Use udp dst port 53 and inbound expression

[cppcoffee]

Process inbound packets only.

[cppcoffee]

CI test error "Port is not listening". is it a ci problem?

full log:

[*] Running /root/test.sh
listening on [::]:8888 ...

[   44.483253] [+] drawbridge: Loaded module into kernel - monitoring 1 port(s)
Port is not listening
[+] Selected Interface eth0, with address 10.0.2.15
[+] Sending Udp packet to 127.0.0.1:53 to unlock port 8888
[+] Sent 604 bytes
[!!!] Auth Failed!

[landhb]

Yeah @cppcoffee I had to revert #41 because I think the inbound qualifier seems to prevent the BPF filter from picking up localhost traffic on the CI/CD host.

CI/CD runs the test suite by authenticating on 127.0.0.1:

https://github.com/landhb/DrawBridge/blob/master/module/tests/test.sh#L35

We might have to leave the filter as-is in the repo for testing purposes, but technically users can configure the filter to whatever they wish. Ideally in the future the module would be configured in userspace with a file and netlink, similar to wireguard, such as /etc/drawbridge/config.toml:

[module]
port = 8888
allow = ["127.0.0.1"]

[auth]
filter = "udp dst port 53 and inbound"
key = "/etc/drawbridge/server.pem"

Which would also address #46. I.e. allow the user to configure if they want to explicitly allow localhost without authentication.

[cppcoffee]

Oh, I get it. close this PR.