Session
A firewall flow sniffer and eBPF
Designing a flow sniffer using netlink sockets (with libnetfilter-conntrack and libmnl) turned out to need eBPF for certain features. This session talks about how 'conntracker' got eBPF CO.RE support (including for legacy v4.15 kernels).
Rafael David Tinoco
Open Source Engineer at Aqua Security
Curitiba, Brazil
Links
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top