Skip to content

refactor: optimize agent mode #144

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pigri merged 16 commits into from
Jan 22, 2026
Merged

refactor: optimize agent mode #144

pigri merged 16 commits into from
Jan 22, 2026

Conversation

@pigri
Copy link
Contributor

@pigri pigri commented Jan 21, 2026
edited
Loading

  • Replaced MOATFirewall with SYNAPSEFirewall for consistency.
  • Improved efficiency by using Arc clones in access rules initialization.
  • Added skip_waf_update parameter to apply_rules_from_global to control WAF updates in agent mode.
  • Enhanced logging and comments for clarity on agent mode behavior.
  • Introduced an expression interner for WAF rules to minimize memory usage.
  • Updated global configuration handling to use Arc for efficient sharing.
  • Adjusted various components to support agent mode optimizations.
  • Added NftablesFirewall struct and associated methods for managing IP bans and notices.
  • Integrated nftables as a fallback when BPF/XDP is not available.
  • Updated application logic to initialize and apply access rules using nftables.
  • Modified configuration to support nftables integration in worker and app state.
  • Added necessary dependencies in Cargo.toml and Cargo.lock.
  • Introduced a new struct for TCP fingerprint recording to accommodate BPF's argument limits.
  • Reduced maximum option length for TCP fingerprints from 40 to 16 to minimize instruction count.
  • Removed unused fragmentation checks and the unique fingerprints increment function.
  • Updated fingerprint recording functions for both IPv4 and IPv6 to utilize the new struct.

@pigri pigri self-assigned this Jan 21, 2026
@pigri pigri added the enhancement New feature or request label Jan 21, 2026
pigri added 15 commits January 21, 2026 15:49
@pigri
build: update build scripts and Dockerfile for improved compatibility…
035f251 
… and package management
@pigri
feat: implement nftables firewall backend for access rules enforcement
39277c8
@pigri
build: refactor CI workflows to use Docker for building binaries and …
4ee730e 
…DEB packages
@pigri
build: update CI workflows to reference the correct Dockerfile for bu…
1a8cde6 
…ilding
@pigri
feat: enhance TCP fingerprinting with new struct and reduced instruct…
a6ad3a0 
…ion count
@pigri
feat: add iptables firewall backend for access rules enforcement and …
3056612 
…update build workflows
@pigri
build: optimize build process by updating compiler flags and restruct…
c384cd3 
…uring Dockerfiles
@pigri
feat: add GitHub Actions workflow for building and testing DEB and RP…
414876e 
…M packages
@pigri
refactor: remove unused variable for BPF load failure tracking in asy…
5113076 
…nc_main
@pigri
feat: add support for iptables and nix dependencies, update builder s…
ba19950 
…cript and Dockerfile for improved package building
@pigri
build: update CI workflow to reference new Dockerfile location and re…
9776c61 
…move obsolete Dockerfile
@pigri
refactor: change CMD to ENTRYPOINT in Dockerfile and update entrypoin…
f576d19 
…t script for correct output path
@pigri
feat: add firewall mode configuration options to config.yaml for enha…
939801a 
…nced firewall backend selection
@pigri
refactor: remove domain_filter and wirefilter modules to streamline c…
4532d28 
…odebase and improve maintainability
@pigri
refactor: update configuration structure to replace deprecated AX_ pr…
35250bb 
…efix with platform, enhancing clarity and maintainability
@pigri pigri merged commit 03fa195 into main Jan 22, 2026
4 checks passed
@pigri pigri deleted the refactor_agent_mode branch January 22, 2026 12:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@krichard1212 krichard1212 krichard1212 approved these changes

@Gepsonka Gepsonka Awaiting requested review from Gepsonka

Assignees

@pigri pigri

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@pigri @krichard1212