[QUESTION] Can I implement NAT with bpftime in no-privileged container #316
Comments
We didn't support network related features yet, currently we only support uprobe and syscall trace But maybe using uprobes to hook syscall functions like socket, write, read, would work, but we haven't tested it yet |
|
We have examples using dpdk or possible using afxdp to run the network functions in xdp. So part of the answer is yes, bpftime can help deploy these NAT to userspace. But the dpdk and afxdp still needs root access. |
|
You can find some code here and we will release more later: https://github.com/eunomia-bpf/XDP-eBPF-in-DPDK |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
For tradictional ebpf, I can implement NAT with xdp/tc. but these ways always require "root".
I want to know if I can implement NAT with bpftime in no-privileged container.
thanks for developing this exciting project.
The text was updated successfully, but these errors were encountered: