bpfilter: A BPF-based Network Filtering Performance Booster

Popular：

Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

bpfilter: A BPF-based Network Filtering Performance Booster

2025-05-23

The bpfilter project aims to significantly improve network filtering performance in the Linux kernel. It achieves this by translating iptables/nftables rules into BPF programs, bypassing performance bottlenecks inherent in traditional methods. Composed of three components – a daemon, a library, and a command-line interface – bpfilter allows users to define custom filtering rules and integrates with iptables. Benchmarks demonstrate bpfilter's superior performance over iptables and nftables when handling large rule sets. Future plans include enhanced nftables support and integration of user-provided BPF programs.

(lwn.net)

Development Network Filtering

Bellmac-32: The CMOS Gamble That Changed the World

Internet Archive Livestreams Microfiche Digitization