On 08/20/2017 03:03 PM, Eric Leblond wrote: [...]
I've just started to work again on eBPF and XDP. My target it to work on XDP support for Suricata (Daniel if you read me, yes finally ;) Target is to be able to start Suricata with --xdp eth5 and get everything setup by Suricata to get a working capture.
Great, finally! ;)
I've done one year ago an implementation of eBPF support in Suricata using the library in tools/lib/bpf. One year later is using this library the way to go or is there another library ?
Yep, the lib in tools/lib/bpf would be recommended (also used in tools/testing/selftests/bpf/ for some of the networking selftests these days, incl. XDP). Anyway, patches welcome just in case. ;)
|