February 23, 2026
Kernel dreams, comment screams
Show HN: Shibuya – A High-Performance WAF in Rust with eBPF and ML Engine
Big AI promises, instant blocking, and a 'world domination' plan—commenters bring receipts
TLDR: A hyped Rust-based web firewall promises ultra-fast blocking, AI detection, and a bold growth roadmap. Commenters split between curiosity and mockery: critics say the machine learning looks thin and the marketing loud, supporters see policy control potential—everyone wants hard benchmarks before calling it a game-changer.
Shibuya, a new open-source web firewall in Rust, barges onto the scene boasting lightning-fast kernel-level blocking (via eBPF, a way to drop bad traffic inside Linux), machine-learning attack detection, and a 36-page dashboard. The dev even teases that it’s “the WAF that makes Cloudflare nervous.” The crowd? Nervous laughter. Skeptics pounced on the AI claims first: nullcathedral pointed out the classifier looks thin—“less than 20 hardcoded payloads”—and demanded real-world tests and numbers. Translation: cool marketing, now show the receipts.
Then came the roadmap drama. reconnecting surfaced the maker’s “WORLD DOMINATION PLAN,” complete with month-by-month targets like 10k GitHub stars and conference mic drops. Cue eye-rolls, memes, and “announce fewer, ship more” energy. One commenter, koakuma-chan, didn’t mince words: “What the fuck is this slop?”—a blunt reaction to the flashy docs and scoreboard-style claims like “SQLi BLOCKED 4,291” flashing across the page. Even the name got roasted: Klonoar called “Shibuya” generic, knocking the brand before the bytes.
Still, it’s not all snark. abusaidm saw genuine potential: as AI agents and automated tools multiply, a smart gatekeeper at the front door could enforce context-aware policies and block dangerous behavior on demand. Verdict from the crowd: the tech sounds wild, but without solid benchmarks, explainable results, and fewer hype lines, it’s just another ambitious launch begging for battle-tested proof. Repo
Key Points
- •Shibuya is a Rust-based, open-source WAF with eBPF/XDP kernel-level blocking and sub-5 ms P99 latency.
- •It features a dual ML engine: IsolationForest (via ONNX Runtime) for anomaly detection and Random Forest for 10 attack classes, with SHAP-like explainability.
- •The WAF integrates 615+ OWASP CRS rules via a native SecRule parser, supporting ModSecurity compatibility, anomaly scoring, and ReDoS protection.
- •Rules can hot-reload in production, with custom rule management via Admin API/CLI.
- •Extensibility includes a WASM plugin system and deployment safety via shadow mode and a PostgreSQL-backed traffic replay engine producing diff reports.