[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
|
|
Subscribe / Log in / New account

Bpfilter (and user-mode blobs) for 4.18

Bpfilter (and user-mode blobs) for 4.18

Posted May 30, 2018 19:58 UTC (Wed) by bendystraw (guest, #124653)
Parent article: Bpfilter (and user-mode blobs) for 4.18

It looks like my procrastination when it comes to seriously digging into nftables is going to work out just fine.

to post comments

Bpfilter (and user-mode blobs) for 4.18

Posted May 30, 2018 21:18 UTC (Wed) by rahvin (guest, #16953) [Link] (5 responses)

I was thinking the same thing as you. ;) Woohoo for sticking to the old stuff until the new stuff is replaced with even newer stuff.

Bpfilter (and user-mode blobs) for 4.18

Posted May 30, 2018 22:06 UTC (Wed) by ibukanov (subscriber, #3942) [Link] (3 responses)

This is a nice demo of Lindy effect, https://en.m.wikipedia.org/wiki/Lindy_effect

Bpfilter (and user-mode blobs) for 4.18

Posted May 31, 2018 8:04 UTC (Thu) by epa (subscriber, #39769) [Link] (2 responses)

Before I read the link I surmised that the Lindy effect was that when a large system adds a general-purpose language (in this case BPF) it will drive out less general, more specialized configuration languages (the firewall rule definitions). The end of this process is when the extension language becomes almost the whole program (Emacs started out as a set of macros for another editor but soon turned into an editor implemented entirely in Lisp). Does that "effect" have a name and a Wikipedia article?

Bpfilter (and user-mode blobs) for 4.18

Posted May 31, 2018 14:30 UTC (Thu) by ehiggs (subscriber, #90713) [Link] (1 responses)

The fact that you reference Lisp makes me think you already know the rule you're referring to:

https://en.wikipedia.org/wiki/Greenspun%27s_tenth_rule

> Any sufficiently complicated C or Fortran program contains an ad-hoc, informally-specified, bug-ridden, slow implementation of half of Common Lisp.

Related is Zawinski's rule of software:

https://en.wikipedia.org/wiki/Jamie_Zawinski#Principles

> Every program attempts to expand until it can read mail. Those programs which cannot so expand are replaced by ones which can.

Bpfilter (and user-mode blobs) for 4.18

Posted May 31, 2018 18:16 UTC (Thu) by epa (subscriber, #39769) [Link]

Yes, I had both of those rules in mind, but that's not quite the effect I was stating. It would be a corollary to Greenspun's rule: that said buggy half-Lisp will then start to take over the rest of the program, usurping first the other configuration languages and then the core functionality. (Javascript in the web browser comes to mind as another example.)

Bpfilter (and user-mode blobs) for 4.18

Posted May 31, 2018 15:34 UTC (Thu) by atai (subscriber, #10977) [Link]

"Not invented now" syndrome, in addition to the "Not invented here" syndrome

Bpfilter (and user-mode blobs) for 4.18

Posted May 31, 2018 19:53 UTC (Thu) by flussence (guest, #85566) [Link] (1 responses)

nftables is a bit nicer to read/maintain than iptables after it's set up, so I don't regret making the effort to switch. I'd hope they learn from history and give this iteration a more reasonable learning curve though.

Bpfilter (and user-mode blobs) for 4.18

Posted Jun 7, 2018 9:15 UTC (Thu) by aktau (subscriber, #99005) [Link]

I read somewhere that they intend to haver nftables configuration be able to use bpfilter as a backend. In that case the learning wasn't for nothing. I also believe the nftables configuration language is far superior to iptables.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds