---

An eBPF-based packet filtering framework.

bpfilter transforms how you control network traffic by leveraging the power of eBPF technology. This framework elegantly translates filtering rules into optimized BPF programs, bringing unparalleled performance and flexibility to your packet filtering needs.

Key features • Quick start • Documentation

Key features

• High performance: utilizes eBPF’s near-native performance capabilities
• Low overhead: minimal resource consumption with maximized efficiency
• Developer-friendly: clean architecture with clear separation of components

bpfilter combines two components: a core library that translates filtering rules into efficient BPF programs and manages their lifecycle, and a CLI that allows users to define and manage filtering rules in human-readable text.

Want to know more about bpfilter? Check the user’s guide, the developer documentation, our contributing guide, or watch our latest public talk!

Quick start

Install

bpfilter is packaged for Fedora 40+, EPEL 9+, and supports Fedora 40+, CentOS Stream 9+, and Ubuntu 24.04+. The examples below use Fedora 41.

# Fedora 40+ or CentOS Stream 9+ (with EPEL)
sudo dnf install -y bpfilter bpfilter-devel

Build from sources

# Essential build requirements
sudo dnf install -y clang cmake gcc libbpf-devel bison flex sed xxd

# Configure the project and build bpfilter
cmake -S $SOURCES_DIR -B $BUILD_DIR -DNO_DOCS=ON -DNO_TESTS=ON -DNO_CHECKS=ON -DNO_BENCHMARKS=ON
make -C $BUILD_DIR

Usage

# Count the number of pings coming to interface #2
sudo $BUILD_DIR/output/sbin/bfcli ruleset set --from-str "chain my_chain BF_HOOK_XDP{ifindex=2} ACCEPT rule ip4.proto icmp counter ACCEPT"

The complete documentation is available on bpfilter.io.

License

bpfilter is licensed under GPLv2. You can find the licensing details in the COPYING file.

Acknowledgements

bpfilter was initially designed by Alexei Starovoitov with help from David S. Miller and Daniel Borkmann as a Linux kernel usermode helper, and later improved by Dmitrii Banshchikov.