| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | extensions: libxt_bpf: support ebpf pinned objects | Willem de Bruijn | 2016-12-10 | 1 | -1/+24 |
| | | | | | | | | | | | | | | | | Exercise the new kernel feature introduced in commit 2c16d6033264 ("netfilter: xt_bpf: support ebpf") to load pinned eBPF programs. The new interface allows instantiating a bpf match using -m bpf --object-pinned ${PATH} where ${PATH} points to a node in a bpf virtual filesystem. See also the revised man page. Signed-off-by: Willem de Bruijn <willemb@google.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | ||||
| * | extensions: add libxt_bpf extension | Willem de Bruijn | 2013-04-02 | 1 | -0/+17 |
| Add user-space code to support the new BPF iptables extension. Pablo has mangled the original patch to: * include a copy of include/linux/netfilter/xt_bpf.h in the tree. * I have also remove the --bytecode-file option. The original proposal was to accept BPF code in a file in human readable format. Now, with the nfbpf_compile utility, it's very easy to generate the filter using tcpdump-like syntax. * I have remove the trailing comma in the backtick format, the parser works just fine for me here. * Fix error message if --bytecode is missing. Signed-off-by: Willem de Bruijn <willemb@google.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | |||||
 |
index : iptables | |
| iptables tree | pablo@netfilter.org |
| summaryrefslogtreecommitdiffstats |