tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Lua as a scripting language in NetBSD

On Sun, Oct 18, 2009 at 08:29:02PM +0300, Antti Kantee wrote:
> I am opposed to "wishful thinking" additions to the base system without
> any real evidence of the actual usefulness.

You want an example application?  Some of mine are proprietary so I can't
share their details right now.  But here is one which I think has pretty
general appeal.  I would like to use Lua, in the kernel, to implement
stateful application-layer packet filtering and redirection, using our
existing packet filter hooks and (in some cases) ipfilter's "call" action.

Lua is fast enough to do this for many small firewalls, far safer than
using C code, and far more flexible than the canned types of packet
matchers and actions offered by ipfilter or pf.  And it interfaces neatly
with C code such that it's easy to write tiny shims which hook it up to
our network stack using the existing packet filter hooks.

Basically, I want a small, fast, safe language for data filtering and
manipulation in the kernel.  Lua is the best candidate I can see right

Thor Lancelot Simon                               
    "Even experienced UNIX users occasionally enter rm *.* at the UNIX
     prompt only to realize too late that they have removed the wrong
     segment of the directory structure." - Microsoft WSS whitepaper

Home | Main Index | Thread Index | Old Index