Crate suricata

Suricata is a network intrusion prevention and monitoring engine.

Suricata is a hybrid C and Rust application. What is found here are the components written in Rust.

Modules

• applayer
  Parser registration functions and common interface module.
• applayertemplate
  Application layer template parser and logger module.
• asn1
  ASN.1 parser module.
• bittorrent_dht
  BitTorrent DHT application layer, logger and parser module.
• common
  Utility library module for commonly used strings, hexadecimals and other elements.
• conf
  Module for retrieving configuration details.
• core
  This module exposes items from the core “C” code to Rust.
• dcerpc
  DCE/RPC protocol parser, logger and detection module.
• detect
  Module for rule parsing.
• dhcp
  DHCP parser, detection and logger module.
• dns
  DNS parser, detection, logger and application layer module.
• feature
  Rust bindings to the “feature” API.
• ffi
  Module that exposes C bindings to the Suricata Rust library.
• filecontainer
  This module handles file container operations (open, append, close).
• filetracker
  Gap handling and Chunk-based file transfer tracker module.
• frames
  Module for bindings to the Suricata C frame API.
• ftp
  FTP parser and application layer module.
• http2
  HTTP/2 parser, detection, logger and application layer module.
• ike
  IKE parser, detection, logger and application layer module.
• jsonbuilder
  Module for building JSON documents.
• kerberos
  Kerberos parser wrapper module.
• krb
  Kerberos-v5 application layer, logger and detection module.
• log
  Logging utility module.
• lzma
  lzma decompression utility module.
• mime
  MIME protocol parser module.
• modbus
  Modbus application layer, logger, parser and detection module.
• mqtt
  MQTT application layer, detection, logger and parser module.
• nfs
  NFS application layer, parser, logger module.
• ntp
  NTP application layer and parser module.
• pgsql
  PostgreSQL parser, logger and application layer module.
• plugin
  Plugin utility module.
• quic
  QUIC application layer, parser, detection and logger module.
• rdp
  RDP parser, logger and application layer module.
• rfb
  RFB protocol parser, logger and detection module.
• sip
  SIP protocol parser, detection and logger module.
• smb
  SMB application layer, detection, logger and parser module.
• snmp
  SNMP application layer, parser, detection and logger module.
• ssh
  SSH application layer, logger, detection and parser module.
• telnet
  Telnet application layer and parser module.
• tftp
  TFTP parser, logger and application layer module.
• util
  Utility module.
• x509
  Module for SSL/TLS X.509 certificates parser and decoder.

Macros

• SCLogConfig
• SCLogDebug
• SCLogError
• SCLogInfo
• SCLogNotice
• SCLogPerf
• SCLogWarning
• build_slice
  Create a slice, given a buffer and a length
• cast_pointer
  Cast pointer to a variable, as a mutable reference to an object
• debug_validate_bug_on
• debug_validate_fail
• do_log
• export_state_data_get
• export_tx_data_get
• function