• JaromilOPMA
    link
    fedilink
    arrow-up
    5
    ·
    2 months ago

    https://rachelbythebay.com/w/2024/07/17/bpf/ systemd injects bpf program(s) when you filter traffic by IP address in a .service file. It rejects traffic by dropping it🚮past the ip[6]tables match, and well before it would generate a SYN/ACK. No counters, no logs. 🫥 Packets disappear. 🫧