Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

OpenSnitch author here ... although performances are not a big deal here because only conntrack packets are intercepted, the project will move to a C++ implementation once the current Python prototype/PoC will be complete and will prove that what I want to do is 100% doable on GNU/Linux :)


I would say that golang is good enough. But if you are interested , you could go for Rust. Multiple teams have built extremely high performance network manipulation tools in Rust - like linkerd-tcp .

Unless you were planning to use Ragel.


As I said, it'll be in C++, Go is great, Rust too, but I just can't get used to their syntax :D


Once I saw OpenSnitch I decided to write my own in Rust (mostly as a learning experience for myself)[1] -- it's still obviously WIP as it doesn't even filter packets yet! My intention is to make it have a remote API so that policy decisions aren't done in the daemon but are done in swappable clients.

[1]: https://github.com/cyphar/whistled


I thought the Ragel stuff was back in.


I hoped so too. I think someone is forking it, but AFAIK it's c or ASM only.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: