min_shark
| Crates.io | min_shark |
| lib.rs | min_shark |
| version | 0.6.0 |
| created_at | 2023-09-01 21:16:26.316498+00 |
| updated_at | 2024-12-09 12:21:19.566284+00 |
| description | A crate to parse and match a subset of the wireshark filter display language |
| homepage | |
| repository | https://github.com/dovreshef/min_shark |
| max_upload_size | |
| id | 961186 |
| size | 163,992 |
Dov Reshef (dovreshef)
documentation
https://docs.rs/min_shark
README
This is a parser and execution engine for minimal Wireshark®-like filters.
See here for supported syntax.
Usage example:
let filter = "ip.addr in {192.168.1.0/24, 10.1.1.0/24} and payload ~ '(?i)CaSeInSeNsItIvE'";
let expression = min_shark::parse(filter);
// .. later
let is_match = expression
.matcher()
.tcp(true)
.src_ip("1.1.1.1/24".parse().unwrap())
.payload(b"CaseInsensitive")
.is_match();
assert_eq!(is_match, true);