this post was submitted on 19 Mar 2026
6 points (100.0% liked)

Self Hosted - Self-hosting your services.

19056 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules

Important

Cross-posting

If you see a rule-breaker please DM the mods!

founded 5 years ago
MODERATORS
Zoe8338@lemmy.ml
dogmuffins@lemmy.ml
testman@lemmy.ml
6
I built a minimalist SPA tool using eBPF/XDP to keep ports invisible. First project in Go! (github.com)
submitted 3 days ago by lucy@lemy.nl to c/selfhost@lemmy.ml
0 comments fedilink hide all child comments
 

Hi guys, I wanted to share a project I’ve been working on called xSpa. It's an implementation of Single Packet Authorization that works at the XDP level.

I built this because I wanted something faster and more DDoS-resilient than traditional port-knocking or SPA tools that rely on userspace processing or iptables. Here, the "drop-all" logic happens right at the driver level.

Key bits:

L1 verification (SipHash) in kernel space.

L2 (ChaCha20-Poly1305) in Go userspace.

It uses the eBPF ring buffer for communication.

This is my first Go project and my first shot at Open Source. I’m still a bit of a noob when it comes to kernel-level programming, so I’d love to get some feedback on the architecture and security. If anyone has time to check the code, I’d love to hear your thoughts on how to make it better.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here