Skip to content

Devcontainer update #221

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
Gepsonka wants to merge 7 commits into from
Closed

Devcontainer update #221

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
333c933
cleaned up branch
Gepsonka Feb 16, 2026
10d8a5b
Merge branch 'main' into ratelimit-config-fix
Gepsonka Feb 16, 2026
8920106
romed log gz
Gepsonka Feb 16, 2026
b1f9924
Merge branch 'ratelimit-config-fix' of github.com:gen0sec/synapse int…
Gepsonka Feb 16, 2026
aed48cd
devcontainer update
Gepsonka Mar 31, 2026
50bbb88
Merge branch 'main' into devcontainer-update && updated devcontainer
Gepsonka Mar 31, 2026
24acffa
fixed hardcoded path
Gepsonka Apr 1, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion .devcontainer/devcontainer.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,9 @@
"KERNEL_UBUNTU_TAG": "061014"
}
},
"mounts": [
"source=${localWorkspaceFolder},target=/home/vscode/workspace,type=bind"
],
"runArgs": [
"--privileged",
"--cap-add=SYS_ADMIN",
Expand All @@ -29,7 +32,7 @@
}
},
"remoteUser": "vscode",
"postCreateCommand": "sudo bpftool btf dump file /sys/kernel/btf/vmlinux format c > /home/vscode/workspace/vmlinux.h || true",
"postStartCommand": "sudo mount -t bpf bpf /sys/fs/bpf || true && sudo mount -t debugfs none /sys/kernel/debug || true && sudo sysctl -w kernel.unprivileged_bpf_disabled=0 || true && sudo ulimit -l unlimited || true",
"postCreateCommand": "if [ -r /sys/kernel/btf/vmlinux ]; then /usr/local/bin/bpftool btf dump file /sys/kernel/btf/vmlinux format c > /home/vscode/vmlinux.h; else echo 'Skipping vmlinux.h generation: /sys/kernel/btf/vmlinux is unavailable'; fi && git clone git@github.com:arxignis/citadel.git /home/vscode/workspace && mkdir -p /home/vscode/workspace/src/security/firewall/bpf/include && if [ -f /home/vscode/vmlinux.h ]; then cp /home/vscode/vmlinux.h /home/vscode/workspace/src/security/firewall/bpf/include/vmlinux.h; fi",
"workspaceFolder": "/home/vscode/workspace"
}
2 changes: 2 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,3 +55,5 @@ AGENTS.md

# BPF vmlinux.h (generated from kernel headers)
src/security/firewall/bpf/include/vmlinux.h

vmlinux.h
20 changes: 15 additions & 5 deletions src/security/access_rules.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -668,7 +668,17 @@ fn apply_rules(
// Check if rules have changed
let ipv4_changed = *previous_rules_guard != current_rules;
let ipv6_changed = *previous_rules_v6_guard != current_rules_v6;

log::debug!(
"Rate limiter config comparison - previous: {:?}, current: {:?}",
*previous_rate_limiter_config,
rule.config.rate_limit
);
let rate_limiter_config_changed = *previous_rate_limiter_config != rule.config.rate_limit;
log::debug!(
"Rate limiter config changed: {}",
rate_limiter_config_changed
);

// If neither family changed, skip quietly with a single log entry
if ipv4_changed || ipv6_changed {
Expand Down Expand Up @@ -757,16 +767,16 @@ fn apply_rules(
let mut ratelimit = XDPRateLimit::new(&mut skel_ref);
ratelimit.setup_from_config(&rule.config.rate_limit);

log::debug!("Successfully set XDP ratelimter config via access rules");
log::info!("Successfully set XDP ratelimter config via access rules");
}

if rate_limiter_config_changed {
*previous_rate_limiter_config = rule.config.rate_limit.clone();
}
*previous_rate_limiter_config = rule.config.rate_limit.clone();
} else {
log::debug!("No XDP rate limiter config cahnges detected, skipping update");
log::debug!("No XDP rate limiter config changes detected, skipping update");
}

log::debug!("{:?}", rule.config.rate_limit);

Ok(())
}

Expand Down
2 changes: 1 addition & 1 deletion src/worker/config.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ pub struct Config {

#[derive(Debug, Clone, Deserialize, Serialize, Default)]
pub struct AccessRuleConfig {
#[serde(default, rename = "rateLimit")]
#[serde(default)]
pub rate_limit: XDPRateLimitConfig,
}

Expand Down
Loading