Berkeley Packet Filters – The Basics

Contributed by Jeff Stebelton.

What are Berkeley Packet Filters? BPF’s are a raw (protocol independent) socket interface to the data link layer that allows filtering of packets in a very granular fashion1. BPF were first introduced in 1990 by Steven McCanne of Lawrence Berkeley Laboratory, according the FreeBSD man page on bpf2.

This document is in PDF format. To view it click here.

Rate this article: 
Average: 2.7 (3 votes)