Project

General

Profile

Actions

Task #4431

open

Task #4429: libsuricata: Use cases with examples

libsuricata: Example showing libsuricata as a replacement for libnids (network grep)

Added by Jason Ish over 3 years ago. Updated almost 2 years ago.

Status:
In Review
Priority:
Low
Target version:
Effort:
Difficulty:
Label:

Description

Create an application using libsuricata to show how libsuricata can be used like libnids. One example is a variation on ngrep.

Additionally, use libpcap as the packet source to show how libsuricata could be used when the packets come from a source outside of Suricata.


Related issues 1 (1 open0 closed)

Related to Suricata - Bug #5076: keyword content does not work over reassembled TCPNewVictor JulienActions
Actions #1

Updated by Victor Julien over 3 years ago

  • Status changed from New to Assigned
  • Assignee changed from Victor Julien to Philippe Antoine
  • Target version set to 7.0.0-beta1
Actions #2

Updated by Philippe Antoine over 3 years ago

  • Status changed from Assigned to In Review
Actions #3

Updated by Philippe Antoine about 2 years ago

  • Target version changed from 7.0.0-beta1 to TBD
Actions #4

Updated by Philippe Antoine almost 2 years ago

  • Related to Bug #5076: keyword content does not work over reassembled TCP added
Actions #5

Updated by Philippe Antoine almost 2 years ago

  • Priority changed from Normal to Low

@Jason Ish do you expect something from me here ?

I think the TCP reassembly engine should APIfied (and this may be relevant for #5076 to use hyperscan in streaming mode)

Actions

Also available in: Atom PDF