Master the fundamental concepts of raw sockets through this focused micro-challenge.
A packet filter accepts or drops traffic based on rules. For example, "allow TCP to port 80" or "drop ICMP type 8". Firewalls, IDS systems, and tcpdump all use this matching logic. The Berkeley Packet Filter (BPF) runs compiled filter programs in the kernel; this task builds a simplified user-space version.
6), UDP (17), ICMP (1)192.168.1.0/24443 for HTTPSA first-match policy processes rules in order with an implicit deny-all at the end.
cLoading…
Parse the IP protocol field, then drill into TCP or UDP headers for port numbers. For ICMP, check type and code instead of ports.
This task requires you to implement filter_packet() with protocol and port matching. The BPF you approximate here evolved into Linux eBPF, now powering Kubernetes networking and DDoS mitigation at scale. tcpdump still compiles expressions like tcp port 80 into this same match-and-drop logic before copying packets to user space.
Implement a C program with a filter_packet() function.
Requirements:
Success Criteria:
Three hints are available for this task, revealed one at a time inside the code workspace so you can struggle productively before seeing them.
All starter code and reference implementations are available for your local setup.
View on Github