Restricting IP address access to specific ports in eBPF: a sketch

The article explores how eBPF could implement per-port IP address restrictions by extending systemd's current LPM map approach. It proposes embedding port numbers in LPM map keys alongside IP addresses, allowing scalable filtering of network packets based on both destination port and source IP. The approach maintains simple eBPF program generation while enabling more granular access controls.