Suricata

Hi,
I think that it would be beneficial if Suricata can have the ip frag time out values as an option in the yaml. Through my analysis it (frag timeout) seems to be different for the different OSs . It does not matter if the system is 32 or 64 bit, but it does matter if it handles IPv4 or IPv6 addresses –ex:
(most of those values you can find under /proc/sys/net/ipv4/ipfrag_time on most of the systems – the amount of time a fragment will be kept in memory, after that it will be discarded.)
All values in seconds

IPv4:
Suse - 20
CentOS- 30
Ubuntu- 30
Debian - 30
Solaris – there seems to be a frag packet limit, not time based – 800 fragments max
FreeBSD – there seems to be a frag packet limit, not time based – 800 fragments max
NetBSD – is different, it seems to have maxqueue limits instead of time
Fedora -30
Windows (all) – hardcoded, can not be changed – 60

IPv6:
Suse - 60
CentOS - 60
Ubuntu - 60
Debian - 60
Solaris there seems to be a frag packet limit, not time based – 6400 fragments max
FreeBSD - there seems to be a frag packet limit, not time based – 6400 fragments max
NetBSD – for IPv6 it has max 200 fragments limit.
Fedora - 60
Windows (all) – hardcoded, can not be changed – 60

may be an option in yaml?
There are other ip fragmentation values that differ for the different OSs as well.