Skip to content

sfc9982/wireshark-bpf-capfilter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
README.md
README.md
 
 
wireshark_capfilter.cpp
wireshark_capfilter.cpp
 
 

Repository files navigation

wireshark-bpf-capfilter

Generate a BPF-style Wireshark Capture Filter

String-Matching Capture Filter Generator
Usage:
	--str    / -s <string you want to match>
	--offset / -o <offset from the start of the TCP data>

./wireshark_capfilter --str "POST" --offset 0

Output:
tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x504f5354

About

Generate a BPF-style Wireshark Capture Filter

Topics

wireshark bpfilter

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Languages