summaryrefslogtreecommitdiff
path: root/Documentation
diff options
context:
space:
mode:
authorWillem de Bruijn <willemb@google.com>2013-01-18 07:17:30 +0000
committerPablo Neira Ayuso <pablo@netfilter.org>2013-01-21 12:20:19 +0100
commite6f30c731718db45cec380964dfee210307cfc4a (patch)
treee7be56bbf797e1632d65cbb98f9f557b2bf1a2e8 /Documentation
parent5a406b0cdfa948c7d949b270374737b17ee1679f (diff)
netfilter: x_tables: add xt_bpf match
Support arbitrary linux socket filter (BPF) programs as x_tables match rules. This allows for very expressive filters, and on platforms with BPF JIT appears competitive with traditional hardcoded iptables rules using the u32 match. The size of the filter has been artificially limited to 64 instructions maximum to avoid bloating the size of each rule using this new match. Signed-off-by: Willem de Bruijn <willemb@google.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'Documentation')
0 files changed, 0 insertions, 0 deletions