Skip to content

A crate to parse and match a subset of the wireshark filter display language

License

Apache-2.0, MIT licenses found

Licenses found

Apache-2.0
LICENSE-APACHE
MIT
LICENSE-MIT
Notifications You must be signed in to change notification settings

dovreshef/min_shark

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

GitHub Workflow Status (with event) docs.rs Crates.io Codecov Crates.io

This is a parser and execution engine for minimal Wireshark®-like filters.

See here for supported syntax.

Usage example:

    let filter = "ip.addr in {192.168.1.0/24, 10.1.1.0/24} and payload ~ '(?i)CaSeInSeNsItIvE'";
    let expression = min_shark::parse(filter);

    // .. later
    let is_match = expression
        .matcher()
        .tcp(true)
        .src_ip("1.1.1.1/24".parse().unwrap())
        .payload(b"CaseInsensitive")
        .is_match();

    assert_eq!(is_match, true);

About

A crate to parse and match a subset of the wireshark filter display language

Resources

License

Apache-2.0, MIT licenses found

Licenses found

Apache-2.0
LICENSE-APACHE
MIT
LICENSE-MIT

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages