forked from intel/hyperscan
-
Notifications
You must be signed in to change notification settings - Fork 5
Home
Ivan Koveshnikov edited this page Oct 21, 2022
·
7 revisions
- 3-clause BSD license suits for the kernel,
- Designed to be as fast as possible,
- Tested on similar use cases with Suricata,
- Features: multi-pattern, logical combination, prefilter,
- Wire format for compiled patterns,
- Self-contained C runtime for scanning,
- No memory allocations on the datapath
The linux-rex module relies on the Hyperscan database serialization feature.
Hyperscan is designed to be modular. The libhs_runtime.a provides
the regular expressions engine that loads a compiled expression and
performs the scanning.
The libhs.a module provides configuration facilities by compiling
textual representation of a regular expression into the database format
the runtime can use.
See the installation guide.
Refer to usage page.
The module doesn't support batch operations, as XDP doesn't provide that feature.