#include <PcapFilter.h>

Public Member Functions
	BpfFilterWrapper ()

	BpfFilterWrapper (const BpfFilterWrapper &other)

BpfFilterWrapper &	operator= (const BpfFilterWrapper &other)

bool	setFilter (const std::string &filter, LinkLayerType linkType=LINKTYPE_ETHERNET)

bool	matchPacketWithFilter (const RawPacket *rawPacket)

bool	matchPacketWithFilter (const uint8_t *packetData, uint32_t packetDataLength, timespec packetTimestamp, uint16_t linkType)

Detailed Description

A wrapper class for BPF filtering. Enables setting a BPF filter and matching it against a packet

Constructor & Destructor Documentation

◆ BpfFilterWrapper() [1/2]

pcpp::BpfFilterWrapper::BpfFilterWrapper ( )

A c'tor for this class

◆ BpfFilterWrapper() [2/2]

pcpp::BpfFilterWrapper::BpfFilterWrapper ( const BpfFilterWrapper & other )

A copy constructor for this class.

Parameters

[in] other The instance to copy from

Member Function Documentation

◆ matchPacketWithFilter() [1/2]

bool pcpp::BpfFilterWrapper::matchPacketWithFilter ( const RawPacket * rawPacket )

Match a packet with the filter stored in this object. If the filter is empty the method returns "true". If the link type of the raw packet is different than the one set in setFilter(), the filter will be re-compiled and stored in the object.

Parameters

[in] rawPacket A pointer to a raw packet which the filter will be matched against

Returns: True if the filter matches (or if it's empty). False if the packet doesn't match or if the filter could not be compiled

◆ matchPacketWithFilter() [2/2]

bool pcpp::BpfFilterWrapper::matchPacketWithFilter	(	const uint8_t *	packetData,
		uint32_t	packetDataLength,
		timespec	packetTimestamp,
		uint16_t	linkType
	)

Match a packet data with the filter stored in this object. If the filter is empty the method returns "true". If the link type provided is different than the one set in setFilter(), the filter will be re-compiled and stored in the object.

Parameters

[in]	packetData	A byte stream containing the packet data
[in]	packetDataLength	The length in [bytes] of the byte stream
[in]	packetTimestamp	The packet timestamp
[in]	linkType	The packet link type

Returns: True if the filter matches (or if it's empty). False if the packet doesn't match or if the filter could not be compiled

◆ operator=()

BpfFilterWrapper& pcpp::BpfFilterWrapper::operator= ( const BpfFilterWrapper & other )

A copy assignment operator for this class.

Parameters

[in] other An instance of IPNetwork to assign

Returns: A reference to the assignee

◆ setFilter()

bool pcpp::BpfFilterWrapper::setFilter	(	const std::string &	filter,
		LinkLayerType	linkType = `LINKTYPE_ETHERNET`
	)

Set a filter. This method receives a filter in BPF syntax (https://biot.com/capstats/bpf.html) and an optional link type, compiles them, and if compilation is successful it stores the filter.

Parameters

[in]	filter	A filter in BPF syntax
[in]	linkType	An optional parameter to set the filter's link type. The default is LINKTYPE_ETHERNET

Returns: True if compilation is successful and filter is stored in side this object, false otherwise

Public Member Functions

Detailed Description

Constructor & Destructor Documentation

◆ BpfFilterWrapper() [1/2]

◆ BpfFilterWrapper() [2/2]

Member Function Documentation

◆ matchPacketWithFilter() [1/2]

◆ matchPacketWithFilter() [2/2]

◆ operator=()

◆ setFilter()