An eBPF-based packet filtering framework.

bpfilter transforms how you control network traffic by leveraging the power of eBPF technology. This framework elegantly translates filtering rules into optimized BPF programs, bringing unparalleled performance and flexibility to your packet filtering needs.


_images/demo_light.gif _images/demo_dark.gif

Key features

  • High performance: utilizes eBPF’s near-native performance capabilities

  • Flexible integration: use the custom iptables integration or bpfilter’s bfcli command line for extended functionalities

  • Low overhead: minimal resource consumption with maximized efficiency

  • Developer-friendly: clean architecture with clear separation of components

bpfilter combines three components: a CLI that allows users to define filtering rules in human-readable text, a daemon that converts these rules into efficient BPF programs, and a library that facilitates seamless communication between applications and the filtering subsystem.

Want to know more about bpfilter? Check the user’s guide, the developer documentation, or watch our talk at Scale!