From 1d1271fd38fdeb6da3bbd240368f5dc1ea8ad88b Mon Sep 17 00:00:00 2001
From: Eric Leblond <eric@regit.org>
Date: Mon, 2 Jan 2012 18:17:08 +0100
Subject: [PATCH] pcap: add support for checksum verif mode

This patch adds support for checksum verification mode.
Auto mode is not yet supported.
---
 src/runmode-pcap.c | 19 +++++++++++++++++++
 src/source-pcap.c  |  8 ++++++++
 src/source-pcap.h  |  1 +
 3 files changed, 28 insertions(+)

diff --git a/src/runmode-pcap.c b/src/runmode-pcap.c
index 96e04a0d79..68827300f7 100644
--- a/src/runmode-pcap.c
+++ b/src/runmode-pcap.c
@@ -82,6 +82,7 @@ void *ParsePcapConfig(const char *iface)
     ConfNode *pcap_node;
     PcapIfaceConfig *aconf = SCMalloc(sizeof(*aconf));
     char *tmpbpf;
+    char *tmpctype;
     intmax_t value;
 
     if (iface == NULL) {
@@ -100,6 +101,7 @@ void *ParsePcapConfig(const char *iface)
         aconf->buffer_size = value;
     }
 
+    aconf->checksum_mode = CHECKSUM_VALIDATION_ENABLE;
     aconf->bpf_filter = NULL;
     if ((ConfGet("bpf-filter", &tmpbpf)) == 1) {
         aconf->bpf_filter = tmpbpf;
@@ -143,6 +145,23 @@ void *ParsePcapConfig(const char *iface)
         SCLogInfo("BPF filter set from command line or via old 'bpf-filter' option.");
     }
 
+    if (ConfGetChildValue(if_root, "checksum-checks", &tmpctype) != 1) {
+        SCLogError(SC_ERR_INVALID_ARGUMENT, "Could not get checksum-checks from config");
+    } else {
+        if (strcmp(tmpctype, "auto") == 0) {
+            SCLogError(SC_ERR_INVALID_ARGUMENT,"'auto' mode is currently not supported");
+            /*
+            aconf->checksum_mode = CHECKSUM_VALIDATION_AUTO;
+            */
+        } else if (strcmp(tmpctype, "yes") == 0) {
+            aconf->checksum_mode = CHECKSUM_VALIDATION_ENABLE;
+        } else if (strcmp(tmpctype, "no") == 0) {
+            aconf->checksum_mode = CHECKSUM_VALIDATION_DISABLE;
+        } else {
+            SCLogError(SC_ERR_INVALID_ARGUMENT, "Invalid value for checksum-checks for %s", aconf->iface);
+        }
+    }
+
     return aconf;
 }
 
diff --git a/src/source-pcap.c b/src/source-pcap.c
index 2837ecf30d..4b8225ff57 100644
--- a/src/source-pcap.c
+++ b/src/source-pcap.c
@@ -83,6 +83,8 @@ typedef struct PcapThreadVars_
     /* pcap buffer size */
     int pcap_buffer_size;
 
+    ChecksumValidationMode checksum_mode;
+
 #if LIBPCAP_VERSION_MAJOR == 0
     char iface[PCAP_IFACE_NAME_LENGTH];
 #endif
@@ -213,6 +215,10 @@ void PcapCallbackLoop(char *user, struct pcap_pkthdr *h, u_char *pkt) {
         SCReturn;
     }
 
+    if (ptv->checksum_mode == CHECKSUM_VALIDATION_DISABLE) {
+        p->flags |= PKT_IGNORE_CHECKSUM;
+    }
+
     if (TmThreadsSlotProcessPkt(ptv->tv, ptv->slot, p) != TM_ECODE_OK) {
         pcap_breakloop(ptv->pcap_handle);
         ptv->cb_result = TM_ECODE_FAILED;
@@ -315,6 +321,8 @@ TmEcode ReceivePcapThreadInit(ThreadVars *tv, void *initdata, void **data) {
 
     ptv->tv = tv;
 
+    ptv->checksum_mode = pcapconfig->checksum_mode;
+
     SCLogInfo("using interface %s", (char *)pcapconfig->iface);
     /* XXX create a general pcap setup function */
     char errbuf[PCAP_ERRBUF_SIZE];
diff --git a/src/source-pcap.h b/src/source-pcap.h
index 74327bed73..942590e748 100644
--- a/src/source-pcap.h
+++ b/src/source-pcap.h
@@ -53,6 +53,7 @@ typedef struct PcapIfaceConfig_
     int buffer_size;
     /* BPF filter */
     char *bpf_filter;
+    ChecksumValidationMode checksum_mode;
     SC_ATOMIC_DECLARE(unsigned int, ref);
     void (*DerefFunc)(void *);
 } PcapIfaceConfig;