|
|
|
|
@ -877,36 +877,7 @@ static TmEcode ParseInterfacesList(int run_mode, char *pcap_dev)
|
|
|
|
|
SCReturnInt(TM_ECODE_OK);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct SuriInstance {
|
|
|
|
|
int run_mode;
|
|
|
|
|
|
|
|
|
|
char pcap_dev[128];
|
|
|
|
|
char *sig_file;
|
|
|
|
|
int sig_file_exclusive;
|
|
|
|
|
char *pid_filename;
|
|
|
|
|
char *regex_arg;
|
|
|
|
|
|
|
|
|
|
char *keyword_info;
|
|
|
|
|
char *runmode_custom_mode;
|
|
|
|
|
#ifndef OS_WIN32
|
|
|
|
|
char *user_name;
|
|
|
|
|
char *group_name;
|
|
|
|
|
uint8_t do_setuid;
|
|
|
|
|
uint8_t do_setgid;
|
|
|
|
|
uint32_t userid;
|
|
|
|
|
uint32_t groupid;
|
|
|
|
|
#endif /* OS_WIN32 */
|
|
|
|
|
int delayed_detect;
|
|
|
|
|
int rule_reload;
|
|
|
|
|
int daemon;
|
|
|
|
|
int offline;
|
|
|
|
|
|
|
|
|
|
struct timeval start_time;
|
|
|
|
|
|
|
|
|
|
char *log_dir;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static void SuriInstanceInit(struct SuriInstance *suri)
|
|
|
|
|
static void SuriInstanceInit(SuriInstance *suri)
|
|
|
|
|
{
|
|
|
|
|
suri->run_mode = RUNMODE_UNKNOWN;
|
|
|
|
|
|
|
|
|
|
@ -943,13 +914,13 @@ static TmEcode SuriPrintVersion()
|
|
|
|
|
return TM_ECODE_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void SuriSetStartTime(struct SuriInstance *suri)
|
|
|
|
|
static void SuriSetStartTime(SuriInstance *suri)
|
|
|
|
|
{
|
|
|
|
|
memset(&suri->start_time, 0, sizeof(suri->start_time));
|
|
|
|
|
gettimeofday(&suri->start_time, NULL);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void SuriPrintElapsedTime(struct SuriInstance *suri)
|
|
|
|
|
static void SuriPrintElapsedTime(SuriInstance *suri)
|
|
|
|
|
{
|
|
|
|
|
struct timeval end_time;
|
|
|
|
|
memset(&end_time, 0, sizeof(end_time));
|
|
|
|
|
@ -959,7 +930,7 @@ static void SuriPrintElapsedTime(struct SuriInstance *suri)
|
|
|
|
|
SCLogInfo("time elapsed %.3fs", (float)milliseconds/(float)1000);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static TmEcode ParseCommandLine(int argc, char** argv, struct SuriInstance *suri)
|
|
|
|
|
static TmEcode ParseCommandLine(int argc, char** argv, SuriInstance *suri)
|
|
|
|
|
{
|
|
|
|
|
int opt;
|
|
|
|
|
|
|
|
|
|
@ -1527,7 +1498,7 @@ static int SuriWindowsInitService(int argc, char **argv)
|
|
|
|
|
}
|
|
|
|
|
#endif /* OS_WIN32 */
|
|
|
|
|
|
|
|
|
|
static int SuriMayDaemonize(struct SuriInstance *suri)
|
|
|
|
|
static int SuriMayDaemonize(SuriInstance *suri)
|
|
|
|
|
{
|
|
|
|
|
if (suri->daemon == 1) {
|
|
|
|
|
if (suri->pid_filename == NULL) {
|
|
|
|
|
@ -1563,7 +1534,7 @@ static int SuriMayDaemonize(struct SuriInstance *suri)
|
|
|
|
|
return TM_ECODE_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int SuriInitSignalHandler(struct SuriInstance *suri)
|
|
|
|
|
static int SuriInitSignalHandler(SuriInstance *suri)
|
|
|
|
|
{
|
|
|
|
|
/* registering signals we use */
|
|
|
|
|
UtilSignalHandlerSetup(SIGINT, SignalHandlerSigint);
|
|
|
|
|
@ -1611,7 +1582,7 @@ static int SuriInitSignalHandler(struct SuriInstance *suri)
|
|
|
|
|
return TM_ECODE_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int StartInternalRunMode(struct SuriInstance *suri, int argc, char **argv)
|
|
|
|
|
int StartInternalRunMode(SuriInstance *suri, int argc, char **argv)
|
|
|
|
|
{
|
|
|
|
|
/* Treat internal running mode */
|
|
|
|
|
switch(suri->run_mode) {
|
|
|
|
|
@ -1672,7 +1643,7 @@ int StartInternalRunMode(struct SuriInstance *suri, int argc, char **argv)
|
|
|
|
|
return TM_ECODE_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int FinalizeRunMode(struct SuriInstance *suri, char **argv)
|
|
|
|
|
static int FinalizeRunMode(SuriInstance *suri, char **argv)
|
|
|
|
|
{
|
|
|
|
|
switch (suri->run_mode) {
|
|
|
|
|
case RUNMODE_PCAP_FILE:
|
|
|
|
|
@ -1690,7 +1661,7 @@ static int FinalizeRunMode(struct SuriInstance *suri, char **argv)
|
|
|
|
|
return TM_ECODE_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void SuriSetupDelayedDetect(DetectEngineCtx *de_ctx, struct SuriInstance *suri)
|
|
|
|
|
static void SuriSetupDelayedDetect(DetectEngineCtx *de_ctx, SuriInstance *suri)
|
|
|
|
|
{
|
|
|
|
|
/* In offline mode delayed init of detect is a bad idea */
|
|
|
|
|
if (suri->offline) {
|
|
|
|
|
@ -1715,7 +1686,7 @@ static void SuriSetupDelayedDetect(DetectEngineCtx *de_ctx, struct SuriInstance
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int LoadSignatures(DetectEngineCtx *de_ctx,struct SuriInstance *suri)
|
|
|
|
|
static int LoadSignatures(DetectEngineCtx *de_ctx, SuriInstance *suri)
|
|
|
|
|
{
|
|
|
|
|
if (SigLoadSignatures(de_ctx, suri->sig_file, suri->sig_file_exclusive) < 0) {
|
|
|
|
|
if (suri->sig_file == NULL) {
|
|
|
|
|
@ -1729,7 +1700,7 @@ static int LoadSignatures(DetectEngineCtx *de_ctx,struct SuriInstance *suri)
|
|
|
|
|
return TM_ECODE_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int ConfigGetCaptureValue(struct SuriInstance *suri)
|
|
|
|
|
static int ConfigGetCaptureValue(SuriInstance *suri)
|
|
|
|
|
{
|
|
|
|
|
/* Pull the max pending packets from the config, if not found fall
|
|
|
|
|
* back on a sane default. */
|
|
|
|
|
@ -1776,7 +1747,7 @@ static int ConfigGetCaptureValue(struct SuriInstance *suri)
|
|
|
|
|
|
|
|
|
|
int main(int argc, char **argv)
|
|
|
|
|
{
|
|
|
|
|
struct SuriInstance suri;
|
|
|
|
|
SuriInstance suri;
|
|
|
|
|
|
|
|
|
|
SuriInstanceInit(&suri);
|
|
|
|
|
|
|
|
|
|
|
Eric Leblond
12 years ago