Deep Packet Inspection: compare the performance between libnetfilter_queue, NF_HOOK and eBPF XDP
an invention by nguyens
an invention by nguyens
Updated
14 days
ago.
2 hacker ♥️.
2 followers.
Deep Packet Inspection: compare the performance between libnetfilterqueue, NFHOOK and eBPF XDP
Project Description
The objective is to benchmark 3 different methods to perform deep packet inspection (layer 4 payload string search):
- Use the userland libnetfilter_queue facility (along with the netfilter NFQUEUE target)
- Use an in-kernel custom hook (via NF_HOOK)
- Use an eBPF XDP filter
Performance will be measured with two metrics: - response time - throughput
Goal for this Hackweek
- Develop the 3 use cases (simple programs)
- Create a simple benchmark to compare the 3 use cases
- Obtain metrics for response times and throughput for the 3 use cases.
Resources
- https://netfilter.org/projects/libnetfilter_queue/index.html
- https://linux-kernel-labs.github.io/refs/heads/master/labs/networking.html#netfilter-1
- https://en.wikipedia.org/wiki/Express_Data_Path
Code Repository
This project is part of:
Hack Week 23
Activity
Comments
Similar Projects
The Missing Middle: Add an intermediate brightness setting for auxiliary LEDs in Andúril 2 by gkenion
[comment]: # (Please use the project descriptio...
Avahi Integration and Network Connection by vojha
Avahi Integration and Network Connection
...
Extract generic testing framework from Linux Test Project code base by acervesato
Project Description
The Linux Test Projec...
80-bit floats support on x86_64 for Valgrind by mfranc
[comment]: # (Please use the project descriptio...
Vulkan Widget for GTK by yudaike
[comment]: # (Please use the project descriptio...