suricata
|
The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field.
You've reach the automatically generated documentation of Suricata. This document contains information about architecture and code structure. It is attended for developers wanting to understand or contribute to Suricata.
Documentation is generate from comments placed in all parts of the code. But you will also find some groups describing specific functional parts:
Regarding matching, there is three main data structures which are:
Suricata is multithreaded and running modes define how the different threads are working together. You can see util-runmodes.c for example of running mode.