Hi,

I want to develop a firewall using netfilter, thereby my firewall acting as a kernel level driver.

Are there any disadvantgages (or better alternatives) in doing this ?

My goal is to go the lowest level and capture/drop packets.