|
|
|
|
@ -8,17 +8,22 @@ DETECTION ENGINE:
|
|
|
|
|
- implement src and dst ports as prefilters
|
|
|
|
|
|
|
|
|
|
- speed up initialization with many address groups present
|
|
|
|
|
- do a sort-insert for the temp address lists: sort it big to small to speed up later inserts
|
|
|
|
|
- siggroup(uri)content comparison can benefit from a list size counter
|
|
|
|
|
|
|
|
|
|
WU-MANBER:
|
|
|
|
|
- Consider using dynamic/variable hash sizes. A wm_ctx is quite big (512kb) even for small pattern sets.
|
|
|
|
|
|
|
|
|
|
ADDRESSES:
|
|
|
|
|
- support [1.2.3.4,2.3.4.5] notation: cleanup (memory!) and unittest
|
|
|
|
|
- support [1.2.3.4,2.3.4.5] notation: unittest
|
|
|
|
|
|
|
|
|
|
MAIN:
|
|
|
|
|
- move packet preallocation into it's own function
|
|
|
|
|
- create a cleanup function
|
|
|
|
|
|
|
|
|
|
THREADING
|
|
|
|
|
- Add pre-threading initialization API e.g. for Sig loading on Detect.
|
|
|
|
|
- Add post-threading deinitialization API
|
|
|
|
|
|
|
|
|
|
CUSTOM LOGGING:
|
|
|
|
|
- idea: add a logging module that can be told to output things based on flowvars
|
|
|
|
|
|
Victor Julien
17 years ago