Note: this Wiki is now deprecated. Newer versions of the Suricata Developers Guide should be found at the Suricata Developer Guide.

Suricata Developers Guide¶

Suricata is fully open source, meaning that everyone is welcome to participate in its development.

Contributing to Suricata¶

Even though everyone is welcomed to contribute, contributing to Suricata does require you to follow some rules. You will find them on the Contributing page.

Code Submission Quality Criteria

Git/Github¶

Github work flow and Git work flow

Code documentation¶

Doxygen pages are available at http://doxygen.openinfosecfoundation.org/ These are updated daily based on the latest git master.

QA¶

AFL Fuzz Testing
UBSan

Packet Pipeline¶

Packet Pipeline

Threading Basics¶

Threading

Request for Comments¶

TLS keyword expansion

Extending Suricata¶

Thread Modules
Output Plugins
Detection Plugins
Debugging
Unit Tests
AppLayer

How to hack the build process¶

Automake

Internals / API documentation¶

Unittest Helper Functions
Callbacks
File Log Output Format
Performance Bottlenecks
HTTP profiles
Using perf tool
Unix Socket
Extending Suricata
Packet Acquisition API
Log API
Libraries

Upgrading¶

DevelUpgrade3031

WIP¶

Pages to document ongoing work.

VLAN Handling
AppLayerYaml

Files (2)

suricata_pcap_auto_pipeline.graffle (151 KB) suricata_pcap_auto_pipeline.graffle		Xavier Lange, 09/01/2010 04:53 PM
suricata_pcap_auto_pipeline_v1.png (30.2 KB) suricata_pcap_auto_pipeline_v1.png		Xavier Lange, 09/01/2010 04:53 PM

Project

General

Profile

Suricata

Wiki