eBPF MCP
A secure MCP server for eBPF, designed for AI integration, kernel introspection, and automation.
🐝 ebpf-mcp: AI-Compatible eBPF Control via Model Context Protocol
A secure, minimal, and schema-enforced MCP server for eBPF — purpose-built for AI integration, kernel introspection, and automation.
🧠 What Is This?
ebpf-mcp is a secure Model Context Protocol (MCP) server that exposes a minimal set of structured tools to interact with eBPF — optimized for safe AI control, automation agents, and human operators.
It enables loading, attaching, introspecting, and streaming eBPF programs — all through strict JSON Schema contracts validated at runtime. No REST APIs, no shell escapes, and no bpftool wrappers.
🚀 Quick Start
📦 One-liner Installation
# Install ebpf-mcp server
curl -fsSL https://raw.githubusercontent.com/sameehj/ebpf-mcp/main/install.sh | sudo bash
# Start the service (runs on port 8080 by default)
sudo systemctl start ebpf-mcp
sudo systemctl enable ebpf-mcp
# Get your auth token
cat /etc/ebpf-mcp-token
# Check service status
sudo systemctl status ebpf-mcp
# View logs if needed
sudo journalctl -u ebpf-mcp -f
For air-gapped or development environments:
git clone https://github.com/sameehj/ebpf-mcp.git
cd ebpf-mcp
sudo ./install.sh v1.0.2
🧪 Test the Installation
# Run the complete test suite
cd scripts/
chmod +x test-ebpf-mcp-server.sh
./test-ebpf-mcp-server.sh <your-token>
If no token is provided, the script will prompt for it interactively.
🤖 Claude CLI Integration
Once installed, connect Claude to your eBPF server (runs on port 8080):
# Add MCP server to Claude CLI
claude mcp add ebpf http://localhost:8080/mcp \
-t http \
-H "Authorization: Bearer $(cat /etc/ebpf-mcp-token)"
# Start Claude with eBPF tools
claude --debug
# Optional: Test with MCP Inspector (requires Node.js)
npx @modelcontextprotocol/inspector http://localhost:8080/mcp
📘 Tutorials
Looking to get started in specific environments or with Cursor IDE?
🧰 VirtualBox Setup Guide
Learn how to configure and run ebpf-mcp inside a VirtualBox VM, with port forwarding, SSH access, and practical tips.
🖥️ Cursor IDE + eBPF-MCP Integration
Step-by-step guide for running the eBPF MCP server with Cursor IDE for AI-driven observability.
Example prompts:
> Get system info and kernel version> Load and attach a kprobe program to monitor sys_execve> Show me all active eBPF programs and their types> Stream events from ringbuffer maps for 10 seconds> Trace kernel errors for the next 5 seconds
📥 Install Options
| Method | Command | Use Case |
|---|---|---|
| One-liner | curl ... | sudo bash | Production systems |
| Manual | git clone && sudo ./install.sh | Development/air-gapped |
| Build from source | make build | Custom modifications |
| Docker | Coming soon | Containerized environments |
🔧 Minimal Toolset
Each tool is designed to be schema-validatable, AI-orchestrable, and safe-by-default. They cover 80%+ of real-world observability and control workflows.
| Tool Name | Status | Description | Capabilities Required |
|---|---|---|---|
info | ✅ | System introspection: kernel, arch, BTF | CAP_BPF or none (read-only) |
load_program | ✅ | Load and validate .o files (CO-RE supported) | CAP_BPF or CAP_SYS_ADMIN |
attach_program | ✅ | Attach program to XDP, kprobe, tracepoint hooks | Depends on type (e.g. CAP_NET_ADMIN for XDP) |
inspect_state | ✅ | List programs, maps, links, and tool metadata | CAP_BPF (read-only) |
stream_events | ✅ | Stream events from ringbuf/perfbuf maps | CAP_BPF (read-only) |
trace_errors | ✅ | Monitor kernel tracepoints for error conditions | CAP_BPF (read-only) |
All tools return structured JSON output — AI-ready, streaming-compatible, and schema-validated.
🔍 See
docs/TOOL_SPECS.mdfor full schema definitions.
🚀 What You Can Do
- ✅ Query kernel version, architecture, and BTF availability
- ✅ Load programs from disk or inline base64 with optional BTF
- ✅ Attach to live systems with type-safe constraints
- ✅ Inspect pinned objects, kernel version, verifier state
- ✅ Stream real-time events with filtering by pid/comm/cpu
- ✅ Trace kernel errors and system anomalies
- ✅ Discover available tools and their schemas
- ✅ Integrate with Claude, Ollama, or MCP-compatible clients
🛡️ Security Model
| Layer | Controls |
|---|---|
| eBPF execution | Kernel verifier + resource caps |
| Filesystem | No shell, no exec, path-validated |
| Runtime isolation | Session-scoped cleanup, strict inputs |
| AI safety | Capability-aware schemas + output limits |
| Authentication | Bearer token + HTTPS ready |
🧼 All resources are automatically cleaned up when a client disconnects (no manual unload/detach required unless pinned).
📦 Project Structure
.
├── cmd/ # MCP server + CLI client
├── internal/ # Core logic: eBPF, tools, kernel adapters
├── pkg/types/ # JSON schema bindings + shared types
├── docs/ # Tool specs, design notes, schemas
├── scripts/ # Install script + test suite
└── schemas/ # JSON Schema files for each tool
🧠 Advanced Design Notes
✅ Lifecycle Management
- 🔒 No manual detach: Links are closed automatically unless pinned
- 🧹 Auto cleanup: FDs and memory are released on disconnect
- 📎 Pinning: Optional pin paths (
/sys/fs/bpf/...) for maps/programs/links
🤖 AI Tooling Compatibility
- All tools are strictly typed with published schemas and return structured JSON output
- AI-ready: No parsing required — direct integration with language models
- Streaming-compatible: Real-time data flows for observability workflows
- Responses include:
tool_versionverifier_log(for debugging)- Structured
errorwithcontext
🔗 Extensibility
Future optional tools:
pin_object/unpin_objectdetach_linkmap_batch_op
These are omitted from the default for security and simplicity.
📚 References
- Linux Kernel eBPF Docs
- Model Context Protocol
- MCP Inspector Tool
- JSON Schema Spec (2020-12)
- eBPF Security Best Practices
- Cilium for Kubernetes Observability
🧪 See scripts/test-ebpf-mcp-server.sh for full validation suite.
Basic Architecture:
Claude / Ollama / AI Client
↓
MCP JSON-RPC
↓
ebpf-mcp server
↓
Kernel APIs
📜 Licensing
| Component | License |
|---|---|
internal/ebpf/ | GPL-2.0 |
| Everything else | Apache-2.0 |
✉️ Contact
📬 GitHub – sameehj/ebpf-mcp 🛠 Contributions, issues, and PRs welcome!
Structured. Safe. Schema-native.
ebpf-mcpbrings eBPF to the age of AI.
Похожие серверы
Alpha Vantage MCP Server
спонсорAccess financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
Crypto_MCP
A server for cryptographic operations like encryption, decryption, and hashing.
Context7 Python
A Python server for searching libraries and retrieving documentation, with support for HTTP/HTTPS proxies.
Code Snippet Image
Generate beautiful, shareable images from code snippets with syntax highlighting and multiple themes.
XcodeProj MCP Server
An MCP server for manipulating Xcode project files (.xcodeproj) using Swift. Requires Docker and macOS.
XcodeMCP
An MCP server to control Xcode on macOS using JavaScript for Automation (JXA).
Minecraft Modding MCP
mcmodding-mcp is a Model Context Protocol (MCP) server that gives AI assistants like Claude direct access to Minecraft modding documentation. Instead of relying on potentially outdated training data, your AI assistant can search real documentation, find code examples, and explain concepts accurately.
Kali AI Pentest MCP Tools
An AI penetration testing tool that uses natural language to operate various security tools like nmap, sqlmap, and metasploit.
Code Assistant
A Rust-based CLI tool for code-related tasks, operating as an MCP server.
Semiotic
Data visualization for streaming and static charts, maps and network visualization.
The Undesirables MCP Server
35+ local AI tools - TCG card grading, Monte Carlo simulation, voice synthesis, 3D mesh, image gen, and autonomous M2M NFT purchase bridge.