---

An eBPF-based packet filtering framework.

bpfilter transforms how you control network traffic by leveraging the power of eBPF technology. This framework elegantly translates filtering rules into optimized BPF programs, bringing unparalleled performance and flexibility to your packet filtering needs.

Key features • Quick start • Documentation

Key features

• High performance: utilizes eBPF's near-native performance capabilities
• Flexible integration: use the custom iptables integration or bpfilter's bfcli command line for extended functionalities
• Low overhead: minimal resource consumption with maximized efficiency
• Developer-friendly: clean architecture with clear separation of components

bpfilter combines three components: a CLI that allows users to define filtering rules in human-readable text, a daemon that converts these rules into efficient BPF programs, and a library that facilitates seamless communication between applications and the filtering subsystem.

Want to know more about bpfilter? Check the user's guide, the developer documentation, or watch our latest public talk!

Quick start

Install

bpfilter is packaged for Fedora 40+, EPEL 9+ and supports Fedora 40+, CentOS Stream 9+, and Ubuntu 24.04+. The examples below uses Fedora 41.

# Fedora 40+ or CentOS Stream 9+ (with EPEL)
sudo dnf install -y bpfilter bpfilter-devel

Build from sources

# Essential build requirements
sudo dnf install -y cmake gcc libbpf-devel libnl3-devel bison flex

# Configure the project and build bpfilter
cmake -S $SOURCES_DIR -B $BUILD_DIR -DNO_DOCS=ON -DNO_TESTS=ON -DNO_CHECKS=ON -DNO_BENCHMARKS=ON
make -C $BUILD_DIR install

Usage

# Start the daemon
sudo $BUILD_DIR/output/sbin/bpfilter

# Count the number of ping coming to interface #2
sudo $BUILD_DIR/output/sbin/bfcli ruleset set --str "chain BF_HOOK_XDP{ifindex=2} policy ACCEPT rule ip4.proto icmp counter ACCEPT"

The complete documentation is available on bpfilter.io.

License

bpfilter is licensed under GPLv2. You can find the licensing details in the COPYING file.

Acknowledgements

bpfilter was initially designed by Alexei Starovoitov with help from David S. Miller and Daniel Borkmann as a Linux kernel usermode helper, and later improved by Dmitrii Banshchikov.