Stream IP Inspector Overview
Type |
Inspector (stream) |
Usage |
Inspect |
Instance Type |
Multiton |
Other Inspectors Required |
None |
Enabled |
|
Internet Protocol (IP) is a connectionless, network-layer protocol that forms the basis of the internet. IP uses host addresses to route messages from a source host to a destination host across IP networks. IP can route both TCP and UDP data packets in addition to other transport protocols.
An IP message contains header and data sections. The IP header includes IP addresses used to route a messsage to its destination. The IP data section encapsulates the message payload. IP handles reassembly and fragmentation of messages.
The stream_ip
inspector detects an IP network flow and
examines the packets in the flow. The stream_ip
inspector defines IP session and flow tracking,
operating system policy, and datagram overlaps configuration parameters.
Depending on the mode, either the stream_ip
inspector or the Snort data plane handles defragmentation.