[Oisf-users] HTTP traffic
Victor Julien
victor at inliniac.net
Tue Jul 27 09:57:22 UTC 2010
Not exactly similar. In our current git master and our upcoming 1.0.1
release there will be a setting to control the depth of stream
reassembly. This will control how far into a stream Suricata
reassembles, and how much of a stream is fed to our HTTP parsing module.
It's generic right now, so it applies to all tcp connections including
non-http ones.
Individual packets of the same stream will still be inspected though.
Cheers,
Victor
Xiong Wu wrote:
> Hi All,
>
> In snort, the flow_depth option of http_inspect preprocessor is able
> to specify the amount of server response payload to inspect. This
> option increases performance to handle HTTP traffic. Is there any
> similar option in suricata.
>
>
> Thanks,
> Sean.
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list