Bpfilter offers a new approach to packet filtering in Linux

New Filter

Much More Work Remains

The bpfilter packet filter system is still little more than a proof of concept that has provoked a whole bunch of feedback loops on the kernel mailing list in recent months. If bpfilter actually works as advertised, Linux admins will quickly adopt it.

Bpfilter is just an example of the power that BPF brings to Linux, with the possibility to run microservices from the kernel. This functionality will increasingly make BPF detachable from the network context and could lead to other innovations in the Linux space.

Infos

  1. netfilter: https://www.netfilter.org
  2. BPF comes to firewalls: https://lwn.net/Articles/747551

The Author

In his spare time, Debian developer Martin Gerhard Loschwitz works as a Telekom Public Cloud Architect at T-Systems and primarily deals with topics such as OpenStack, Ceph, and Kubernetes.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus