Amazing days in the 2014 Netfilter Workshop

It finished the 2014 Netfilter Workshop. It was amazing and very interesting for me. I’d been in Lyon before this was my first visit to Montpellier in France. This meeting was co-hosted by 15èmes Rencontres Mondiales du Logiciel Libre, the biggest event of free software in France with more than 300 conferences and workshops.

I arrived on Sunday 6th of July, one day before the workshop, and I visited some stands of Open source projects in the “Esplanade Charles-de-Gaulle” of the 15èmes Rencontres Mondiales du Logiciel Libre. There was a conference of Richard Stallman about the history of Free Software.

On monday, It was the Netfilter’s User day. There were a set of talks about DDoS protection using Netfilter/iptables, nft-sync, Nftables and IPS, Netfilter logging at the nftables age, Suricata IDS/IPS, Zorp and kzorp and Vuurmuur. In my opinion, the most important and interesting talk that day was “nftables: a new packet classification framework for Linux” by Pablo Neira, the maintainer of Netfilter project. Nftables is the new packet classification framework that intends to replace the existing {ip,ip6,arp,eb}_tables infrastructure. It’s the future. 🙂

Tuesday and Wednesday were the first days of the Netfilter’s developers days. They passed with interesting talks, an important debates and decision making about the Netfilter project, their projects and related technologies. Those days, we spoke about netfilter updates with a short summary on the Netfilter kernel changes since the last workshop, achievement unlocked, OVS MPLS, nftables quick hacking HOWTO, the switch-o-pocalypse, NIC’s and external switches, the challenge of 10Gbit/s wirespeed and the lessons learned from DPDK, qdisc updates and lockless FIFO, Open vSwitch with conntrack and Use of nftables from OVS. Moreover, there were time to speak about nftables project: “Nftables kernel” and “Nft from userspace” by Patrick McHardy and Pablo Neira, two of the most relevant developers of nftables project. At that time, They spoke and was a debate about what is done, what needs to be fixed/done and future things coming in nftables (in kernel space) and nft (user-space)

In the OPW, I’m working with nft, libnftln and nftables in the kernel space, so, It was the most interesting moment. I heard a very good explanation about these projects.

On Thursday, It was more talk and debates about ipset and ulogd2. Morever, It was the time for the students of Google Summer of Code and me. Arturo Borrero speak about his project nft-sync, a new userspace tool to distribute a nftables ruleset across the network. Alvaro Neira spoke about XML/JSON support for libnftnl and Giussepe Longo spoke about the compatibility layer in nft. Their talks were very good and very interesting. They were about their work around “Google Summer Of Code” period.

I spoke about one of my tasks during the OPW period: “nftables automated tests” I spoke about the motivation to do it, what is checking, options are available to run this test, the structure of the test file and the test folders. Also, I spoke about the future of the testing in nft and the next tasks to do. I was very nervous: It was my first talk in the Netfilter Workshop and in English language. It was an important challenge to me, I did it the best I could. 🙂

During these days, I talked with the developers and they gave me feedback on the importance of the test system and the expectation of the creation of this task. It hasn’t been any test system in nft tools yet.

They were amazing days. I learned a lot about development, network, linux, the kernel, hardware… and it was a landmark in Netfilter Workshop history: It was the first time that a girl are invited to this meeting and also she gave a talk.

Thanks to The Outreach Program for Women. They sponsored me the travel and the hotel during these days. Without their help, I wouldn’t have been to do it.

Here’s the group picture of the 10th Netfilter workshop which is held from July 7th to July 11th in Montpellier, France. By Eric Leblond
Netfilter workshop group picture 2014

