bpfilter

bpfilter is a BPF-based packet filtering framework. It is composed of a shared library (libbpfilter) and a daemon (bpfilter).

The bpfilter daemon running on the system receives a request from a client (iptables, nftables, or any other client that could be created) and converts the client-provided ruleset into one or more BPF program(s).

If you want to try bpfilter with nftables or iptables, have a look at Usage and Build from sources.

If you want to know more about bpfilter’s internals, take a look at the following talks about the project:

• BPF and firewall: kernel support to ease more complex packets filtering (LSFMMBPF 2023)

• bpfilter: a BPF-based packet filtering framework (All Systems Go 2023)

• bpfilter: a BPF-based packet filtering framework (Linux Plumbers Conference 2023)

• Netfilter or eBPF? Use both with bpfilter! (FOSDEM 2024)

• bpfilter: packet filtering with BPF and nftables (Scale21x)