Caper has reached v0.9. It is a tool for understanding and processing “pcap expressions” (also known as tcpdump filters) which are used for network packet analysis. It is entirely written in OCaml and includes pcap analysis logic, a from-scratch BPF compiler, and conversion to/from English expressions.
You can use Caper online through the BPF Exam site.
Caper’s README contains motivation, building, and usage examples, and its CHANGELOG describes recent updates.
A huge thanks goes to Caper’s contributers. Further contributions and feedback are welcome – a list of contribution ideas is included on Caper’s web page.