[Oisf-devel] Going to Open Source and plugins

Sartakov A. Vasily sartakov at ksyslabs.org
Wed Sep 17 10:27:21 UTC 2014


My name is Vasily Sartakov, I am present «ksys labs» company and we are working on development IDS on top of Suricata and own QorIQ-based platform. 

We have implemented USDPAA support in Suricata, and, compare to AF_PACKET, our platform provides more then 20% performance. We going to share our sources in Open Source, and my question - are you interested in public sources for this specific hardware platform? i.e. we can push our sources in mainline, or we have to support it self in separated project. 

The second question is about plugins support. There is functionality in snort that are need for us. We have to control association of MAC and IP provided by rules. As far I understand, that functionality provided via plugin in Snort. Can you advise right approach for obtaining the same functional in Suricata? What is the best place in sources to «hook», or, maybe, there are plugin engine already under construction? 

Thank you. 

Sartakov A. Vasily
sartakov at ksyslabs.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20140917/3aa5c615/attachment.pgp>

More information about the Oisf-devel mailing list