PcapPlusPlus  Next
PcapFilter.h
Go to the documentation of this file.
1 #pragma once
2 
3 #include <string>
4 #include <vector>
5 #include <memory>
6 #include "ProtocolType.h"
7 #include <stdint.h>
8 #include "ArpLayer.h"
9 #include "RawPacket.h"
10 
11 // Forward Declaration - used in GeneralFilter
12 struct bpf_program;
13 
31 
34 namespace pcpp
35 {
36  // Forward Declaration - used in GeneralFilter
37  class RawPacket;
38 
40  typedef enum
41  {
43  SRC,
45  DST,
47  SRC_OR_DST
48  } Direction;
49 
51  typedef enum
52  {
54  EQUALS,
56  NOT_EQUALS,
58  GREATER_THAN,
60  GREATER_OR_EQUAL,
62  LESS_THAN,
64  LESS_OR_EQUAL
65  } FilterOperator;
66 
67  namespace internal
68  {
71  struct BpfProgramDeleter
72  {
73  void operator()(bpf_program* ptr) const noexcept;
74  };
75  } // namespace internal
76 
79  class BpfFilterWrapper
80  {
81  private:
82  using BpfProgramUPtr = std::unique_ptr<bpf_program, internal::BpfProgramDeleter>;
83 
84  std::string m_FilterStr;
85  mutable LinkLayerType m_CachedProgramLinkType = LinkLayerType::LINKTYPE_ETHERNET;
86  mutable BpfProgramUPtr m_CachedProgram;
87 
88  static BpfProgramUPtr compileFilter(std::string const& filter, LinkLayerType linkType);
89 
90  public:
92  BpfFilterWrapper() = default;
93 
94  BpfFilterWrapper(const BpfFilterWrapper& other);
95  BpfFilterWrapper(BpfFilterWrapper&&) noexcept = default;
96  BpfFilterWrapper& operator=(const BpfFilterWrapper& other);
97  BpfFilterWrapper& operator=(BpfFilterWrapper&&) noexcept = default;
98 
104  bool setFilter(const std::string& filter, LinkLayerType linkType = LINKTYPE_ETHERNET);
105 
113  PCPP_DEPRECATED("Prefer matches(...) overload.")
114  bool matchPacketWithFilter(const RawPacket* rawPacket) const;
115 
126  PCPP_DEPRECATED("Prefer matches(...) overload.")
127  bool matchPacketWithFilter(const uint8_t* packetData, uint32_t packetDataLength, timespec packetTimestamp,
128  uint16_t linkType) const;
129 
138  bool matches(const RawPacket& rawPacket) const;
139 
150  bool matches(const uint8_t* packetData, uint32_t packetDataLength, timespec timestamp, uint16_t linkType) const;
151  };
152 
157  class GeneralFilter
158  {
159  private:
160  mutable BpfFilterWrapper m_BpfWrapper;
161  mutable bool m_CachedFilter = false;
162 
163  public:
164  GeneralFilter() = default;
165 
167  virtual ~GeneralFilter() = default;
168 
172  virtual void parseToString(std::string& result) const = 0;
173 
178  PCPP_DEPRECATED("Prefer matches(...) overload.")
179  bool matchPacketWithFilter(RawPacket* rawPacket) const;
180 
184  bool matches(RawPacket const& rawPacket) const;
185 
186  protected:
189  bool cacheFilter() const;
190 
192  void invalidateCache() const
193  {
194  m_CachedFilter = false;
195  };
196  };
197 
200  class BPFStringFilter : public GeneralFilter
201  {
202  private:
203  const std::string m_FilterStr;
204 
205  public:
206  explicit BPFStringFilter(const std::string& filterStr) : m_FilterStr(filterStr)
207  {}
208 
209  virtual ~BPFStringFilter()
210  {}
211 
215  void parseToString(std::string& result) const override;
216 
219  bool verifyFilter();
220  };
221 
227  class IFilterWithDirection : public GeneralFilter
228  {
229  private:
230  Direction m_Dir;
231 
232  protected:
233  void parseDirection(std::string& directionAsString) const;
234  Direction getDir() const
235  {
236  return m_Dir;
237  }
238  explicit IFilterWithDirection(Direction dir)
239  {
240  m_Dir = dir;
241  }
242 
243  public:
246  void setDirection(Direction dir)
247  {
248  m_Dir = dir;
249  invalidateCache();
250  }
251  };
252 
258  class IFilterWithOperator : public GeneralFilter
259  {
260  private:
261  FilterOperator m_Operator;
262 
263  protected:
264  std::string parseOperator() const;
265  FilterOperator getOperator() const
266  {
267  return m_Operator;
268  }
269  explicit IFilterWithOperator(FilterOperator op)
270  {
271  m_Operator = op;
272  }
273 
274  public:
277  void setOperator(FilterOperator op)
278  {
279  m_Operator = op;
280  invalidateCache();
281  }
282  };
283 
288  class IPFilter : public IFilterWithDirection
289  {
290  private:
291  IPAddress m_Address;
292  IPNetwork m_Network;
293 
294  public:
300  IPFilter(const std::string& ipAddress, Direction dir) : IPFilter(IPAddress(ipAddress), dir)
301  {}
302 
306  IPFilter(const IPAddress& ipAddress, Direction dir)
307  : IFilterWithDirection(dir), m_Address(ipAddress), m_Network(ipAddress)
308  {}
309 
320  IPFilter(const std::string& ipAddress, Direction dir, const std::string& netmask)
321  : IPFilter(IPv4Address(ipAddress), dir, netmask)
322  {}
323 
333  IPFilter(const IPAddress& ipAddress, Direction dir, const std::string& netmask)
334  : IFilterWithDirection(dir), m_Address(ipAddress), m_Network(ipAddress, netmask)
335  {}
336 
347  IPFilter(const std::string& ipAddress, Direction dir, int len) : IPFilter(IPAddress(ipAddress), dir, len)
348  {}
349 
359  IPFilter(const IPAddress& ipAddress, Direction dir, int len)
360  : IFilterWithDirection(dir), m_Address(ipAddress), m_Network(ipAddress, len)
361  {}
362 
367  IPFilter(const IPNetwork& network, Direction dir)
368  : IFilterWithDirection(dir), m_Address(network.getNetworkPrefix()), m_Network(network)
369  {}
370 
371  void parseToString(std::string& result) const override;
372 
375  void setNetwork(const IPNetwork& network)
376  {
377  m_Network = network;
378  m_Address = m_Network.getNetworkPrefix();
379  invalidateCache();
380  }
381 
385  void setAddr(const std::string& ipAddress)
386  {
387  this->setAddr(IPAddress(ipAddress));
388  invalidateCache();
389  }
390 
396  void setAddr(const IPAddress& ipAddress)
397  {
398  m_Address = ipAddress;
399  uint8_t newPrefixLen = m_Network.getPrefixLen();
400  if (m_Address.isIPv4() && newPrefixLen > 32u)
401  {
402  newPrefixLen = 32u;
403  }
404 
405  m_Network = IPNetwork(m_Address, newPrefixLen);
406  invalidateCache();
407  }
408 
417  void setMask(const std::string& netmask)
418  {
419  m_Network = IPNetwork(m_Address, netmask);
420  invalidateCache();
421  }
422 
424  void clearMask()
425  {
426  this->clearLen();
427  invalidateCache();
428  }
429 
434  void setLen(const int len)
435  {
436  m_Network = IPNetwork(m_Address, len);
437  invalidateCache();
438  }
439 
441  void clearLen()
442  {
443  m_Network = IPNetwork(m_Address);
444  invalidateCache();
445  }
446  };
447 
453  class IPv4IDFilter : public IFilterWithOperator
454  {
455  private:
456  uint16_t m_IpID;
457 
458  public:
462  IPv4IDFilter(uint16_t ipID, FilterOperator op) : IFilterWithOperator(op), m_IpID(ipID)
463  {}
464 
465  void parseToString(std::string& result) const override;
466 
469  void setIpID(uint16_t ipID)
470  {
471  m_IpID = ipID;
472  invalidateCache();
473  }
474  };
475 
481  class IPv4TotalLengthFilter : public IFilterWithOperator
482  {
483  private:
484  uint16_t m_TotalLength;
485 
486  public:
490  IPv4TotalLengthFilter(uint16_t totalLength, FilterOperator op)
491  : IFilterWithOperator(op), m_TotalLength(totalLength)
492  {}
493 
494  void parseToString(std::string& result) const override;
495 
498  void setTotalLength(uint16_t totalLength)
499  {
500  m_TotalLength = totalLength;
501  invalidateCache();
502  }
503  };
504 
509  class PortFilter : public IFilterWithDirection
510  {
511  private:
512  std::string m_Port;
513  void portToString(uint16_t portAsInt);
514 
515  public:
519  PortFilter(uint16_t port, Direction dir);
520 
521  void parseToString(std::string& result) const override;
522 
525  void setPort(uint16_t port)
526  {
527  portToString(port);
528  invalidateCache();
529  }
530  };
531 
538  class PortRangeFilter : public IFilterWithDirection
539  {
540  private:
541  uint16_t m_FromPort;
542  uint16_t m_ToPort;
543 
544  public:
549  PortRangeFilter(uint16_t fromPort, uint16_t toPort, Direction dir)
550  : IFilterWithDirection(dir), m_FromPort(fromPort), m_ToPort(toPort)
551  {}
552 
553  void parseToString(std::string& result) const override;
554 
557  void setFromPort(uint16_t fromPort)
558  {
559  m_FromPort = fromPort;
560  invalidateCache();
561  }
562 
565  void setToPort(uint16_t toPort)
566  {
567  m_ToPort = toPort;
568  invalidateCache();
569  }
570  };
571 
577  class MacAddressFilter : public IFilterWithDirection
578  {
579  private:
580  MacAddress m_MacAddress;
581 
582  public:
586  MacAddressFilter(MacAddress address, Direction dir) : IFilterWithDirection(dir), m_MacAddress(address)
587  {}
588 
589  void parseToString(std::string& result) const override;
590 
593  void setMacAddress(MacAddress address)
594  {
595  m_MacAddress = address;
596  invalidateCache();
597  }
598  };
599 
605  class EtherTypeFilter : public GeneralFilter
606  {
607  private:
608  uint16_t m_EtherType;
609 
610  public:
613  explicit EtherTypeFilter(uint16_t etherType) : m_EtherType(etherType)
614  {}
615 
616  void parseToString(std::string& result) const override;
617 
620  void setEtherType(uint16_t etherType)
621  {
622  m_EtherType = etherType;
623  invalidateCache();
624  }
625  };
626 
632  class CompositeFilter : public GeneralFilter
633  {
634  protected:
635  std::vector<GeneralFilter*> m_FilterList;
636 
637  public:
639  CompositeFilter() = default;
640 
643  explicit CompositeFilter(const std::vector<GeneralFilter*>& filters);
644 
647  void addFilter(GeneralFilter* filter)
648  {
649  m_FilterList.push_back(filter);
650  invalidateCache();
651  }
652 
655  void removeFilter(GeneralFilter* filter);
656 
659  void setFilters(const std::vector<GeneralFilter*>& filters);
660 
662  void clearAllFilters()
663  {
664  m_FilterList.clear();
665  invalidateCache();
666  }
667  };
668 
670  enum class CompositeLogicFilterOp
671  {
673  AND,
675  OR,
676  };
677 
678  namespace internal
679  {
680  // Could potentially be moved into CompositeLogicFilter as a private member function, with if constexpr when
681  // C++17 is the minimum supported standard.
682 
685  template <CompositeLogicFilterOp op> constexpr const char* getCompositeLogicOpDelimiter() = delete;
686  template <> constexpr const char* getCompositeLogicOpDelimiter<CompositeLogicFilterOp::AND>()
687  {
688  return " and ";
689  };
690  template <> constexpr const char* getCompositeLogicOpDelimiter<CompositeLogicFilterOp::OR>()
691  {
692  return " or ";
693  };
694  } // namespace internal
695 
700  template <CompositeLogicFilterOp op> class CompositeLogicFilter : public CompositeFilter
701  {
702  public:
703  using CompositeFilter::CompositeFilter;
704 
705  void parseToString(std::string& result) const override
706  {
707  result.clear();
708  for (auto it = m_FilterList.cbegin(); it != m_FilterList.cend(); ++it)
709  {
710  std::string innerFilter;
711  (*it)->parseToString(innerFilter);
712  result += '(' + innerFilter + ')';
713  if (m_FilterList.cend() - 1 != it)
714  {
715  result += internal::getCompositeLogicOpDelimiter<op>();
716  }
717  }
718  }
719  };
720 
728  using AndFilter = CompositeLogicFilter<CompositeLogicFilterOp::AND>;
729 
737  using OrFilter = CompositeLogicFilter<CompositeLogicFilterOp::OR>;
738 
743  class NotFilter : public GeneralFilter
744  {
745  private:
746  GeneralFilter* m_FilterToInverse;
747 
748  public:
751  explicit NotFilter(GeneralFilter* filterToInverse)
752  {
753  m_FilterToInverse = filterToInverse;
754  }
755 
756  void parseToString(std::string& result) const override;
757 
760  void setFilter(GeneralFilter* filterToInverse)
761  {
762  m_FilterToInverse = filterToInverse;
763  invalidateCache();
764  }
765  };
766 
776  class ProtoFilter : public GeneralFilter
777  {
778  private:
779  ProtocolTypeFamily m_ProtoFamily;
780 
781  public:
785  explicit ProtoFilter(ProtocolType proto) : m_ProtoFamily(proto)
786  {}
787 
791  explicit ProtoFilter(ProtocolTypeFamily protoFamily) : m_ProtoFamily(protoFamily)
792  {}
793 
794  void parseToString(std::string& result) const override;
795 
799  void setProto(ProtocolType proto)
800  {
801  m_ProtoFamily = proto;
802  invalidateCache();
803  }
804 
809  void setProto(ProtocolTypeFamily protoFamily)
810  {
811  m_ProtoFamily = protoFamily;
812  invalidateCache();
813  }
814  };
815 
821  class ArpFilter : public GeneralFilter
822  {
823  private:
824  ArpOpcode m_OpCode;
825 
826  public:
829  explicit ArpFilter(ArpOpcode opCode) : m_OpCode(opCode)
830  {}
831 
832  void parseToString(std::string& result) const override;
833 
836  void setOpCode(ArpOpcode opCode)
837  {
838  m_OpCode = opCode;
839  invalidateCache();
840  }
841  };
842 
848  class VlanFilter : public GeneralFilter
849  {
850  private:
851  uint16_t m_VlanID;
852 
853  public:
856  explicit VlanFilter(uint16_t vlanId) : m_VlanID(vlanId)
857  {}
858 
859  void parseToString(std::string& result) const override;
860 
863  void setVlanID(uint16_t vlanId)
864  {
865  m_VlanID = vlanId;
866  invalidateCache();
867  }
868  };
869 
874  class TcpFlagsFilter : public GeneralFilter
875  {
876  public:
878  enum TcpFlags
879  {
881  tcpFin = 1,
883  tcpSyn = 2,
885  tcpRst = 4,
887  tcpPush = 8,
889  tcpAck = 16,
891  tcpUrg = 32
892  };
893 
896  enum MatchOptions
897  {
899  MatchAll,
901  MatchOneAtLeast
902  };
903 
904  private:
905  uint8_t m_TcpFlagsBitMask;
906  MatchOptions m_MatchOption;
907 
908  public:
915  TcpFlagsFilter(uint8_t tcpFlagBitMask, MatchOptions matchOption)
916  : m_TcpFlagsBitMask(tcpFlagBitMask), m_MatchOption(matchOption)
917  {}
918 
924  void setTcpFlagsBitMask(uint8_t tcpFlagBitMask, MatchOptions matchOption)
925  {
926  m_TcpFlagsBitMask = tcpFlagBitMask;
927  m_MatchOption = matchOption;
928  invalidateCache();
929  }
930 
931  void parseToString(std::string& result) const override;
932  };
933 
938  class TcpWindowSizeFilter : public IFilterWithOperator
939  {
940  private:
941  uint16_t m_WindowSize;
942 
943  public:
948  TcpWindowSizeFilter(uint16_t windowSize, FilterOperator op) : IFilterWithOperator(op), m_WindowSize(windowSize)
949  {}
950 
951  void parseToString(std::string& result) const override;
952 
955  void setWindowSize(uint16_t windowSize)
956  {
957  m_WindowSize = windowSize;
958  invalidateCache();
959  }
960  };
961 
966  class UdpLengthFilter : public IFilterWithOperator
967  {
968  private:
969  uint16_t m_Length;
970 
971  public:
976  UdpLengthFilter(uint16_t length, FilterOperator op) : IFilterWithOperator(op), m_Length(length)
977  {}
978 
979  void parseToString(std::string& result) const override;
980 
983  void setLength(uint16_t length)
984  {
985  m_Length = length;
986  invalidateCache();
987  }
988  };
989 } // namespace pcpp
pcpp::internal::getCompositeLogicOpDelimiter
constexpr const char * getCompositeLogicOpDelimiter()=delete
pcpp::ArpFilter
Definition: PcapFilter.h:822
pcpp::ArpFilter::ArpFilter
ArpFilter(ArpOpcode opCode)
Definition: PcapFilter.h:829
pcpp::ArpFilter::setOpCode
void setOpCode(ArpOpcode opCode)
Definition: PcapFilter.h:836
pcpp::ArpFilter::parseToString
void parseToString(std::string &result) const override
pcpp::BPFStringFilter
Definition: PcapFilter.h:201
pcpp::BPFStringFilter::parseToString
void parseToString(std::string &result) const override
pcpp::BpfFilterWrapper
Definition: PcapFilter.h:80
pcpp::BpfFilterWrapper::matches
bool matches(const RawPacket &rawPacket) const
Match a packet with the filter stored in this object.
pcpp::BpfFilterWrapper::matchPacketWithFilter
bool matchPacketWithFilter(const RawPacket *rawPacket) const
pcpp::BpfFilterWrapper::BpfFilterWrapper
BpfFilterWrapper()=default
Creates a new instance with no filter.
pcpp::BpfFilterWrapper::setFilter
bool setFilter(const std::string &filter, LinkLayerType linkType=LINKTYPE_ETHERNET)
pcpp::CompositeFilter
Definition: PcapFilter.h:633
pcpp::CompositeFilter::CompositeFilter
CompositeFilter()=default
An empty constructor for this class. Use addFilter() to add filters to the composite filter.
pcpp::CompositeFilter::removeFilter
void removeFilter(GeneralFilter *filter)
pcpp::CompositeFilter::addFilter
void addFilter(GeneralFilter *filter)
Definition: PcapFilter.h:647
pcpp::CompositeFilter::CompositeFilter
CompositeFilter(const std::vector< GeneralFilter * > &filters)
pcpp::CompositeFilter::setFilters
void setFilters(const std::vector< GeneralFilter * > &filters)
pcpp::CompositeFilter::clearAllFilters
void clearAllFilters()
Remove all filters from the composite filter.
Definition: PcapFilter.h:662
pcpp::CompositeLogicFilter
Definition: PcapFilter.h:701
pcpp::CompositeLogicFilter::parseToString
void parseToString(std::string &result) const override
Definition: PcapFilter.h:705
pcpp::EtherTypeFilter
Definition: PcapFilter.h:606
pcpp::EtherTypeFilter::EtherTypeFilter
EtherTypeFilter(uint16_t etherType)
Definition: PcapFilter.h:613
pcpp::EtherTypeFilter::setEtherType
void setEtherType(uint16_t etherType)
Definition: PcapFilter.h:620
pcpp::EtherTypeFilter::parseToString
void parseToString(std::string &result) const override
pcpp::GeneralFilter
Definition: PcapFilter.h:158
pcpp::GeneralFilter::parseToString
virtual void parseToString(std::string &result) const =0
pcpp::GeneralFilter::~GeneralFilter
virtual ~GeneralFilter()=default
Virtual destructor, frees the bpf program.
pcpp::IFilterWithDirection
Definition: PcapFilter.h:228
pcpp::IFilterWithDirection::setDirection
void setDirection(Direction dir)
Definition: PcapFilter.h:246
pcpp::IFilterWithOperator
Definition: PcapFilter.h:259
pcpp::IFilterWithOperator::setOperator
void setOperator(FilterOperator op)
Definition: PcapFilter.h:277
pcpp::IPAddress
Definition: IpAddress.h:318
pcpp::IPAddress::isIPv4
bool isIPv4() const
Definition: IpAddress.h:373
pcpp::IPFilter
Definition: PcapFilter.h:289
pcpp::IPFilter::setMask
void setMask(const std::string &netmask)
Definition: PcapFilter.h:417
pcpp::IPFilter::clearMask
void clearMask()
Clears the subnet mask.
Definition: PcapFilter.h:424
pcpp::IPFilter::setAddr
void setAddr(const std::string &ipAddress)
Definition: PcapFilter.h:385
pcpp::IPFilter::setLen
void setLen(const int len)
Definition: PcapFilter.h:434
pcpp::IPFilter::IPFilter
IPFilter(const IPAddress &ipAddress, Direction dir, int len)
Definition: PcapFilter.h:359
pcpp::IPFilter::IPFilter
IPFilter(const std::string &ipAddress, Direction dir, const std::string &netmask)
Definition: PcapFilter.h:320
pcpp::IPFilter::IPFilter
IPFilter(const IPNetwork &network, Direction dir)
Definition: PcapFilter.h:367
pcpp::IPFilter::setNetwork
void setNetwork(const IPNetwork &network)
Definition: PcapFilter.h:375
pcpp::IPFilter::IPFilter
IPFilter(const std::string &ipAddress, Direction dir, int len)
Definition: PcapFilter.h:347
pcpp::IPFilter::clearLen
void clearLen()
Clears the subnet mask length.
Definition: PcapFilter.h:441
pcpp::IPFilter::IPFilter
IPFilter(const std::string &ipAddress, Direction dir)
Definition: PcapFilter.h:300
pcpp::IPFilter::IPFilter
IPFilter(const IPAddress &ipAddress, Direction dir)
Definition: PcapFilter.h:306
pcpp::IPFilter::IPFilter
IPFilter(const IPAddress &ipAddress, Direction dir, const std::string &netmask)
Definition: PcapFilter.h:333
pcpp::IPFilter::setAddr
void setAddr(const IPAddress &ipAddress)
Definition: PcapFilter.h:396
pcpp::IPFilter::parseToString
void parseToString(std::string &result) const override
pcpp::IPNetwork
Definition: IpAddress.h:651
pcpp::IPNetwork::getNetworkPrefix
IPAddress getNetworkPrefix() const
Definition: IpAddress.h:787
pcpp::IPNetwork::getPrefixLen
uint8_t getPrefixLen() const
Definition: IpAddress.h:773
pcpp::IPv4Address
Definition: IpAddress.h:30
pcpp::IPv4IDFilter
Definition: PcapFilter.h:454
pcpp::IPv4IDFilter::parseToString
void parseToString(std::string &result) const override
pcpp::IPv4IDFilter::IPv4IDFilter
IPv4IDFilter(uint16_t ipID, FilterOperator op)
Definition: PcapFilter.h:462
pcpp::IPv4IDFilter::setIpID
void setIpID(uint16_t ipID)
Definition: PcapFilter.h:469
pcpp::IPv4TotalLengthFilter
Definition: PcapFilter.h:482
pcpp::IPv4TotalLengthFilter::setTotalLength
void setTotalLength(uint16_t totalLength)
Definition: PcapFilter.h:498
pcpp::IPv4TotalLengthFilter::IPv4TotalLengthFilter
IPv4TotalLengthFilter(uint16_t totalLength, FilterOperator op)
Definition: PcapFilter.h:490
pcpp::IPv4TotalLengthFilter::parseToString
void parseToString(std::string &result) const override
pcpp::MacAddressFilter
Definition: PcapFilter.h:578
pcpp::MacAddressFilter::parseToString
void parseToString(std::string &result) const override
pcpp::MacAddressFilter::setMacAddress
void setMacAddress(MacAddress address)
Definition: PcapFilter.h:593
pcpp::MacAddressFilter::MacAddressFilter
MacAddressFilter(MacAddress address, Direction dir)
Definition: PcapFilter.h:586
pcpp::MacAddress
Definition: MacAddress.h:24
pcpp::NotFilter
Definition: PcapFilter.h:744
pcpp::NotFilter::parseToString
void parseToString(std::string &result) const override
pcpp::NotFilter::setFilter
void setFilter(GeneralFilter *filterToInverse)
Definition: PcapFilter.h:760
pcpp::NotFilter::NotFilter
NotFilter(GeneralFilter *filterToInverse)
Definition: PcapFilter.h:751
pcpp::PortFilter
Definition: PcapFilter.h:510
pcpp::PortFilter::PortFilter
PortFilter(uint16_t port, Direction dir)
pcpp::PortFilter::parseToString
void parseToString(std::string &result) const override
pcpp::PortFilter::setPort
void setPort(uint16_t port)
Definition: PcapFilter.h:525
pcpp::PortRangeFilter
Definition: PcapFilter.h:539
pcpp::PortRangeFilter::PortRangeFilter
PortRangeFilter(uint16_t fromPort, uint16_t toPort, Direction dir)
Definition: PcapFilter.h:549
pcpp::PortRangeFilter::parseToString
void parseToString(std::string &result) const override
pcpp::PortRangeFilter::setToPort
void setToPort(uint16_t toPort)
Definition: PcapFilter.h:565
pcpp::PortRangeFilter::setFromPort
void setFromPort(uint16_t fromPort)
Definition: PcapFilter.h:557
pcpp::ProtoFilter
Definition: PcapFilter.h:777
pcpp::ProtoFilter::setProto
void setProto(ProtocolType proto)
Definition: PcapFilter.h:799
pcpp::ProtoFilter::ProtoFilter
ProtoFilter(ProtocolTypeFamily protoFamily)
Definition: PcapFilter.h:791
pcpp::ProtoFilter::setProto
void setProto(ProtocolTypeFamily protoFamily)
Definition: PcapFilter.h:809
pcpp::ProtoFilter::ProtoFilter
ProtoFilter(ProtocolType proto)
Definition: PcapFilter.h:785
pcpp::ProtoFilter::parseToString
void parseToString(std::string &result) const override
pcpp::RawPacket
Definition: RawPacket.h:259
pcpp::TcpFlagsFilter
Definition: PcapFilter.h:875
pcpp::TcpFlagsFilter::TcpFlags
TcpFlags
An enum of all TCP flags that can be use in the filter.
Definition: PcapFilter.h:879
pcpp::TcpFlagsFilter::parseToString
void parseToString(std::string &result) const override
pcpp::TcpFlagsFilter::MatchOptions
MatchOptions
Definition: PcapFilter.h:897
pcpp::TcpFlagsFilter::MatchAll
@ MatchAll
Match only packets that contain all flags defined in the filter.
Definition: PcapFilter.h:899
pcpp::TcpFlagsFilter::setTcpFlagsBitMask
void setTcpFlagsBitMask(uint8_t tcpFlagBitMask, MatchOptions matchOption)
Definition: PcapFilter.h:924
pcpp::TcpFlagsFilter::TcpFlagsFilter
TcpFlagsFilter(uint8_t tcpFlagBitMask, MatchOptions matchOption)
Definition: PcapFilter.h:915
pcpp::TcpWindowSizeFilter
Definition: PcapFilter.h:939
pcpp::TcpWindowSizeFilter::setWindowSize
void setWindowSize(uint16_t windowSize)
Definition: PcapFilter.h:955
pcpp::TcpWindowSizeFilter::parseToString
void parseToString(std::string &result) const override
pcpp::TcpWindowSizeFilter::TcpWindowSizeFilter
TcpWindowSizeFilter(uint16_t windowSize, FilterOperator op)
Definition: PcapFilter.h:948
pcpp::UdpLengthFilter
Definition: PcapFilter.h:967
pcpp::UdpLengthFilter::setLength
void setLength(uint16_t length)
Definition: PcapFilter.h:983
pcpp::UdpLengthFilter::parseToString
void parseToString(std::string &result) const override
pcpp::UdpLengthFilter::UdpLengthFilter
UdpLengthFilter(uint16_t length, FilterOperator op)
Definition: PcapFilter.h:976
pcpp::VlanFilter
Definition: PcapFilter.h:849
pcpp::VlanFilter::VlanFilter
VlanFilter(uint16_t vlanId)
Definition: PcapFilter.h:856
pcpp::VlanFilter::setVlanID
void setVlanID(uint16_t vlanId)
Definition: PcapFilter.h:863
pcpp::VlanFilter::parseToString
void parseToString(std::string &result) const override
pcpp::ProtocolType
uint8_t ProtocolType
Definition: ProtocolType.h:35
pcpp::ProtocolTypeFamily
uint32_t ProtocolTypeFamily
Definition: ProtocolType.h:39
pcpp
The main namespace for the PcapPlusPlus lib.
Definition: AssertionUtils.h:19
pcpp::ArpOpcode
ArpOpcode
An enum for ARP message type.
Definition: ArpLayer.h:45
pcpp::FilterOperator
FilterOperator
Supported operators enum.
Definition: PcapFilter.h:52
pcpp::GREATER_THAN
@ GREATER_THAN
Greater than.
Definition: PcapFilter.h:58
pcpp::EQUALS
@ EQUALS
Equals.
Definition: PcapFilter.h:54
pcpp::GREATER_OR_EQUAL
@ GREATER_OR_EQUAL
Greater or equal.
Definition: PcapFilter.h:60
pcpp::LESS_THAN
@ LESS_THAN
Less than.
Definition: PcapFilter.h:62
pcpp::NOT_EQUALS
@ NOT_EQUALS
Not equals.
Definition: PcapFilter.h:56
pcpp::LESS_OR_EQUAL
@ LESS_OR_EQUAL
Less or equal.
Definition: PcapFilter.h:64
pcpp::Direction
Direction
An enum that contains direction (source or destination)
Definition: PcapFilter.h:41
pcpp::SRC_OR_DST
@ SRC_OR_DST
Source or destination.
Definition: PcapFilter.h:47
pcpp::DST
@ DST
Destination.
Definition: PcapFilter.h:45
pcpp::SRC
@ SRC
Source.
Definition: PcapFilter.h:43
pcpp::CompositeLogicFilterOp
CompositeLogicFilterOp
Supported composite logic filter operators enum.
Definition: PcapFilter.h:671
pcpp::CompositeLogicFilterOp::OR
@ OR
Logical OR operation.
pcpp::CompositeLogicFilterOp::AND
@ AND
Logical AND operation.
pcpp::LinkLayerType
LinkLayerType
An enum describing all known link layer type. Taken from: http://www.tcpdump.org/linktypes....
Definition: RawPacket.h:20
pcpp::LINKTYPE_ETHERNET
@ LINKTYPE_ETHERNET
IEEE 802.3 Ethernet.
Definition: RawPacket.h:24
pcpp::internal::BpfProgramDeleter
Definition: PcapFilter.h:72