Upgrading your code from 3.0 to 3.1

Detection engine and locking

The detection engine now has a much simplified locking scheme. If your code is called from the detection engine, you can assume that if you have a Packet::flow, then it's locked.

See also:

File API needs a config argument

The File API uses a new underlying API called the StreamBuffer API.

Here is the updated FileOpen call:

Here is how SMTP handles it:

See also:


Unittests registration has been simplified. It's no longer possible to register the value that signifies 'success'. For this the value of 1 is now hardcoded.

A set of macro's has been added:

New tests should all follow the following logic: