[Oisf-devel] TCP Reassembly
Anoop Saldanha
anoopsaldanha at gmail.com
Thu Jul 2 17:49:10 UTC 2015
On Sun, Jun 21, 2015 at 4:16 AM, Teryl Taylor <teryl.taylor at gmail.com> wrote:
> Hi everyone,
>
> I'm looking for a stable and fairly reliable TCP reassembler. I've been
> playing around with libnids, libtins, and libntoh and all work well, but
> they don't seem to work on some of the pcaps I'm testing on, whereas
> wireshark does. I was curious if suricata's tcp reassembly is modular
> enough to use on it's own and, if so, is there any example code or test
> code, that would be good to look at to get a feel for how I could integrate
> it? Would the reassembly engine be a good option? Or does anyone have an
> alternative suggestion?
>
What's the purpose? Want to use/convert it for termination, or it's
just for non-termination re-assembly?
--
-------------------------------
Anoop Saldanha
http://www.poona.me
-------------------------------
More information about the Oisf-devel
mailing list