Here is a list of all modules:
[detail level 12]
| Application Layer Expectation | Handling of dynamic parallel connection for application layer similar to FTP |
| HTTP layer support | |
| Packet decoding | Code in charge of protocol decoding |
| State support | State is stored in the DetectEngineState structure. This is basically a container for storage item of type DeStateStore. They contains an array of DeStateStoreItem which store the state of match for an individual signature identified by DeStateStoreItem::sid |
| Thresholding | This feature is used to reduce the number of logged alerts for noisy rules. This can be tuned to significantly reduce false alarms, and it can also be used to write a newer breed of rules. Thresholding commands limit the number of times a particular event is logged during a specified time interval |
| Device storage API | The device storage API is a per-device storage. It is a mean to extend the LiveDevice structure with arbitrary data |
| Host storage API | The Host storage API is a per-host storage. It is a mean to extend the Host structure with arbitrary data |
| ▼AF_PACKET running mode | |
| AFP peers list | AF_PACKET has an IPS mode were interface are peered: packet from on interface are sent the peered interface and the other way. The AFPPeer list is maintaining the list of peers. Each AFPPeer is storing the needed information to be able to send packet on the interface. A element of the list must not be destroyed during the run of Suricata as it is used by Packet and other threads |
| AF_XDP running mode | |
| DPDK running mode | |
| Netmap running mode | |
| Pool | Pool are an effective way to maintain a set of ready to use structures |
| Testing | Unit testing support functions |
1.8.18