bpfilter

ROAM_REFS: https://bpfilter.io/

• bpfilter

bpfilter

is a BPF-based packet filtering framework. It is composed of a shared library (

libbpfilter

) and a daemon (

bpfilter

).

The

bpfilter

daemon running on the system receives a request from a client (

iptables

,

nftables

, or any other client that could be created) and converts the client-provided ruleset into one or more BPF program(s).

If you want to try

bpfilter

with

nftables

or

iptables

, have a look at Usage and Build from sources.

If you want to know more about

bpfilter

's internals, take a look at the following talks about the project:

• BPF and firewall: kernel support to ease more complex packets filtering (LSFMMBPF 2023)
• bpfilter: a BPF-based packet filtering framework (All Systems Go 2023)
• bpfilter: a BPF-based packet filtering framework (Linux Plumbers Conference 2023)
• Netfilter or eBPF? Use both with bpfilter! (FOSDEM 2024)
• bpfilter: packet filtering with BPF and nftables (Scale21x)

ROAM_REFS: https://github.com/facebook/bpfilter

* An eBPF-based packet filtering framework.

bpfilter is an eBPF-based packet filtering framework designed to translate filtering rules into BPF programs. It comprises three main components:

1. A daemon that runs on the host, translating filtering rules into BPF programs.
2. A lightweight library to facilitate communication with the daemon.
3. A dedicated command line interface to define the filtering rules.

A typical usage workflow would be to start the

bpfilter

daemon, then define the filtering rules using

bfcli

(part of the

bpfilter

project),

nftables

or

iptables

. The

bpfilter

daemon will be responsible for translating the filtering rules into custom BPF programs, and loading them on the system.

Detailed information can be found in the documentation.