protego 0.1.0

🛡️ Protego is an eBPF-based security tool for Linux designed to enhance system protection.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58

use anyhow::Context as _;
use aya::programs::{Xdp, XdpFlags};
use aya::programs::{tc, SchedClassifier, TcAttachType};
use clap::Parser;
use log::{debug, warn};
use tokio::signal;

#[derive(Debug, Parser)]
struct Opt {
    #[clap(short, long, default_value = "eth0")]
    iface: String,
}

#[tokio::main]
async fn main() -> anyhow::Result<()> {
    let opt = Opt::parse();

    env_logger::init();

    let rlim = libc::rlimit {
        rlim_cur: libc::RLIM_INFINITY,
        rlim_max: libc::RLIM_INFINITY,
    };
    let ret = unsafe { libc::setrlimit(libc::RLIMIT_MEMLOCK, &rlim) };
    if ret != 0 {
        debug!("remove limit on locked memory failed, ret is: {}", ret);
    }

    // let mut ebpf = aya::Ebpf::load(aya::include_bytes_aligned!(concat!(
    //     env!("OUT_DIR"),
    //     "/protego"
    // )))?;
    // if let Err(e) = aya_log::EbpfLogger::init(&mut ebpf) {
    //     warn!("failed to initialize eBPF logger: {}", e);
    // }
    // let Opt { iface } = opt;
    // 
    // // Attach XDP program
    // let program: &mut Xdp = ebpf.program_mut("protego")
    //     .context("failed to find XDP program 'protego'")?
    //     .try_into()?;
    // program.load()?;
    // program.attach(&iface, XdpFlags::default())
    //     .context("failed to attach the XDP program with default flags - try changing XdpFlags::default() to XdpFlags::SKB_MODE")?;
    // 
    // // Attach TC program
    // let _ = tc::qdisc_add_clsact(&iface);
    // let program: &mut SchedClassifier = ebpf.program_mut("protego_tc").unwrap().try_into()?;
    // program.load()?;
    // program.attach(&iface, TcAttachType::Egress)?;

    let ctrl_c = signal::ctrl_c();
    println!("Waiting for Ctrl-C...");
    ctrl_c.await?;
    println!("Exiting...");

    Ok(())
}