https://lwn.net/Articles/822744/ This is a special feed containing comments posted to the individual LWN article titled "Rethinking bpfilter and user-mode helpers". en-us Tue, 21 Oct 2025 10:24:27 +0000 Tue, 21 Oct 2025 10:24:27 +0000 https://www.rssboard.org/rss-specification lwn@lwn.net https://lwn.net/Articles/965056/ https://lwn.net/Articles/965056/ ttuttle <div class="FormattedComment"> I’m confused at what you’re trying to say — I didn’t see any mention of a GUI in the article, and user space runs lots more than just a GUI (on systems that even run one).<br> </div> Mon, 11 Mar 2024 21:42:58 +0000 https://lwn.net/Articles/855364/ https://lwn.net/Articles/855364/ muzg666 <div class="FormattedComment"> GUI = user space ... but (stupid)firewall .... in kernell ... morons ... <br> </div> Wed, 05 May 2021 03:04:14 +0000 https://lwn.net/Articles/824032/ https://lwn.net/Articles/824032/ nix <div class="FormattedComment"> It's for "much faster iptables": the eventual idea was that iptables could be hardware-offloaded and all sorts of stuff. The original LWN article on this had a bunch of use cases, but in effect the idea was that rather than iptables being interpreted, when implemented as bpf it would get JITted and suddenly you have packet filter rules at native code speed.<br> </div> Mon, 22 Jun 2020 00:17:42 +0000 https://lwn.net/Articles/823615/ https://lwn.net/Articles/823615/ flussence <div class="FormattedComment"> I have a sincere question: who was bpfilter *for*?<br> <p> And I can't answer that myself because web searches for it only turn up announcements and articles from the 4.18 era declaring it the best thing since sliced cputime. I can't find any details, tools or documentation for it — not online and not in the kernel tree either. It smells like a “job security” thing to me.<br> </div> Fri, 19 Jun 2020 03:37:10 +0000 https://lwn.net/Articles/823552/ https://lwn.net/Articles/823552/ sbelmon <div class="FormattedComment"> Wait, so the Berkeley Packet Filter machine would do all kinds of things, except, well, filter packets? <br> <p> Not that it's wrong, just surprised that you wouldn't mention this funny situation :-)<br> <p> </div> Thu, 18 Jun 2020 20:02:49 +0000 https://lwn.net/Articles/823414/ https://lwn.net/Articles/823414/ gregkh <div class="FormattedComment"> This is core kernel functionality that is not self-contained as a module that does not affect any other part of the kernel.<br> <p> So no, it is not viable for staging. Also remember that staging is not a dumping ground for things that no one uses. It can be used to merge things _out_ of the kernel if it is unused, but that only lasts for a kernel release or two.<br> </div> Thu, 18 Jun 2020 07:56:24 +0000 https://lwn.net/Articles/822973/ https://lwn.net/Articles/822973/ mb <div class="FormattedComment"> Isn't it possible to move them to staging?<br> </div> Fri, 12 Jun 2020 18:51:57 +0000