Skip to content

bpf_filter.py

Configuration objects built around Dynamite's optional BPF filtering script.

To import...

from dynamite_nsm.services.base.config_objects.zeek import bpf_filter as zeek_config_bpf_filter

BpfFilter

__init__(self, interface_name, pattern) special

Represents a BPF filter applied to a single network interface.

Parameters:

Name Type Description Default
interface_name str

The name of the network interface (E.G eth0, en0, mon0)

required
pattern str

A valid BPF filter (E.G udp dst port not 53)

required
Source code in dynamite_nsm/services/base/config_objects/zeek/bpf_filter.py
def __init__(self, interface_name: str, pattern: str):
    """
    Represents a BPF filter applied to a single network interface.
    Args:
        interface_name: The name of the network interface (E.G eth0, en0, mon0)
        pattern: A valid BPF filter (E.G udp dst port not 53)
    """
    self.interface = interface_name
    self.pattern = pattern

get_raw(self)

Get the representation of the value as it would appear the config.

Returns:

Type Description
str

A line containing both the network interface and pattern associated with it.

Source code in dynamite_nsm/services/base/config_objects/zeek/bpf_filter.py
def get_raw(self) -> str:
    """Get the representation of the value as it would appear the config.

    Returns:
        A line containing both the network interface and pattern associated with it.
    """
    return f'{self.interface}\t{self.pattern}'

BpfFilters

__init__(self, bpf_filters=None) special

A collection of BpfFilters

Parameters:

Name Type Description Default
bpf_filters Optional[List[dynamite_nsm.services.base.config_objects.zeek.bpf_filter.BpfFilter]]

A collection of BpfFilter objects

None
Source code in dynamite_nsm/services/base/config_objects/zeek/bpf_filter.py
def __init__(self, bpf_filters: Optional[List[BpfFilter]] = None):
    """A collection of BpfFilters
    Args:
        bpf_filters: A collection of BpfFilter objects
    """
    super().__init__('interface', bpf_filters)
    self.bpf_filters = self.items
    self._idx = 0