A defense-in-depth firewall for Minecraft Java servers — L4 to L7, with AI augmentation.
Aegis is a 5-layer defensive stack designed to protect Minecraft servers from volumetric DDoS, L7 bot attacks, and protocol exploits. It integrates best-in-class open-source tools (Sonar, GrimAC, Spark) with custom logic and ML-driven anomaly detection.
Pre-alpha. Design phase. Not yet usable.
See docs/superpowers/specs/ for the design.
| Layer | Component | Role |
|---|---|---|
| 0 | Edge (optional) | Cloudflare Spectrum / TCPShield for >10Gbps scrubbing |
| 1 | Aegis-Wall | nftables + IP reputation feeds (kernel-level L4) |
| 2 | Aegis-Gate | Velocity proxy + Sonar + custom Sentinel logic |
| 3 | Aegis-Shield | Paper plugin + GrimAC + Spark + custom exploit detection |
| 4 | Aegis-Brain | Anomaly detection, username classifier, forensics LLM |
| 5 | Aegis-Eye | ClickHouse + Grafana + admin Console UI |
Aegis does not include offensive tools, stress testers, join-bots, or any capability to attack other servers. Use against systems you do not own is illegal.
GPL-3.0. See LICENSE.