From: Victor Julien <victor@inliniac.net>
Date: Thu, 29 Mar 2018 11:09:26 +0000 (+0200)
Subject: doc: add SMB to file extraction. Minor improvements.
X-Git-Tag: suricata-4.1.0-rc1~167
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1edd9d19fcf23998a5cc6236accaea689b5ecb60;p=thirdparty%2Fsuricata.git

doc: add SMB to file extraction. Minor improvements.
---

diff --git a/doc/userguide/file-extraction/file-extraction.rst b/doc/userguide/file-extraction/file-extraction.rst
index 91f4d28731..db15e70105 100644
--- a/doc/userguide/file-extraction/file-extraction.rst
+++ b/doc/userguide/file-extraction/file-extraction.rst
@@ -4,9 +4,11 @@ File Extraction
 Architecture
 ~~~~~~~~~~~~
 
-The file extraction code works on top of the some protocols parsers. The HTTP parser takes care of dechunking and unzipping the request and/or response data if necessary. The application layer parsers runs on top of the stream reassembly engine.
+The file extraction code works on top of the some protocols parsers. The application layer parsers runs on top of the stream reassembly engine and the UDP flow tracking.
 
-This means that settings in the stream engine, reassembly engine and the application layer parser all affect the workings of the file extraction.
+In case of HTTP, the parser takes care of dechunking and unzipping the request and/or response data if necessary.
+
+This means that settings in the stream engine, reassembly engine and the application layer parsers all affect the workings of the file extraction.
 
 What files are actually extracted and stored to disk is controlled by the rule language.
 
@@ -14,8 +16,9 @@ Supported protocols are:
 
 - HTTP
 - SMTP
-- NFS
 - FTP
+- NFS
+- SMB
 
 Settings
 ~~~~~~~~