Show HN: Netfence – Like Envoy for eBPF Filters
Summary
Netfence proposes an Envoy-like approach to eBPF filtering by running a per-host daemon that injects eBPF programs and synchronizes allowlists/denylists with a central control plane via gRPC. It includes a per-attachment DNS server to resolve domains and populate IP filters, supporting multiple policy modes and domain-based rules. The concept targets scalable, low-latency network security for VM and container workloads.