Home / ubuntu / Questions / 1099451
In Process
AveryFreeman
Asked: 2018-12-09 14:14:09 +0800 CST

Does Ubuntu now use bpfilter or netfilter?

  • 772

I'm trying to put together a firewall/router using netinstall of Ubuntu 18.10 with bpfilter. I know it's packaged by default with kernel >=4.18 these days, but I'm a little confused about how to specify it rather than netfilter.

Does anybody know?

For starters:

root@ubuntu1810:/home/localuser# uname -r
4.18.0-12-generic

And also :

root@ubuntu1810:/home/localuser# dmesg | grep bpfilter
[  969.576326] bpfilter: Loaded bpfilter_umh pid 14099

Also just noticed this: 

# lsmod | grep bp
bpfilter               16384  0

So that's good, but when I search for netfilter I get a lot of /proc sources

root@ubuntu1810:/home/localuser# find / -name netfilter
/usr/include/linux/netfilter
/usr/src/linux-headers-4.18.0-12/include/linux/netfilter
/usr/src/linux-headers-4.18.0-12/include/net/netfilter
/usr/src/linux-headers-4.18.0-12/include/uapi/linux/netfilter
/usr/src/linux-headers-4.18.0-12/net/ipv6/netfilter
/usr/src/linux-headers-4.18.0-12/net/bridge/netfilter
/usr/src/linux-headers-4.18.0-12/net/ipv4/netfilter
/usr/src/linux-headers-4.18.0-12/net/netfilter
/usr/src/linux-headers-4.18.0-12/net/decnet/netfilter
/usr/src/linux-headers-4.18.0-12-generic/include/config/netfilter
/proc/sys/net/netfilter
/proc/1/task/1/net/netfilter
/proc/1/net/netfilter
/proc/2/task/2/net/netfilter
/proc/2/net/netfilter
/proc/3/task/3/net/netfilter
/proc/3/net/netfilter
/proc/14462/task/14462/net/netfilter
/proc/14462/net/netfilter
/lib/modules/4.18.0-12-generic/kernel/net/ipv6/netfilter
/lib/modules/4.18.0-12-generic/kernel/net/bridge/netfilter
/lib/modules/4.18.0-12-generic/kernel/net/ipv4/netfilter
/lib/modules/4.18.0-12-generic/kernel/net/netfilter
/lib/modules/4.18.0-12-generic/kernel/net/decnet/netfilter

but then also I can find: (although no /proc)

root@ubuntu1810:/home/localuser# find / -name bpfilter
/sys/module/bpfilter
/usr/src/linux-headers-4.18.0-12/net/ipv4/bpfilter
/usr/src/linux-headers-4.18.0-12/net/bpfilter
/usr/src/linux-headers-4.18.0-12-generic/include/config/bpfilter
/lib/modules/4.18.0-12-generic/kernel/net/bpfilter

And also, if I run iptables rules these should control whatever firewall is running, correct? I'm setting up csf with webmin.

Can anybody clear this up for me please? Thanks!

networking kernel firewall

0 Answers