[Oisf-devel] TCP Reassembly
Edward Fjellskål
edwardfjellskaal at gmail.com
Fri Jul 3 09:39:28 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I was also hoping there would be something like this out there,
like a updated version of libnids, but that also has IPv6.
Ive for long dreamt of coding this my self, but failed my tries so
far, and I dont have the time to spend on it.
Maybe one could crowdsource someone to update libnids etc? or start over?
E
On 07/02/2015 07:49 PM, Anoop Saldanha wrote:
> On Sun, Jun 21, 2015 at 4:16 AM, Teryl Taylor
> <teryl.taylor at gmail.com> wrote:
>> Hi everyone,
>>
>> I'm looking for a stable and fairly reliable TCP reassembler.
>> I've been playing around with libnids, libtins, and libntoh and
>> all work well, but they don't seem to work on some of the pcaps
>> I'm testing on, whereas wireshark does. I was curious if
>> suricata's tcp reassembly is modular enough to use on it's own
>> and, if so, is there any example code or test code, that would
>> be good to look at to get a feel for how I could integrate it?
>> Would the reassembly engine be a good option? Or does anyone have
>> an alternative suggestion?
>>
>
> What's the purpose? Want to use/convert it for termination, or
> it's just for non-termination re-assembly?
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJVllhLAAoJEAf3kNGaI009eZ0H/ietKW9QDZZW8sSLIHaarc5K
0JAjpS/P7JnWI1BgEQp64lqI3Oop6MoxGs8p5TTzlh9IXei1OrWaCI3PBYjBLA1e
fz6q53DIR40k3dWFuRpaTvnjPkfAezA2Tv1FO150ZZP4G9/ZFkQVldGg9Oo290Au
IE15OjZ3VlY265mWSOE1726hkrbhCHET34Qfr+9oz/OjOU0+n+xb284PJ8YFTRHF
REUg1EoZu3JYEZ0p101/qVk6lqlCpvDelMeZ+sOPB8XCfu4CMaMY/kcHOF7WWX6k
08vMMXoWIIrkjBZPlBDEnN6kSMLgS4awNSb71azhPYF1OkD6BswTb9x/hM7fP0A=
=lLle
-----END PGP SIGNATURE-----
More information about the Oisf-devel
mailing list