cloudflare / Wirefilter
Licence: mit
An execution engine for Wireshark-like filters
Stars: ✭ 677
Programming Languages
rust
11053 projects
Projects that are alternatives of or similar to Wirefilter
Esp wifi repeater
A full functional WiFi Repeater (correctly: a WiFi NAT Router)
Stars: ✭ 3,818 (+463.96%)
Mutual labels: wireshark, firewall
Windowsspyblocker
WindowsSpyBlocker 🛡️ is an application written in Go and delivered as
a single executable to block spying and
tracking on Windows systems.
Stars: ✭ 2,913 (+330.28%)
Mutual labels: wireshark, firewall
Ipban
IPBan Monitors failed logins and bad behavior and bans ip addresses on Windows and Linux. Highly configurable, lean and powerful. Learn more at -->
Stars: ✭ 652 (-3.69%)
Mutual labels: firewall
Passwordless
🗝 Authentication for your Rails app without the icky-ness of passwords
Stars: ✭ 638 (-5.76%)
Mutual labels: engine
Janino
Janino is a super-small, super-fast Java™ compiler.
Stars: ✭ 627 (-7.39%)
Mutual labels: compiler
Clio
Clio is a functional, parallel, distributed programming language.
Stars: ✭ 555 (-18.02%)
Mutual labels: compiler
Cortex
Cortex: a Powerful Observable Analysis and Active Response Engine
Stars: ✭ 676 (-0.15%)
Mutual labels: engine
Gainput
Cross-platform C++ input library supporting gamepads, keyboard, mouse, touch
Stars: ✭ 636 (-6.06%)
Mutual labels: engine
Cyclone
🌀 A brand-new compiler that allows practical application development using R7RS Scheme. We provide modern features and a stable system capable of generating fast native binaries.
Stars: ✭ 634 (-6.35%)
Mutual labels: compiler
Flex Layout
Provides HTML UI layout for Angular applications; using Flexbox and a Responsive API
Stars: ✭ 5,705 (+742.69%)
Mutual labels: engine
Minic Hosting
A simple stack-based virtual machine that runs C in the browser.
Stars: ✭ 628 (-7.24%)
Mutual labels: compiler
Amacc
Small C Compiler generating ELF executable Arm architecture, supporting JIT execution
Stars: ✭ 661 (-2.36%)
Mutual labels: compiler
Fastexpressioncompiler
Fast ExpressionTree compiler to delegate
Stars: ✭ 631 (-6.79%)
Mutual labels: compiler
Llvmswift
A Swift wrapper for the LLVM C API (version 9.0.1)
Stars: ✭ 641 (-5.32%)
Mutual labels: compiler
Rustc codegen cranelift
Cranelift based backend for rustc
Stars: ✭ 675 (-0.3%)
Mutual labels: compiler
Wirefilter
This is an execution engine for Wireshark®-like filters.
It contains public APIs for parsing filter syntax, compiling them into an executable IR and, finally, executing filters against provided values.
Example
use wirefilter::{ExecutionContext, Scheme, Type};
fn main() -> Result<(), failure::Error> {
// Create a map of possible filter fields.
let scheme = Scheme! {
http.method: Bytes,
http.ua: Bytes,
port: Int,
};
// Parse a Wireshark-like expression into an AST.
let ast = scheme.parse(r#"
http.method != "POST" &&
not http.ua matches "(googlebot|facebook)" &&
port in {80 443}
"#)?;
println!("Parsed filter representation: {:?}", ast);
// Compile the AST into an executable filter.
let filter = ast.compile();
// Set runtime field values to test the filter against.
let mut ctx = ExecutionContext::new(&scheme);
ctx.set_field_value("http.method", "GET")?;
ctx.set_field_value(
"http.ua",
"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0",
)?;
ctx.set_field_value("port", 443)?;
// Execute the filter with given runtime values.
println!("Filter matches: {:?}", filter.execute(&ctx)?); // true
// Amend one of the runtime values and execute the filter again.
ctx.set_field_value("port", 8080)?;
println!("Filter matches: {:?}", filter.execute(&ctx)?); // false
Ok(())
}
Licensing
Licensed under the MIT license. See the LICENSE file for details.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].