Bpf
BPFILTER: the next-generation Linux firewall
BPFILTER is one of the newer features to provide traffic filtering. Learn how it works and why it may replace iptables as the firewall on Linux systems.
Summary
The Linux community has a continuous drive to enhance the GNU/Linux kernel. When we look at network traffic filtering, we moved from ipchains to iptables. More recently we saw the introduction of nftables. Next in line is BPFILTER, part of the development work for the Linux 4.18 kernel.
What is BPFILTER?
BPFILTER is short for BPF based packet filtering framework. In other words, it is a framework that does packet filtering and is based on BPF. Interestingly, BPF itself is an acronym for Berkeley Packet Filter. So it is clear that packet filtering is an important part of this feature.
Differences between iptables and nftables explained
An overview of the differences between firewall technologies iptables and nftables. We highlight the major differences like simplicity and management.
Summary
The seasoned Linux administrator will be familiar with iptables, the network traffic filter. If you ever configured a Linux system with an ethernet bridge configuration, you might even have worked with ebtables. Or possibly you wanted to filter ARP traffic and used arptables? Newcomer nftables has arrived, with the purpose to replace iptables, ip6tables, ebtables and arptables. As with every big upcoming change, it is good to know the differences. We explain what makes nftables different to iptables, and why you want to adopt it in the near future.