Stream UDP Inspector Overview
Type |
Inspector (stream) |
Usage |
Inspect |
Instance type |
Multiton |
Other Inspectors Required |
None |
Enabled |
|
User Datagram Protocol (UDP) is a connectionless, low-latency transport layer protocol. UDP enables stateless communication between two network endpoints before an agreement is provided by the receiving party. To evaluate the integrity of the message header and data, UDP uses checksums.
The stream_udp
inspector checks the source and destination IP address fields
in the IP datagram header, and the port fields in the UDP header to determine the direction
of flow and identify a session. A session ends when a configurable timer is exceeded,
or when either endpoint receives an ICMP message that the other endpoint is unreachable.
The UDP stream inspector does not generate events. You can enable packet decoder rules (GID 116) to detect UDP header anomalies.