base/frameworks/packet-filter/utils.bro

PacketFilter
Namespace:PacketFilter
Source File:/scripts/base/frameworks/packet-filter/utils.bro

Summary

Functions

PacketFilter::combine_filters: function Combines two valid BPF filter strings with a string based operator to form a new filter.
PacketFilter::port_to_bpf: function Takes a port and returns a BPF expression which will match the port.
PacketFilter::sampling_filter: function Create a BPF filter to sample IPv4 and IPv6 traffic.

Detailed Interface

Functions

PacketFilter::combine_filters
Type:function (lfilter: string, op: string, rfilter: string) : string

Combines two valid BPF filter strings with a string based operator to form a new filter.

Lfilter:Filter which will go on the left side.
Op:Operation being applied (typically “or” or “and”).
Rfilter:Filter which will go on the right side.
Returns:A new string representing the two filters combined with the operator. Either filter being an empty string will still result in a valid filter.
PacketFilter::port_to_bpf
Type:function (p: port) : string

Takes a port and returns a BPF expression which will match the port.

P:The port.
Returns:A valid BPF filter string for matching the port.
PacketFilter::sampling_filter
Type:function (num_parts: count, this_part: count) : string

Create a BPF filter to sample IPv4 and IPv6 traffic.

Num_parts:The number of parts the traffic should be split into.
This_part:The part of the traffic this filter will accept (0-based).

Table of Contents

Next Page

base/bif/analyzer.bif.bro

Previous Page

base/frameworks/analyzer/main.bro

Copyright 2016, The Bro Project. Last updated on December 07, 2018. Created using Sphinx 1.8.2.