|
|
Log in / Subscribe / Register

Nftables: a new packet filtering engine

Nftables: a new packet filtering engine

Posted Apr 4, 2009 18:56 UTC (Sat) by mjcoder (guest, #54432)
Parent article: Nftables: a new packet filtering engine

Hehehehe, so we have a VM in the Linux kernel. What about the LLVM, or .NET VM (mono) or even Java? This would have the nice side-effect of having a JITted network filter application. (Don't take this too serious ...)

to post comments

Nftables: a new packet filtering engine

Posted Apr 4, 2009 20:02 UTC (Sat) by nix (subscriber, #2304) [Link]

We have several VMs in the kernel already: e.g. there's one for ACPI.

Nftables: a new packet filtering engine

Posted Apr 6, 2009 15:49 UTC (Mon) by kanchev (guest, #42519) [Link]

Why not LLVM? It's not just a VM, it's a compiler framework. You'll just need to develop a proper frontend which parses the nftables syntax and a backend which generates bytecode for the kernel VM. As a bonus you'll get the LLVM optimizations.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds