|
|
Log in / Subscribe / Register

BPF comes to firewalls

BPF comes to firewalls

Posted Feb 20, 2018 15:25 UTC (Tue) by ringerc (subscriber, #3071)
In reply to: BPF comes to firewalls by vadim
Parent article: BPF comes to firewalls

Yeah, it's a lot like someone looked at the "tc" and "ip" commands and thought "what a great UI, lets do that".

to post comments

BPF comes to firewalls

Posted Feb 20, 2018 16:17 UTC (Tue) by flussence (guest, #85566) [Link] (1 responses)

I've got a working (AFAIK) nftables setup. The end result looks pretty after months of tweaking, but I completely agree on how unnecessarily painful it was to get there. Spitting nothing but strerror(-ENOENT) at the user whenever any module is missing from the kernel is a nasty thing to do…

BPF comes to firewalls

Posted Feb 21, 2018 0:15 UTC (Wed) by florianfainelli (subscriber, #61952) [Link]

Fortunately we now have extended netlink acks to give you a more meaningful error code...


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds