<div dir="ltr">Thanks for the reply but your links only tell the keywords that are being used <br>i actually want to know the exact code files that come in action while scanning payload<br></div><div class="gmail_extra"><br>
<br><div class="gmail_quote">On Fri, Apr 19, 2013 at 2:18 PM, Victor Julien <span dir="ltr"><<a href="mailto:victor@inliniac.net" target="_blank">victor@inliniac.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="HOEnZb"><div class="h5">On 04/19/2013 10:43 AM, Robert Clove wrote:<br>
> I am all new to Suricata.<br>
> First i would say a very nice project i have listened abut it from many<br>
> people.<br>
> I am keen interested in deep packet inspection of the packet,not in<br>
> headers part,so can here please tell me what files in the source code<br>
> belongs to deep packet analysis and what suricata covers in deep packet<br>
> analysis part.<br>
> As there is not much documentation available.<br>
<br>
</div></div>Please have a look at:<br>
<br>
<a href="https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricata_User_Guide" target="_blank">https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricata_User_Guide</a><br>
<br>
More specifically at:<br>
<br>
<a href="https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Payload_keywords" target="_blank">https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Payload_keywords</a><br>
<a href="https://redmine.openinfosecfoundation.org/projects/suricata/wiki/HTTP-keywords" target="_blank">https://redmine.openinfosecfoundation.org/projects/suricata/wiki/HTTP-keywords</a><br>
<a href="https://redmine.openinfosecfoundation.org/projects/suricata/wiki/File-keywords" target="_blank">https://redmine.openinfosecfoundation.org/projects/suricata/wiki/File-keywords</a><br>
<a href="https://redmine.openinfosecfoundation.org/projects/suricata/wiki/TLS-keywords" target="_blank">https://redmine.openinfosecfoundation.org/projects/suricata/wiki/TLS-keywords</a><br>
<br>
These all deal with inspection of payloads and streams.<br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
---------------------------------------------<br>
Victor Julien<br>
<a href="http://www.inliniac.net/" target="_blank">http://www.inliniac.net/</a><br>
PGP: <a href="http://www.inliniac.net/victorjulien.asc" target="_blank">http://www.inliniac.net/victorjulien.asc</a><br>
---------------------------------------------<br>
<br>
_______________________________________________<br>
Suricata IDS Devel mailing list: <a href="mailto:oisf-devel@openinfosecfoundation.org">oisf-devel@openinfosecfoundation.org</a><br>
Site: <a href="http://suricata-ids.org" target="_blank">http://suricata-ids.org</a> | Participate: <a href="http://suricata-ids.org/participate/" target="_blank">http://suricata-ids.org/participate/</a><br>
List: <a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel" target="_blank">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel</a><br>
Redmine: <a href="https://redmine.openinfosecfoundation.org/" target="_blank">https://redmine.openinfosecfoundation.org/</a><br>
</font></span></blockquote></div><br></div>