Project

General

Custom queries

Profile

Actions
Copy link

Feature #3316

open

Unix socket: support dumping flow table

Added by Victor Julien over 5 years ago. Updated over 5 years ago.

Status:
Feedback
Priority:
Normal
Assignee:
Community Ticket
Target version:
TBD
Effort:
Difficulty:
Label:

Description

Idea is to use the unix socket interface dump the flow table. This could be used to analyse the internal state of flows.

The conntrack tool from Linux/Netfilter could be an example.

Related issues 3 (3 open0 closed)

Related to Suricata - Task #3288: Suricon 2019 brainstormAssignedVictor JulienActions
Related to Suricata - Feature #3295: Unix socket: support to receive flow shunting informationNewCommunity TicketActions
Related to Suricata - Task #3301: Research: Failover support within the current IPS implementationNewCommunity TicketActions
#1

Updated by Victor Julien over 5 years ago

  • Related to Task #3288: Suricon 2019 brainstorm added
#2

Updated by Victor Julien over 5 years ago

  • Related to Feature #3295: Unix socket: support to receive flow shunting information added
#4

Updated by Victor Julien over 5 years ago

  • Description updated (diff)
#6

Updated by Victor Julien over 4 years ago

  • Related to Task #3301: Research: Failover support within the current IPS implementation added
Actions
Copy link

Also available in: Atom PDF