Suricata

A use case came up for having different sensors see different parts of the traffic, where one might see the ftp control channel and the other the data channel. For such use case it would be good to have a hook that can be used by the library API as well as by plugins to hook into the Flow "expectation" setup, so that this expectation can then be communicated to other sensors somehow.