15:I[981,["658","static/chunks/658-a698693f56d0116a.js","183","static/chunks/183-6beeeb801c274aaa.js","474","static/chunks/app/%5Btype%5D/layout-631c4730b83c8223.js"],"Posts"] 16:T457,A few days ago, someone decided to DDoS the entire IP range of my Hong Kong VPS provider. fail2ban did its job a little too enthusiastically — banned 20,000+ IPs, ran the machine out of memory, and triggered a kernel panic. Great. :/ That's when I realized the problem: fail2ban lets packets hit the kernel stack first, then reacts. Under a real flood, that reaction cost alone is enough to kill the machine. I went down the XDP/eBPF rabbit hole — packets get dropped at the NIC driver level, before they even touch the kernel. The other thing that annoyed me was manually managing port rules, so I built a daemon that watches for new listening ports via Netlink Process Connector and updates the BPF whitelist automatically. What it does: ~34–65 ns/packet drop on KVM VPS, auto-syncs open ports, handles IPv6 extension headers, one-liner install. What it won't do: won't save you if your uplink is already saturated — not a replacement for upstream scrubbing.

Would love feedback, especially if something breaks on your setup. First time posting here — hello everyone!17:T464,AgentGate is a small backend microservice that enforces stake-gated execution of actions.

The idea is simple: as AI agents reduce the marginal cost of sending bids, API calls, negotiations, etc., systems designed around human friction become vulnerable to synthetic pressure.

AgentGate requires:

Identity registration with an Ed25519 public key

Bond lock before action execution

Cryptographically signed action execution and resolution

Replay protection (timestamp window)

Per-identity rate limiting

Progressive minimum bond requirements

Actions remain capital-backed until resolved. Outcomes determine refund, partial burn, or full slashing.

This is not a token project and does not depend on blockchain. It’s a local-firs

The Data Project – data journalism sites built from public government datasets

Altman says OpenAI agrees with Anthropic's red lines in Pentagon dispute

Federal agencies may have a Claude problem now

Show HN: I built a site where you hire yourself instead of applying for jobs

Show HN: Rapidly build efficient sites with Neat, the minimalist CSS framework

Need ArXiv endorsement.. CS. Multiagent-Systems [pdf]

Show HN: XDP firewall that auto-syncs open ports – built after my VPS got DDoS'd

Show HN: Taskdog – Terminal-based task manager with schedule optimization

Show HN: AgentGate – Stake-Gated Action Microservice for AI Agents

Show HN: Market Digest: Self-hosted market analysis and Telegram

Zugunruhe, and what makes things worth doing

Perplexity Computer: What I Built in One Night (Review and Examples)

Ask HN: Do you enforce Prettier in all Next.js projects?

Show HN: Notemac++ – A Notepad++-inspired code editor for macOS and the web

Technical Recruiter in 2026

Lee Kuan Yew – Resources

Neil Sedaka, Singing Craftsman of Memorable Pop Songs, Dies at 86

Amazon deal with OpenAI shakes up AI landscape

Emuko: Fast RISC-V emulator written in Rust, boots Linux

GAIT: A Voluntary Transparency Framework for AI Use in Games

Moltler the Skills Framework for Elasticsearch

Should Social Media Algorithms Have Age-Based Safeguards for Over-60s?

Ask HN: Can our bootstrapped startup keep up?

Trump instructs federal agencies to stop work with Anthropic

How are we physically caging autonomous AI? (My architecture for kill-switch)

Show HN: QF STEM Ledger – Logging Structured Cognitive Work

Write Modern Go Code with Junie and Claude Code

Paramount strikes deal to buy Warner Bros Discovery for $110B

Human brain cells on a chip learned to play Doom in a week

Rank5.io – a party game about the people you play with

Ask HN: Books for LLMs