You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

History

Jason Ish 60c429e04d detect: add callback for when rate filter changes action This callback will be called when alert action has been changed due to a rate filter. The user can then reset or customize the action in their callback per their own logic. As the callback is added to the current detection engine, make sure its copied to the new detection engine on reload. Ticket: #7673		3 months ago
..
.gitignore	.gitignore: add more files	4 months ago
Makefile.am	http: Use libhtp-rs.	4 months ago
Makefile.example.in	examples: rename lib capture example to custom	4 months ago
README.md	examples/lib: better command line handling	4 months ago
main.c	detect: add callback for when rate filter changes action	3 months ago

README.md

Custom Library Example

This is an example of using the Suriata library with your own packets and threads.

Building In Tree

The Suricata build system has created a Makefile that should allow you to build this application in-tree on most supported platforms. To build simply run:

make

Running

./custom -l . -- filename.pcap

For this example, any arguments before -- are passed directly as Suricata command line arguments. Arguments after the first -- are handled by this example program, and currently the only argument is a PCAP filename to be read.

Building Out of Tree

A Makefile.example has also been generated to use as an example on how to build against the library in a standalone application.

First build and install the Suricata library including:

make install-library
make install-headers

Then run:

make -f Makefile.example

If you installed to a non-standard location, you need to ensure that libsuricata-config is in your path, for example:

PATH=/opt/suricata/bin:$PATH make -f Makefile.example