"Linux Socket Filtering (LSF) is derived from the Berkeley Packet Filter. Though there are some distinct differences between the BSD and Linux Kernel filtering, but when we speak of BPF or LSF in Linux context, we mean the very same mechanism of filtering in the Linux kernel."

  • https://www.kernel.org/doc/Documentation/networking/filter.txt
  • https://lwn.net/Articles/599755/
  • https://www.facebook.com/atscaleevents/videos/1693888610884236/
  • http://iovisor.github.io/bcc/
  • http://www.brendangregg.com/blog/2015-05-15/ebpf-one-small-step.html
  • https://github.com/sharklinux/shark