ParabossaX Blog

Systems engineering, low-level dev & infrastructure notes

Mar 7, 2026 Linux Networking

Understanding eBPF: Packet Filtering Beyond iptables

A deep dive into how eBPF programs attach to kernel hooks and why XDP is replacing traditional netfilter chains in high-throughput environments. We benchmark tc-bpf vs nftables on a 10GbE link.

SEC("xdp")
int xdp_drop(struct xdp_md *ctx) {
  return XDP_DROP;
}
Read more →
Feb 28, 2026 Rust Systems

Writing a Minimal HTTP Server in Rust with io_uring

Exploring async I/O without epoll. We implement a bare-bones HTTP/1.1 server using io_uring submission and completion queues directly via the io-uring crate, bypassing tokio entirely.

let mut ring = IoUring::new(256)?;
let sqe = opcode::Accept::new(fd).build();
unsafe { ring.submission().push(&sqe)?; }
Read more →
Feb 19, 2026 Linux Containers

Rootless Containers from Scratch: Namespaces & cgroups v2

Building a container runtime in 200 lines of C. We walk through clone(), pivot_root(), and setting up a cgroup hierarchy without ever touching Docker or root privileges.

Read more →
Feb 5, 2026 Networking Security

TLS 1.3 Handshake Internals: What Wireshark Won't Tell You

Dissecting the 1-RTT handshake at the byte level. How ECDHE key exchange, PSK resumption, and 0-RTT early data actually work under the hood — with raw hex dumps and annotations.

Read more →