Jerry,<br><br>We will keep this in mind, although I think stuff like this may belong in post-analysis.  That being said does anybody have an interest in flow/full traffic capture as an option?<br><br>Regards,<br><br>Will<br>
<br><div class="gmail_quote">On Wed, Jan 20, 2010 at 4:22 PM, Jerry <span dir="ltr"><<a href="mailto:jerry@cybercave.cz" target="_blank">jerry@cybercave.cz</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">


Hi development team/list,<br>
I have a question regarding features development. Are you planning to<br>
include extraction files from packet stream into Suricata?<br>
<br>
It would be nice to have something that covers this issue:<br>
<a href="http://isc.sans.org/diary.html?storyid=6961" target="_blank">http://isc.sans.org/diary.html?storyid=6961</a><br>
<br>
Thank you very much in advance<br>
<br>
Jerry<br>
<font color="#888888"><br>
--<br>
Defending network against intrusion is like trying to keep a squid inside a mesh bag. Question is, who will give up first :)<br>
<br>
_______________________________________________<br>
Oisf-devel mailing list<br>
<a href="mailto:Oisf-devel@openinfosecfoundation.org" target="_blank">Oisf-devel@openinfosecfoundation.org</a><br>
<a href="http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel" target="_blank">http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel</a><br>
</font></blockquote></div><br>