home :: news :: download :: developers :: documentation
Bugs/Patches/Support
You can send all three to the wonderful magical mailing list. You don't need
to be subscribed to send messages, just send them straight to
<firestorm at scaramanga dot co dot uk>.
Mailing List
You can subscribe to the firestorm mailing list by sending a blank email
message to <firestorm-subscribe at scaramanga dot co dot uk>.
After a short conversation with Mr. Ezmlm, our mailing list manager, you
will be signed on to the mailing list.
Mailing List Archive
The mailing list is archived online.
I'm a big mouthed programmer but I don't know where to start!
Check the TODO file for a short-term idea of whats
happening with firestorm development, this file is updated fairly regularly.
Alternatively you can take a look at the HACKING file
for an idea of perrenial TODO items that always need working on. Some of the
C files have TODO lists in the header comments. If you dig GNOME you can always
make UI improvements. How about i18n support? Icons? If still nothing seems
interesting mail me or the list, given the size of my mental TODO list, I'm
sure we can think of *something* fun.
Profiles and Benchmarks
Here is a recent profile
of firestorm clocking 257mbps with a full ruleset on an old celeron 900.
The functions template_match, ip_src_detect and ip_dst_detect are shortly
to be optimized with a new algorithm. The overhead of tcp_csum may be
ameliorated by using inline assembly and MMX/SSE/Altivec etc.
And here are some old profiles of both firestorm and snort using the excellent oprofile low-overhead full system profiler. Snort is here for comparison as it is not only firestorms main competition but also a fantastic tool and the gold standard of network intrusion detection.
Firestorm ran to completion in 19 seconds, snort took 30 seconds, thats a 50% performance
boost using firestorm over snort (snort2-cvs actually ran in 22 seconds which is a major
improvement!). I will produce some exact timings and results at some later date. I have left
kernel and libraries and EVERYTHING in the profiles, enjoy ;)
I will do some more realistic tests at some point in the future. I need a realistic test machine, some better datasets (I have some good private ones, but will use some public data aswell so people can reproduce my results). I also need to use the newer snort2 rulesets.
Plugin API Specs
Coming real soon now™ I'm basically just waiting for it
to become a bit more stable before even bothering to start
writing anything. This should come together over the 0.6.x series.
<processed-meat-arachnid at scaramanga dot co dot uk>
This page is public domain. No trademarks, no patents, no copywrongs.