Example
sudo xdp-filter ether -m src [mac_address]
Example
sudo xdp-filter poll -i 10000
说明
xdp-filter loads and manages eBPF XDP (eXpress Data Path) packet filters. It provides high-performance packet filtering at the network driver level, before packets reach the kernel networking stack. Part of the xdp-tools collection for managing XDP programs.
参数
- load _INTERFACE_
- Load filter on network interface
- unload _INTERFACE_
- Unload filter from interface
- port _PORT_
- Filter by port number
- ip _ADDRESS_
- Filter by IP address
- ether _ADDRESS_
- Filter by MAC address
- poll
- Show statistics
- -p, --policy _POLICY_
- Set default policy (allow/deny)
- -m, --mode _MODE_
- Filter mode (src/dst for direction, skb/native for XDP mode)
- -i, --interval _MS_
- Poll interval in milliseconds
FAQ
What is the xdp-filter command used for?
xdp-filter loads and manages eBPF XDP (eXpress Data Path) packet filters. It provides high-performance packet filtering at the network driver level, before packets reach the kernel networking stack. Part of the xdp-tools collection for managing XDP programs.
How do I run a basic xdp-filter example?
Run `sudo xdp-filter load -p allow -m skb [network_interface]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does load _INTERFACE_ do in xdp-filter?
Load filter on network interface