[Oisf-users] Suricata Developers documentation

Hariharan Thantry thantry at gmail.com
Fri Jan 13 21:57:27 UTC 2012


Hi Eileen,

I've looked at the Suricata.yaml document. It is fairly well written,
but still is not a "design" doc for the code structure. It would be
really helpful (given the sheer number of callbacks that are employed
inside Suricata), that some of the more important data
structures/functions are sort of "connected" together, in sort of a
"packet flow" order. The basic issue is the asynchronous nature of
invocation of most of these functions, tied together with the
module/queue/thread sort of a hierarchy that makes it extremely hard
to follow.

Thanks,
Hari



On Fri, Jan 13, 2012 at 11:58 AM, eileen donlon <emdonlo at gmail.com> wrote:
> Hi,
>
> There's some good documentation on the Suricata.yaml wiki page:
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricatayaml
> as well as on the Major Features wiki pages:
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Major_Features
>
> It doesn't go down to the function level, though there are dependency and
> call graphs available on the Doxygen.
>
> Does that help?
>
> Regards,
> Eileen
>
> On Fri, Jan 13, 2012 at 2:09 PM, Hariharan Thantry <thantry at gmail.com>
> wrote:
>>
>> Hi folks,
>>
>> Is there any document that really explains the different components of
>> Suricata in a little more detail than the one found here(which is sort
>> of good, but really very rudimentary):
>>
>> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricata_Developers_Guide
>> I was hoping for something like a design document that sort of goes
>> deeper into the code structure, different types of indirections, and
>> path of a packet as it traverses through the Suricata system
>> (functions invoked, etc).
>>
>> Thanks,
>> Hari
>> _______________________________________________
>> Oisf-users mailing list
>> Oisf-users at openinfosecfoundation.org
>> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
>



More information about the Oisf-users mailing list