Module filter 

Structured packet filter.

Filters are evaluated per-packet. Rules within the same category are OR-ed; rules of different categories are AND-ed. An empty Filter (the default) matches every packet.

Evaluation order

1. Time range (cheapest — no parsing required)
2. Packet length
3. Protocol, IP, port, flow ID, TCP flags (requires etherparse)

Structs

Filter

Compiled structured packet filter.

FilterRule

A single rule in a Filter rule chain.

PacketMeta

Packet metadata extracted for filter evaluation.

PortRange

A single port or an inclusive port range.

TcpFlagsFilter

TCP control-flags filter.

Enums

FilterError

Error type for filter construction.

IpNet

An IP network in CIDR notation, or a single host address (/32 or /128).

Op

Logical operator used when chaining FilterRules in a Filter.

Functions

parse_datetime_ns

Parse an RFC 3339 datetime string or a Unix epoch integer (in seconds) to nanoseconds since the Unix epoch.

parse_flow_ids

Parse a comma-separated list of hex flow IDs.

parse_proto_list

Parse a comma-separated protocol list into IP protocol numbers.