To filter a protocol encapsulated into Ethernet you should analyse EthType field from Ethernet header by BPF.

ARP packets filter example:

BpfAddCmd(hFtr,BPF_LD+BPF_H+BPF_ABS, 12);                    // Get EthType field value
BpfAddJmp(hFtr,BPF_JMP+BPF_JEQ+BPF_K, ETHERTYPE_ARP, 0, 1);  // EthType == ETHERTYPE_ARP
BpfAddCmd(hFtr,BPF_RET+BPF_K, (UINT)-1);                     // TRUE  (Accept)
BpfAddCmd(hFtr,BPF_RET+BPF_K, 0);                            // FALSE (Reject)

#define ETHERTYPE_ARP   0x806  
     ld   P[12:2]                 // A = WORD offset 12 (protocol in the Ethernet header)
     jeq  ETHERTYPE_ARP, 0, Exit  // If A <> 0x806 (ARP), exit
     ret  -1                      // It is an ARP packet, exit and return TRUE
Exit:
     ret  0                       // It is not an ARP packet, exit and return FALSE

REVARP packets filter example:

BpfAddCmd(hFtr,BPF_LD+BPF_H+BPF_ABS, 12);                      // Get EthType field value
BpfAddJmp(hFtr,BPF_JMP+BPF_JEQ+BPF_K, ETHERTYPE_REVARP, 0, 1); // EthType == ETHERTYPE_REVARP
BpfAddCmd(hFtr,BPF_RET+BPF_K, (UINT)-1);                       // TRUE  (Accept)
BpfAddCmd(hFtr,BPF_RET+BPF_K, 0);                              // FALSE (Reject)

#define ETHERTYPE_REVARP  0x8035  
     ld   P[12:2]                   // A = WORD offset 12 (protocol in the Ethernet header)
     jeq  ETHERTYPE_REVARP, 0, Exit // If A <> 0x8035 (REARP), exit
     ret  -1                        // It is an REARP packet, exit and return TRUE
Exit:
     ret  0                         // It is not an REARP packet, exit and return FALSE

Ethernet header structure:

EthDHost

Destination address (6 bytes).

EthSHost

Source address (6 bytes).

EthType

Encapsulated packet type (2 bytes).

EthType values examples: