bpf.ps - man 4 bpf, from BSD box as postscript file.  
bpf_filter.c - pcap/kernel module, guts of runtime bpf filter
derek.txt - Derek Rustvold did this:... runs of tcpdump with various expressions,
		shows disassembly of bpf expression
mon.lite - ourmon front-end output
ourmon.conf - ourmon sniffer config file
monconfig.c - ourmon sniffer - compilation of bpf expression from ourmon.conf file
filter.c - ourmon sniffer filter code, shows call to bpf_filter 
resources.txt - where to find more info on bpf, packet generation

Note also:

Van Jacobson Steve McCanne paper at:
http://citeseer.ist.psu.edu/mccanne92bsd.html

The BSD Packet Filter: A New Architecture for User-level Packet
	Capture.  USENIX Winter, 1992.

Provides deep background on the BSD BPF mechanism, which is available
in UNIX in general, BSD in particular, also Linux.

					j.