Project

General

Profile

Suricata Developers Guide

Suricata is fully open source, meaning that everyone is welcome to participate in its development.

Contributing to Suricata

Even though everyone is welcomed to contribute, contributing to Suricata does require you to follow some rules. You will find them on the Contributing page.

If you contribute often, you will probably be asked to use the PRscript before doing a Pull Request. If it is not yes the case, then you should run your local PRscript via
SuriDockerQA.

Code Submission Quality Criteria

Git/Github

Github work flow and Git work flow

Code documentation

Doxygen pages are available at http://doxygen.openinfosecfoundation.org/ These are updated daily based on the latest git master.

QA

AFL Fuzz Testing
UBSan

Packet Pipeline

Packet Pipeline

Threading Basics

Threading

Request for Comments

TLS keyword expansion

Extending Suricata

Thread Modules
Output Plugins
Detection Plugins
Debugging
Unit Tests
AppLayer

How to hack the build process

Automake

Internals / API documentation

Unittest Helper Functions
Callbacks
File Log Output Format
Performance Bottlenecks
HTTP profiles
Using perf tool
Unix Socket
Extending Suricata
Packet Acquisition API
Log API
Libraries

Upgrading

DevelUpgrade3031

WIP

Pages to document ongoing work.

VLAN Handling
AppLayerYaml