Casey Bralla via plug on 2 Feb 2022 06:00:26 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Perspectives on Content Filtering: kernel or userspace?


I've been using pihole for about a year and I like it for several reasons:

  1. It is universal for my entire network.  Pihole is my local DNS server, so very easy to setup and protect EVERYTHING on the network
  2. No changes to the setups for multiple devices (such as android phones, Gentoo custom kernels (my desktop), & Debian stock kernel (my home sever)
  3. It was easy to setup
  4. It gives me good data about how it is working

I think you've already identified the pluses and minus of "in kernel".  There may be some performance gains from being in the kernel, but replicating that across multiple devices would be pain in most cases.

On 2/2/22 8:48 AM, Eli Flanagan via plug wrote:
Hi folks,
I've been wondering about approaches to content filtering on GNU/Linux systems.
By content filtering I generally mean blocking TCP packets based on some kind of denylist from a user (DNSBL, pihole, etc).
 
I'm curious about whether you see any major advantages to designs that integrate directly with the kernel. 

I imagine a benefit is performance and reliability. A downside is lack of portability.
Userspace software has the advantage of portability (unbound, dnsmasq).

I feel like this is a topic for discussion since I do not believe in a One Right Answer to the problem.
Cheers,
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug