We propose in this paper a framework for defining and applying security policies on network traffic. The objective is to provide a language that is simple, powerful and expressive, and allows to quickly implement filtering policies while simplifying the user tasks related to data mining, reassembly flow or well to memory management.