Skip to content

bouheki

HOME

bouheki

HOME
Getting started
Getting started
Use Cases
Use Cases
Configuration
Configuration
- Configuration
- Network Restriction
  Network Restriction
  - Configuration
  - Examples
- File Access Restriction
  File Access Restriction
  - Configuration
  - Examples
- Mount Restriction
  Mount Restriction
  - Configuration
  - Examples
- DNS Proxy
Development
Development
- Setup
- Build and Test

bouheki: KRSI(eBPF+LSM) based Linux security auditing tool

bouheki is KRSI(eBPF+LSM) based Linux security auditing tool.
Security events can be audited and blocked based on the container of the process, and restrictions can be applied to container environments.

Features

Restriction rules based on process context, such as command name or UID and more
Restrictions limited to containers (hosts are not restricted)
Network Access Control
File Access Control
Restictions bind mounts from host filesystem to containers

Demo

LICENSE

bouheki's userspace program is licensed under MIT License.
eBPF programs inside pkg/bpf directory are licensed under GNU General Public License version 2.