[Oisf-devel] Finding TCP window size

Eric Leblond eric at regit.org
Fri Jul 1 13:42:19 UTC 2016


On ven., 2016-07-01 at 18:46 +0530, Sherine Davis (Security
Engineering) wrote:
> I would like to know where the additional code edit has to be made to
> find windowsizes of packets ? Should it be done in decode-tcp.h ?

It may be not necessary to dive into C code for that. You could have a
look at lua output to extract this kind of information. See https://red

Also please try to rate limit the pace of your questions.

PS: Suricata developer training is the best place possible to improve
your knowledge and coding capabilities on suricata (http://suricata-ids


Eric Leblond <eric at regit.org>
Blog: https://home.regit.org/

More information about the Oisf-devel mailing list