oryx Add tcpdump like filters

https://www.tcpdump.org/manpages/pcap-filter.7.html

Dec 15 '24 12:12 pythops

I'm also interested in this, would be very useful.

Sep 22 '25 14:09 GyulyVGC

I could try and give this an implementation attempt, do you have any guidance to get me started? @pythops

On another note, could you kindly briefly explain how the current rules are supposed to work from a practical and technical point of view?

Sep 22 '25 14:09 GyulyVGC

I could try and give this an implementation attempt, do you have any guidance to get me started?

I have a draft in a local branch, let me clean it up then I will push it, expect that by the end of the week :)

On another note, could you kindly briefly explain how the current rules are supposed to work from a practical and technical point of view?

From the practical pov: with a specific keybinding, maybe :, a banner would show up similar to how fuzzy search is shown, then the user enter the filter as in tcpdump, example, tcp or udp, press enter then only the packets that match that filter should be displayed.

From the technical pov: it is similar to how fuzzy search is implented, a thread is running and filter packets each x ms

Sep 22 '25 17:09 pythops

No my question was about the current firewall rules.

I see they are only using ports and IPs...

And by the way, I mean the rules that denies packets to be received by the network interface (acting like a firewall), non the rules that are applied only to the view

Sep 22 '25 19:09 GyulyVGC

No my question was about the current firewall rules.

ah okay, the tcpdump like are not meant for the firewall functionality. They are just a way to filter what you see, similar to tcpdump

I see they are only using ports and IPs...

yes which is good enough for a basic firewall imo.

Sep 23 '25 06:09 pythops