From 0e08f4b6fc294391ec7c774d69bc20eb16bdfae5 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Mon, 16 Dec 2013 17:35:27 +0100 Subject: [PATCH] update runmodes to handle detect-less In runmodes setup, consider a NULL de_ctx to mean detect is disabled. --- src/runmode-erf-file.c | 24 +++++++------ src/runmode-pcap-file.c | 30 ++++++++++------ src/runmode-tile.c | 12 ++++--- src/runmodes.c | 3 ++ src/util-runmodes.c | 78 ++++++++++++++++++++++++++++------------- 5 files changed, 97 insertions(+), 50 deletions(-) diff --git a/src/runmode-erf-file.c b/src/runmode-erf-file.c index e9e15f5510..dad86caaaa 100644 --- a/src/runmode-erf-file.c +++ b/src/runmode-erf-file.c @@ -106,12 +106,14 @@ int RunModeErfFileSingle(DetectEngineCtx *de_ctx) } TmSlotSetFuncAppend(tv, tm_module, NULL); - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName Detect failed\n"); - exit(EXIT_FAILURE); + if (de_ctx != NULL) { + tm_module = TmModuleGetByName("Detect"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName Detect failed\n"); + exit(EXIT_FAILURE); + } + TmSlotSetFuncAppend(tv, tm_module, (void *)de_ctx); } - TmSlotSetFuncAppend(tv, tm_module, (void *)de_ctx); SetupOutputs(tv); @@ -232,12 +234,14 @@ int RunModeErfFileAutoFp(DetectEngineCtx *de_ctx) } TmSlotSetFuncAppend(tv_detect_ncpu, tm_module, NULL); - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName Detect failed\n"); - exit(EXIT_FAILURE); + if (de_ctx != NULL) { + tm_module = TmModuleGetByName("Detect"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName Detect failed\n"); + exit(EXIT_FAILURE); + } + TmSlotSetFuncAppend(tv_detect_ncpu, tm_module, (void *)de_ctx); } - TmSlotSetFuncAppend(tv_detect_ncpu, tm_module, (void *)de_ctx); if (threading_set_cpu_affinity) { TmThreadSetCPUAffinity(tv_detect_ncpu, (int)cpu); diff --git a/src/runmode-pcap-file.c b/src/runmode-pcap-file.c index f6ccd41a5c..ffc3d3ea07 100644 --- a/src/runmode-pcap-file.c +++ b/src/runmode-pcap-file.c @@ -109,12 +109,14 @@ int RunModeFilePcapSingle(DetectEngineCtx *de_ctx) } TmSlotSetFuncAppend(tv, tm_module, NULL); - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName Detect failed"); - exit(EXIT_FAILURE); + if (de_ctx) { + tm_module = TmModuleGetByName("Detect"); + if (tm_module == NULL) { + SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName Detect failed"); + exit(EXIT_FAILURE); + } + TmSlotSetFuncAppend(tv, tm_module, (void *)de_ctx); } - TmSlotSetFuncAppend(tv, tm_module, (void *)de_ctx); SetupOutputs(tv); @@ -153,6 +155,11 @@ int RunModeFilePcapAuto(DetectEngineCtx *de_ctx) TmModule *tm_module; RunModeInitialize(); + if (de_ctx == NULL) { + SCLogError(SC_ERR_RUNMODE, "can't mix runmode 'auto' and disabled detect"); + return -1; + } + /* Available cpus */ uint16_t ncpus = UtilCpuGetNumProcessorsOnline(); @@ -404,13 +411,14 @@ int RunModeFilePcapAutoFp(DetectEngineCtx *de_ctx) } TmSlotSetFuncAppend(tv_detect_ncpu, tm_module, NULL); - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName Detect failed"); - exit(EXIT_FAILURE); + if (de_ctx) { + tm_module = TmModuleGetByName("Detect"); + if (tm_module == NULL) { + SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName Detect failed"); + exit(EXIT_FAILURE); + } + TmSlotSetFuncAppend(tv_detect_ncpu, tm_module, (void *)de_ctx); } - TmSlotSetFuncAppend(tv_detect_ncpu, tm_module, (void *)de_ctx); - char *thread_group_name = SCStrdup("Detect"); if (unlikely(thread_group_name == NULL)) { diff --git a/src/runmode-tile.c b/src/runmode-tile.c index 9e86a72ee3..46e115da8c 100644 --- a/src/runmode-tile.c +++ b/src/runmode-tile.c @@ -249,12 +249,14 @@ int RunModeTileMpipeWorkers(DetectEngineCtx *de_ctx) } TmSlotSetFuncAppend(tv_worker, tm_module, NULL); - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName Detect failed\n"); - exit(EXIT_FAILURE); + if (de_ctx != NULL) { + tm_module = TmModuleGetByName("Detect"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName Detect failed\n"); + exit(EXIT_FAILURE); + } + TmSlotSetFuncAppend(tv_worker, tm_module, (void *)de_ctx); } - TmSlotSetFuncAppend(tv_worker, tm_module, (void *)de_ctx); tm_module = TmModuleGetByName("RespondReject"); if (tm_module == NULL) { diff --git a/src/runmodes.c b/src/runmodes.c index 89ae0c7a8d..c394ae19d2 100644 --- a/src/runmodes.c +++ b/src/runmodes.c @@ -243,6 +243,9 @@ void RunModeListRunmodes(void) return; } +/** + * \param de_ctx Detection engine ctx. Can be NULL is detect is disabled. + */ void RunModeDispatch(int runmode, const char *custom_mode, DetectEngineCtx *de_ctx) { char *local_custom_mode = NULL; diff --git a/src/util-runmodes.c b/src/util-runmodes.c index c6a4cbf83f..3c5387e463 100644 --- a/src/util-runmodes.c +++ b/src/util-runmodes.c @@ -61,6 +61,11 @@ int RunModeSetLiveCaptureAuto(DetectEngineCtx *de_ctx, char tname[TM_THREAD_NAME_MAX]; int thread; + if (de_ctx == NULL) { + SCLogError(SC_ERR_RUNMODE, "can't use runmode 'auto' when detection is disabled"); + return -1; + } + if ((nlive <= 1) && (live_dev != NULL)) { void *aconf; SCLogDebug("live_dev %s", live_dev); @@ -317,6 +322,9 @@ char *RunmodeAutoFpCreatePickupQueuesString(int n) { return queues; } +/** + * \param de_ctx detection engine, can be NULL + */ int RunModeSetLiveCaptureAutoFp(DetectEngineCtx *de_ctx, ConfigIfaceParserFunc ConfigParser, ConfigIfaceThreadsCountFunc ModThreadsCount, @@ -491,13 +499,15 @@ int RunModeSetLiveCaptureAutoFp(DetectEngineCtx *de_ctx, } TmSlotSetFuncAppend(tv_detect_ncpu, tm_module, NULL); - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName Detect failed"); - exit(EXIT_FAILURE); + if (de_ctx != NULL) { + tm_module = TmModuleGetByName("Detect"); + if (tm_module == NULL) { + SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName Detect failed"); + exit(EXIT_FAILURE); + } + TmSlotSetFuncAppendDelayed(tv_detect_ncpu, tm_module, + (void *)de_ctx, de_ctx->delayed_detect); } - TmSlotSetFuncAppendDelayed(tv_detect_ncpu, tm_module, - (void *)de_ctx, de_ctx->delayed_detect); TmThreadSetCPU(tv_detect_ncpu, DETECT_CPU_SET); @@ -528,6 +538,9 @@ int RunModeSetLiveCaptureAutoFp(DetectEngineCtx *de_ctx, return 0; } +/** + * \param de_ctx detection engine, can be NULL + */ static int RunModeSetLiveCaptureWorkersForDevice(DetectEngineCtx *de_ctx, ConfigIfaceThreadsCountFunc ModThreadsCount, char *recv_mod_name, @@ -593,13 +606,15 @@ static int RunModeSetLiveCaptureWorkersForDevice(DetectEngineCtx *de_ctx, } TmSlotSetFuncAppend(tv, tm_module, NULL); - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName Detect failed"); - exit(EXIT_FAILURE); + if (de_ctx != NULL) { + tm_module = TmModuleGetByName("Detect"); + if (tm_module == NULL) { + SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName Detect failed"); + exit(EXIT_FAILURE); + } + TmSlotSetFuncAppendDelayed(tv, tm_module, + (void *)de_ctx, de_ctx->delayed_detect); } - TmSlotSetFuncAppendDelayed(tv, tm_module, - (void *)de_ctx, de_ctx->delayed_detect); tm_module = TmModuleGetByName("RespondReject"); if (tm_module == NULL) { @@ -708,6 +723,11 @@ int RunModeSetIPSAuto(DetectEngineCtx *de_ctx, uint16_t ncpus = UtilCpuGetNumProcessorsOnline(); int nqueue = LiveGetDeviceCount(); + if (de_ctx == NULL) { + SCLogError(SC_ERR_RUNMODE, "can't use runmode 'auto' when detection is disabled"); + return -1; + } + for (int i = 0; i < nqueue; i++) { /* create the threads */ cur_queue = LiveGetDeviceName(i); @@ -894,6 +914,9 @@ int RunModeSetIPSAuto(DetectEngineCtx *de_ctx, } +/** + * \param de_ctx detection engine, can be NULL + */ int RunModeSetIPSAutoFp(DetectEngineCtx *de_ctx, ConfigIPSParserFunc ConfigParser, char *recv_mod_name, @@ -997,13 +1020,15 @@ int RunModeSetIPSAutoFp(DetectEngineCtx *de_ctx, } TmSlotSetFuncAppend(tv_detect_ncpu, tm_module, NULL); - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName Detect failed"); - exit(EXIT_FAILURE); + if (de_ctx != NULL) { + tm_module = TmModuleGetByName("Detect"); + if (tm_module == NULL) { + SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName Detect failed"); + exit(EXIT_FAILURE); + } + TmSlotSetFuncAppendDelayed(tv_detect_ncpu, tm_module, + (void *)de_ctx, de_ctx->delayed_detect); } - TmSlotSetFuncAppendDelayed(tv_detect_ncpu, tm_module, - (void *)de_ctx, de_ctx->delayed_detect); TmThreadSetCPU(tv_detect_ncpu, DETECT_CPU_SET); @@ -1067,6 +1092,9 @@ int RunModeSetIPSAutoFp(DetectEngineCtx *de_ctx, return 0; } +/** + * \param de_ctx detection engine, can be NULL + */ int RunModeSetIPSWorker(DetectEngineCtx *de_ctx, ConfigIPSParserFunc ConfigParser, char *recv_mod_name, @@ -1125,13 +1153,15 @@ int RunModeSetIPSWorker(DetectEngineCtx *de_ctx, } TmSlotSetFuncAppend(tv, tm_module, NULL); - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName Detect failed"); - exit(EXIT_FAILURE); + if (de_ctx != NULL) { + tm_module = TmModuleGetByName("Detect"); + if (tm_module == NULL) { + SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName Detect failed"); + exit(EXIT_FAILURE); + } + TmSlotSetFuncAppendDelayed(tv, tm_module, + (void *)de_ctx, de_ctx->delayed_detect); } - TmSlotSetFuncAppendDelayed(tv, tm_module, - (void *)de_ctx, de_ctx->delayed_detect); tm_module = TmModuleGetByName(verdict_mod_name); if (tm_module == NULL) {