aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove Napatech 2GD support

Browse Source 
Removed the Napatech 2GD support

runmode-napatech-3gd.c had an include from runmode-napatech.h which was erroneous and has been removed as well.

Signed-off-by: Matt Keeler <mk@npulsetech.com>
pull/184/merge
Matt Keeler 13 years ago committed by Victor Julien
parent a49bce63b0
commit 5786a32d0f
14 changed files with 6 additions and 946 deletions
Show Stats Download Patch File Download Diff File

42
configure.ac
Unescape Escape View File

@ -1221,47 +1221,6 @@ AC_INIT(configure.ac)
exit 1
fi
# Check for Napatech support.
AC_ARG_ENABLE(napatech,
[ --enable-napatech Enable Napatech adapter],
[ enable_napatech=yes ],
[ enable_napatech=no])
AC_ARG_WITH(napatech_includes,
[ --with-napatech-includes=DIR napatech include directory],
[with_napatech_includes="$withval"],[with_napatech_includes="no"])
AC_ARG_WITH(napatech_libraries,
[ --with-napatech-libraries=DIR napatech library directory],
[with_napatech_libraries="$withval"],[with_napatech_libraries="no"])
if test "$enable_napatech" = "yes"; then
if test "$with_napatech_includes" != "no"; then
CPPFLAGS="${CPPFLAGS} -I${with_napatech_includes}"
fi
if test "$with_napatech_libraries" != "no"; then
LDFLAGS="${LDFLAGS} -L${with_napatech_libraries} -lntfeeds -lntcommoninterface"
fi
AC_CHECK_HEADER(ntfeeds.h,NAPATECH="yes",NAPATECH="no")
if test "$NAPATECH" != "no"; then
NAPATECH=""
AC_CHECK_LIB(ntcommoninterface,NTCI_OpenCard,NAPATECH="yes",NAPATECH="no")
#AC_CHECK_LIB(ntfeeds,napatech_open,NAPATECH="yes",NAPATECH="no")
fi
if test "$NAPATECH" != "no"; then
CFLAGS="${CFLAGS} -DHAVE_NAPATECH"
fi
if test "$NAPATECH" = "no"; then
echo
echo " ERROR! libntfeeds (and libntcommoninterface) library not found"
echo
exit 1
fi
fi
# napatech-3gd
AC_ARG_ENABLE(napatech-3gd,
[ --enable-napatech-3gd Enabled Napatech 3GD Devices],
@ -1410,7 +1369,6 @@ Suricata Configuration:
NFQueue support: ${enable_nfqueue}
IPFW support: ${enable_ipfw}
DAG enabled: ${enable_dag}
Napatech enabled: ${enable_napatech}
Napatech 3GD enabled: ${enable_napatech_3gd}
libnss support: ${enable_nss}

2
src/Makefile.am
Unescape Escape View File

@ -15,7 +15,6 @@ runmode-nfq.c runmode-nfq.h \
runmode-ipfw.c runmode-ipfw.h \
runmode-erf-file.c runmode-erf-file.h \
runmode-erf-dag.c runmode-erf-dag.h \
runmode-napatech.c runmode-napatech.h \
runmode-napatech-3gd.c runmode-napatech-3gd.h \
runmode-af-packet.c runmode-af-packet.h \
packet-queue.c packet-queue.h \
@ -28,7 +27,6 @@ source-pfring.c source-pfring.h \
source-ipfw.c source-ipfw.h \
source-erf-file.c source-erf-file.h \
source-erf-dag.c source-erf-dag.h \
source-napatech.c source-napatech.h \
source-napatech-3gd.c source-napatech-3gd.h \
source-af-packet.c source-af-packet.h \
decode.c decode.h \

1
src/runmode-napatech-3gd.c
Unescape Escape View File

@ -26,7 +26,6 @@
#include "tm-threads.h"
#include "conf.h"
#include "runmodes.h"
#include "runmode-napatech.h"
#include "log-httplog.h"
#include "output.h"

412
src/runmode-napatech.c
Unescape Escape View File

@ -1,412 +0,0 @@
/* Copyright (C) 2011 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
* Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* version 2 along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*/
#include "suricata-common.h"
#include "tm-threads.h"
#include "conf.h"
#include "runmodes.h"
#include "runmode-napatech.h"
#include "log-httplog.h"
#include "output.h"
#include "alert-fastlog.h"
#include "alert-prelude.h"
#include "alert-unified2-alert.h"
#include "alert-debuglog.h"
#include "util-debug.h"
#include "util-time.h"
#include "util-cpu.h"
#include "util-affinity.h"
#include "runmode-napatech.h"
static const char *default_mode = NULL;
int RunModeNapatechAuto2(DetectEngineCtx *de_ctx);
const char *RunModeNapatechGetDefaultMode(void)
{
return default_mode;
}
void RunModeNapatechRegister(void)
{
#ifdef HAVE_NAPATECH
default_mode = "auto";
RunModeRegisterNewRunMode(RUNMODE_NAPATECH, "auto",
"Multi threaded Napatech mode",
RunModeNapatechAuto2);
return;
#endif
}
int RunModeNapatechAuto(DetectEngineCtx *de_ctx) {
#ifdef HAVE_NAPATECH
int i;
uint16_t feed, cpu;
char tname [128];
char *feedName = NULL;
char *threadName = NULL;
char *inQueueName = NULL;
char *outQueueName = NULL;
char *thread_group_name = NULL;
RunModeInitialize ();
TimeModeSetLive();
/* Available cpus */
uint16_t ncpus = UtilCpuGetNumProcessorsOnline();
char *device = NULL;
if (ConfGet("napatech.adapter", &device) == 0) {
SCLogError(SC_ERR_RUNMODE, "Failed retrieving napatech.adapter from Conf");
exit(EXIT_FAILURE);
}
uint16_t adapter = atoi (device);
SCLogDebug("Napatech adapter %s", adapter);
/* start with cpu 1 so that if we're creating an odd number of detect
* threads we're not creating the most on CPU0. */
if (ncpus > 0)
cpu = 1;
int32_t feed_count = napatech_count (adapter);
if (feed_count <= 0) {
printf("ERROR: No Napatech feeds defined for adapter %i\n", adapter);
exit(EXIT_FAILURE);
}
for (feed=0; feed < feed_count; feed++) {
snprintf(tname, sizeof(tname),"%"PRIu16":%"PRIu16, adapter, feed);
feedName = SCStrdup(tname);
if (unlikely(feedName == NULL)) {
fprintf(stderr, "ERROR: Alloc feed name\n");
exit(EXIT_FAILURE);
}
snprintf(tname, sizeof(tname),"Feed%"PRIu16,feed);
threadName = SCStrdup(tname);
if (unlikely(threadName == NULL)) {
fprintf(stderr, "ERROR: Alloc thread name\n");
exit(EXIT_FAILURE);
}
snprintf(tname, sizeof(tname),"feed-queue%"PRIu16,feed);
outQueueName = SCStrdup(tname);
if (unlikely(outQueueName == NULL)) {
fprintf(stderr, "ERROR: Alloc output queue name\n");
exit(EXIT_FAILURE);
}
/* create the threads */
ThreadVars *tv_napatechFeed = TmThreadCreatePacketHandler(threadName,"packetpool",
"packetpool",outQueueName,
"simple","pktacqloop");
if (tv_napatechFeed == NULL) {
fprintf(stderr, "ERROR: TmThreadsCreate failed\n");
exit(EXIT_FAILURE);
}
TmModule *tm_module = TmModuleGetByName("NapatechFeed");
if (tm_module == NULL) {
fprintf(stderr, "ERROR: TmModuleGetByName failed for NapatechFeed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend (tv_napatechFeed,tm_module,feedName);
tm_module = TmModuleGetByName("NapatechDecode");
if (tm_module == NULL) {
fprintf(stderr, "ERROR: TmModuleGetByName failed for NapatechDecode\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_napatechFeed,tm_module,feedName);
if (threading_set_cpu_affinity) {
TmThreadSetCPUAffinity(tv_napatechFeed, feed);
}
if (TmThreadSpawn(tv_napatechFeed) != TM_ECODE_OK) {
printf("ERROR: TmThreadSpawn failed\n");
exit(EXIT_FAILURE);
}
/*
* -------------------------------------------
*/
/* hard code it for now */
uint16_t detect=0;
/* always create at least one thread */
int thread_max = TmThreadGetNbThreads(DETECT_CPU_SET);
if (thread_max == 0)
thread_max = ncpus * threading_detect_ratio;
if (thread_max < 1)
thread_max = 1;
for (i=0; i< thread_max; i++)
{
snprintf(tname, sizeof(tname),"Detect%"PRIu16"/%"PRIu16,feed,detect++);
threadName = SCStrdup(tname);
if (unlikely(threadName == NULL)) {
fprintf(stderr, "ERROR: can not strdup thread name\n");
exit(EXIT_FAILURE);
}
snprintf(tname, sizeof(tname),"feed-queue%"PRIu16,feed);
inQueueName = SCStrdup(tname);
if (unlikely(inQueueName == NULL)) {
fprintf(stderr, "ERROR: can not strdup in queue name\n");
exit(EXIT_FAILURE);
}
ThreadVars *tv_detect = TmThreadCreatePacketHandler(threadName,
inQueueName,"simple",
"packetpool","packetpool","varslot");
if (tv_detect == NULL) {
fprintf(stderr,"ERROR: TmThreadsCreate failed\n");
exit(EXIT_FAILURE);
}
tm_module = TmModuleGetByName("StreamTcp");
if (tm_module == NULL) {
fprintf(stderr, "ERROR: TmModuleGetByName StreamTcp failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_detect,tm_module,NULL);
tm_module = TmModuleGetByName("Detect");
if (tm_module == NULL) {
fprintf(stderr, "ERROR: TmModuleGetByName Detect failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_detect,tm_module,(void *)de_ctx);
thread_group_name = SCStrdup("Detect");
if (unlikely(thread_group_name == NULL)) {
fprintf(stderr, "Error allocating memory\n");
exit(EXIT_FAILURE);
}
tv_detect->thread_group_name = thread_group_name;
SetupOutputs(tv_detect);
thread_group_name = SCStrdup("Outputs");
if (unlikely(thread_group_name == NULL)) {
fprintf(stderr, "Error allocating memory\n");
exit(EXIT_FAILURE);
}
tv_detect->thread_group_name = thread_group_name;
if (TmThreadSpawn(tv_detect) != TM_ECODE_OK) {
fprintf(stderr, "ERROR: TmThreadSpawn failed\n");
exit(EXIT_FAILURE);
}
}
}
#endif
return 0;
}
int RunModeNapatechAuto2(DetectEngineCtx *de_ctx) {
#ifdef HAVE_NAPATECH
int i;
uint16_t feed, cpu;
char tname [128];
char *feedName = NULL;
char *threadName = NULL;
char *inQueueName = NULL;
char *outQueueName = NULL;
char *thread_group_name = NULL;
RunModeInitialize ();
TimeModeSetLive();
/* Available cpus */
uint16_t ncpus = UtilCpuGetNumProcessorsOnline();
char *device = NULL;
if (ConfGet("napatech.adapter", &device) == 0) {
SCLogError(SC_ERR_RUNMODE, "Failed retrieving napatech.adapter from Conf");
exit(EXIT_FAILURE);
}
uint16_t adapter = atoi (device);
SCLogDebug("Napatech adapter %s", adapter);
/* start with cpu 1 so that if we're creating an odd number of detect
* threads we're not creating the most on CPU0. */
if (ncpus > 0)
cpu = 1;
int32_t feed_count = napatech_count (adapter);
if (feed_count <= 0) {
printf("ERROR: No Napatech feeds defined for adapter %i\n", adapter);
exit(EXIT_FAILURE);
}
for (feed=0; feed < feed_count; feed++) {
snprintf(tname, sizeof(tname),"%"PRIu16":%"PRIu16, adapter, feed);
feedName = SCStrdup(tname);
if (unlikely(feedName == NULL)) {
fprintf(stderr, "ERROR: can not strdup feed name\n");
exit(EXIT_FAILURE);
}
snprintf(tname, sizeof(tname),"Feed%"PRIu16,feed);
threadName = SCStrdup(tname);
if (unlikely(threadName == NULL)) {
fprintf(stderr, "ERROR: can not strdup in thread name\n");
exit(EXIT_FAILURE);
}
snprintf(tname, sizeof(tname),"feed-queue%"PRIu16,feed);
outQueueName = SCStrdup(tname);
if (unlikely(outQueueName == NULL)) {
fprintf(stderr, "ERROR: can not strdup out queue name\n");
exit(EXIT_FAILURE);
}
/* create the threads */
ThreadVars *tv_napatechFeed = TmThreadCreatePacketHandler(threadName,"packetpool",
"packetpool","packetpool",
"packetpool","pktacqloop");
if (tv_napatechFeed == NULL) {
fprintf(stderr, "ERROR: TmThreadsCreate failed\n");
exit(EXIT_FAILURE);
}
TmModule *tm_module = TmModuleGetByName("NapatechFeed");
if (tm_module == NULL) {
fprintf(stderr, "ERROR: TmModuleGetByName failed for NapatechFeed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend (tv_napatechFeed,tm_module,feedName);
tm_module = TmModuleGetByName("NapatechDecode");
if (tm_module == NULL) {
fprintf(stderr, "ERROR: TmModuleGetByName failed for NapatechDecode\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_napatechFeed,tm_module,feedName);
if (threading_set_cpu_affinity) {
TmThreadSetCPUAffinity(tv_napatechFeed, feed);
}
tm_module = TmModuleGetByName("StreamTcp");
if (tm_module == NULL) {
fprintf(stderr, "ERROR: TmModuleGetByName StreamTcp failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_napatechFeed,tm_module,NULL);
tm_module = TmModuleGetByName("Detect");
if (tm_module == NULL) {
fprintf(stderr, "ERROR: TmModuleGetByName Detect failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_napatechFeed,tm_module,(void *)de_ctx);
thread_group_name = SCStrdup("Detect");
if (unlikely(thread_group_name == NULL)) {
fprintf(stderr, "Error allocating memory\n");
exit(EXIT_FAILURE);
}
tv_napatechFeed->thread_group_name = thread_group_name;
SetupOutputs(tv_napatechFeed);
thread_group_name = SCStrdup("Outputs");
if (unlikely(thread_group_name == NULL)) {
fprintf(stderr, "Error allocating memory\n");
exit(EXIT_FAILURE);
}
tv_napatechFeed->thread_group_name = thread_group_name;
if (TmThreadSpawn(tv_napatechFeed) != TM_ECODE_OK) {
printf("ERROR: TmThreadSpawn failed\n");
exit(EXIT_FAILURE);
}
#if 0
/*
* -------------------------------------------
*/
/* hard code it for now */
uint16_t detect=0;
/* always create at least one thread */
int thread_max = TmThreadGetNbThreads(DETECT_CPU_SET);
if (thread_max == 0)
thread_max = ncpus * threading_detect_ratio;
if (thread_max < 1)
thread_max = 1;
for (i=0; i< thread_max; i++)
{
snprintf(tname, sizeof(tname),"Detect%"PRIu16"/%"PRIu16,feed,detect++);
threadName = SCStrdup(tname);
snprintf(tname, sizeof(tname),"feed-queue%"PRIu16,feed);
inQueueName = SCStrdup(tname);
ThreadVars *tv_detect = TmThreadCreatePacketHandler(threadName,
inQueueName,"simple",
"packetpool","packetpool","varslot");
if (tv_detect == NULL) {
fprintf(stderr,"ERROR: TmThreadsCreate failed\n");
exit(EXIT_FAILURE);
}
tm_module = TmModuleGetByName("StreamTcp");
if (tm_module == NULL) {
fprintf(stderr, "ERROR: TmModuleGetByName StreamTcp failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_detect,tm_module,NULL);
tm_module = TmModuleGetByName("Detect");
if (tm_module == NULL) {
fprintf(stderr, "ERROR: TmModuleGetByName Detect failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_detect,tm_module,(void *)de_ctx);
thread_group_name = SCStrdup("Detect");
if (thread_group_name == NULL) {
fprintf(stderr, "Error allocating memory\n");
exit(EXIT_FAILURE);
}
tv_detect->thread_group_name = thread_group_name;
SetupOutputs(tv_detect);
thread_group_name = SCStrdup("Outputs");
if (thread_group_name == NULL) {
fprintf(stderr, "Error allocating memory\n");
exit(EXIT_FAILURE);
}
tv_detect->thread_group_name = thread_group_name;
if (TmThreadSpawn(tv_detect) != TM_ECODE_OK) {
fprintf(stderr, "ERROR: TmThreadSpawn failed\n");
exit(EXIT_FAILURE);
}
}
#endif
}
#endif /* HAVE_NAPATECH */
return 0;
}

34
src/runmode-napatech.h
Unescape Escape View File

@ -1,34 +0,0 @@
/* Copyright (C) 2011 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
* Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* version 2 along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*/
/** \file
*
* \author Randy Caldejon <randy@packetchaser.org>
*/
#ifndef __RUNMODE_NAPATECH_H__
#define __RUNMODE_NAPATECH_H__
#ifdef HAVE_NAPATECH
#include "ntfeeds.h"
#endif
int RunModeNapatechAuto(DetectEngineCtx *);
void RunModeNapatechRegister(void);
const char *RunModeNapatechGetDefaultMode(void);
#endif /* __RUNMODE_NAPATECH_H__ */

6
src/runmodes.c
Unescape Escape View File

@ -114,8 +114,6 @@ static const char *RunModeTranslateModeToName(int runmode)
return "ERF_FILE";
case RUNMODE_DAG:
return "ERF_DAG";
case RUNMODE_NAPATECH:
return "NAPATECH";
case RUNMODE_NAPATECH_3GD:
return "NAPATECH_3GD";
case RUNMODE_UNITTEST:
@ -176,7 +174,6 @@ void RunModeRegisterRunModes(void)
RunModeIpsIPFWRegister();
RunModeErfFileRegister();
RunModeErfDagRegister();
RunModeNapatechRegister();
RunModeNapatech3GDRegister();
RunModeIdsAFPRegister();
#ifdef UNITTESTS
@ -263,9 +260,6 @@ void RunModeDispatch(int runmode, const char *custom_mode, DetectEngineCtx *de_c
case RUNMODE_DAG:
custom_mode = RunModeErfDagGetDefaultMode();
break;
case RUNMODE_NAPATECH:
custom_mode = RunModeNapatechGetDefaultMode();
break;
case RUNMODE_NAPATECH_3GD:
custom_mode = RunModeNapatech3GDGetDefaultMode();
break;

2
src/runmodes.h
Unescape Escape View File

@ -33,7 +33,6 @@ enum {
RUNMODE_IPFW,
RUNMODE_ERF_FILE,
RUNMODE_DAG,
RUNMODE_NAPATECH,
RUNMODE_AFP_DEV,
RUNMODE_UNITTEST,
RUNMODE_NAPATECH_3GD,
@ -59,7 +58,6 @@ void RunModeShutDown(void);
#include "runmode-ipfw.h"
#include "runmode-erf-file.h"
#include "runmode-erf-dag.h"
#include "runmode-napatech.h"
#include "runmode-napatech-3gd.h"
#include "runmode-af-packet.h"

366
src/source-napatech.c
Unescape Escape View File

@ -1,366 +0,0 @@
/* Copyright (C) 2011 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
* Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* version 2 along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*/
/**
* \file
*
* \author nPulse Technologies, LLC.
* \author Randy Caldejon <rc@npulsetech.com>
*
* Support for NAPATECH adapter. Requires libntfeeds from nPulse Technologies
* and libntcommoninterface from Napatech A/S.
*
*/
#include "suricata-common.h"
#include "suricata.h"
#include "threadvars.h"
#include "util-optimize.h"
#include "tm-queuehandlers.h"
#include "tm-threads.h"
#include "tm-modules.h"
#include "util-privs.h"
#include "tmqh-packetpool.h"
#ifndef HAVE_NAPATECH
TmEcode NoNapatechSupportExit(ThreadVars *, void *, void **);
void TmModuleNapatechFeedRegister (void) {
tmm_modules[TMM_RECEIVENAPATECH].name = "NapatechFeed";
tmm_modules[TMM_RECEIVENAPATECH].ThreadInit = NoNapatechSupportExit;
tmm_modules[TMM_RECEIVENAPATECH].Func = NULL;
tmm_modules[TMM_RECEIVENAPATECH].ThreadExitPrintStats = NULL;
tmm_modules[TMM_RECEIVENAPATECH].ThreadDeinit = NULL;
tmm_modules[TMM_RECEIVENAPATECH].RegisterTests = NULL;
tmm_modules[TMM_RECEIVENAPATECH].cap_flags = SC_CAP_NET_ADMIN;
}
void TmModuleNapatechDecodeRegister (void) {
tmm_modules[TMM_DECODENAPATECH].name = "NapatechDecode";
tmm_modules[TMM_DECODENAPATECH].ThreadInit = NoNapatechSupportExit;
tmm_modules[TMM_DECODENAPATECH].Func = NULL;
tmm_modules[TMM_DECODENAPATECH].ThreadExitPrintStats = NULL;
tmm_modules[TMM_DECODENAPATECH].ThreadDeinit = NULL;
tmm_modules[TMM_DECODENAPATECH].RegisterTests = NULL;
tmm_modules[TMM_DECODENAPATECH].cap_flags = 0;
tmm_modules[TMM_DECODENAPATECH].flags = TM_FLAG_DECODE_TM;
}
TmEcode NoNapatechSupportExit(ThreadVars *tv, void *initdata, void **data)
{
SCLogError(SC_ERR_NAPATECH_NOSUPPORT,
"Error creating thread %s: you do not have support for Napatech adapter "
"enabled please recompile with --enable-napatech", tv->name);
exit(EXIT_FAILURE);
}
#else /* Implied we do have NAPATECH support */
#include "source-napatech.h"
extern int max_pending_packets;
extern uint8_t suricata_ctl_flags;
typedef struct NapatechThreadVars_ {
ThreadVars *tv;
NAPATECH_FEED feed;
uint16_t adapter_number;
uint16_t feed_number;
uint32_t max_read_packets;
uint64_t pkts;
uint64_t drops;
uint64_t bytes;
TmSlot *slot;
} NapatechThreadVars;
TmEcode NapatechFeedThreadInit(ThreadVars *, void *, void **);
void NapatechFeedThreadExitStats(ThreadVars *, void *);
TmEcode NapatechFeedLoop(ThreadVars *tv, void *data, void *slot);
TmEcode NapatechDecodeThreadInit(ThreadVars *, void *, void **);
TmEcode NapatechDecode(ThreadVars *, Packet *, void *, PacketQueue *, PacketQueue *);
/**
* \brief Register the Napatech receiver (reader) module.
*/
void TmModuleNapatechFeedRegister(void)
{
tmm_modules[TMM_RECEIVENAPATECH].name = "NapatechFeed";
tmm_modules[TMM_RECEIVENAPATECH].ThreadInit = NapatechFeedThreadInit;
tmm_modules[TMM_RECEIVENAPATECH].Func = NULL;
tmm_modules[TMM_RECEIVENAPATECH].PktAcqLoop = NapatechFeedLoop;
tmm_modules[TMM_RECEIVENAPATECH].ThreadExitPrintStats = NapatechFeedThreadExitStats;
tmm_modules[TMM_RECEIVENAPATECH].ThreadDeinit = NapatechFeedThreadDeinit;
tmm_modules[TMM_RECEIVENAPATECH].RegisterTests = NULL;
tmm_modules[TMM_RECEIVENAPATECH].cap_flags = SC_CAP_NET_RAW;
tmm_modules[TMM_RECEIVENAPATECH].flags = TM_FLAG_RECEIVE_TM;
}
/**
* \brief Register the Napatech decoder module.
*/
void TmModuleNapatechDecodeRegister(void)
{
tmm_modules[TMM_DECODENAPATECH].name = "NapatechDecode";
tmm_modules[TMM_DECODENAPATECH].ThreadInit = NapatechDecodeThreadInit;
tmm_modules[TMM_DECODENAPATECH].Func = NapatechDecode;
tmm_modules[TMM_DECODENAPATECH].ThreadExitPrintStats = NULL;
tmm_modules[TMM_DECODENAPATECH].ThreadDeinit = NULL;
tmm_modules[TMM_DECODENAPATECH].RegisterTests = NULL;
tmm_modules[TMM_DECODENAPATECH].cap_flags = 0;
tmm_modules[TMM_DECODENAPATECH].flags = TM_FLAG_DECODE_TM;
}
/**
* \brief Initialize the Napatech receiver thread, generate a single
* NapatechThreadVar structure for each thread, this will
* contain a NAPATECH file descriptor which is read when the
* thread executes.
*
* \param tv Thread variable to ThreadVars
* \param initdata Initial data to the adapter passed from the user,
* this is processed by the user.
*
* For now, we assume that we have only a single name for the NAPATECH
* adapter.
*
* \param data data pointer gets populated with
*
*/
TmEcode NapatechFeedThreadInit(ThreadVars *tv, void *initdata, void **data)
{
SCEnter();
char *feedName = (char *) initdata;
*data = NULL;
//TODO:
if (initdata == NULL||*((char *)initdata+1)!=':') {
SCLogError(SC_ERR_INVALID_ARGUMENT, "Error: No NAPATECH adapter provided.");
SCReturnInt(TM_ECODE_FAILED);
}
NapatechThreadVars *ntv = SCMalloc(sizeof(NapatechThreadVars));
if (unlikely(ntv == NULL)) {
SCLogError(SC_ERR_MEM_ALLOC, "Failed to allocate memory for NAPATECH thread vars.");
exit(EXIT_FAILURE);
}
memset(ntv, 0, sizeof (NapatechThreadVars));
ntv->adapter_number = *(feedName)-'0';
ntv->feed_number = atoi((feedName+2));
ntv->tv = tv;
/* Use max_pending_packets as our maximum number of packets read
from the NAPATECH buffer.
*/
ntv->max_read_packets = max_pending_packets;
SCLogInfo("Opening NAPATECH %d:%d for processing", ntv->adapter_number, ntv->feed_number);
if ((ntv->feed = (NAPATECH_FEED) napatech_open(ntv->adapter_number, ntv->feed_number)) == NULL) {
SCLogError(SC_ERR_NAPATECH_OPEN_FAILED, "Failed to open NAPATECH %d:%d", ntv->adapter_number, ntv->feed_number);
SCFree(ntv);
SCReturnInt(TM_ECODE_FAILED);
}
SCLogInfo("Started processing packets from NAPATECH %d:%d", ntv->adapter_number, ntv->feed_number);
*data = (void *)ntv;
SCReturnInt(TM_ECODE_OK);
}
/**
* \brief Main Napatech reading Loop function
*/
TmEcode NapatechFeedLoop(ThreadVars *tv, void *data, void *slot)
{
SCEnter();
int32_t status;
int32_t caplen;
PCAP_HEADER *header;
uint8_t *frame;
uint16_t packet_q_len = 0;
NapatechThreadVars *ntv = (NapatechThreadVars *)data;
int r;
TmSlot *s = (TmSlot *)slot;
ntv->slot = s->slot_next;
while (1) {
if (suricata_ctl_flags & (SURICATA_STOP | SURICATA_KILL)) {
SCReturnInt(TM_ECODE_OK);
}
/* make sure we have at least one packet in the packet pool, to prevent
* us from alloc'ing packets at line rate */
do {
packet_q_len = PacketPoolSize();
if (unlikely(packet_q_len == 0)) {
PacketPoolWait();
}
} while (packet_q_len == 0);
/*
* Napatech returns frames in segment chunks. Function ntci_next_frame
* returns 1 for a frame, 0 if the segment is empty, and -1 on error
*/
status = napatech_next_frame (ntv->feed, &header, &frame);
if (status == 0) {
/*
* no frames currently available
*/
continue;
} else if (status < 0) {
SCLogError(SC_ERR_NAPATECH_FEED_NEXT_FAILED,
"Failed to read from Napatech feed %d:%d",
ntv->adapter_number, ntv->feed_number);
SCReturnInt(TM_ECODE_FAILED);
}
// beware that storelen is aligned; therefore, it may be larger than "caplen"
caplen = (header->wireLen < header->storeLen) ? header->wireLen : header->storeLen;
Packet *p = PacketGetFromQueueOrAlloc();
if (unlikely(p == NULL)) {
SCReturnInt(TM_ECODE_FAILED);
}
PKT_SET_SRC(p, PKT_SRC_WIRE);
p->ts.tv_sec = header->ts.tv_sec;
p->ts.tv_usec = header->ts.tv_usec;
SCLogDebug("p->ts.tv_sec %"PRIuMAX"", (uintmax_t)p->ts.tv_sec);
p->datalink = LINKTYPE_ETHERNET;
ntv->pkts++;
ntv->bytes += caplen;
if (unlikely(PacketCopyData(p, frame, caplen))) {
TmqhOutputPacketpool(ntv->tv, p);
SCReturnInt(TM_ECODE_FAILED);
}
if (TmThreadsSlotProcessPkt(ntv->tv, ntv->slot, p) != TM_ECODE_OK) {
TmqhOutputPacketpool(ntv->tv, p);
SCReturnInt(TM_ECODE_FAILED);
}
}
SCReturnInt(TM_ECODE_OK);
}
/**
* \brief Print some stats to the log at program exit.
*
* \param tv Pointer to ThreadVars.
* \param data Pointer to data, ErfFileThreadVars.
*/
void NapatechFeedThreadExitStats(ThreadVars *tv, void *data)
{
NapatechThreadVars *ntv = (NapatechThreadVars *)data;
if (napatech_statistics(ntv->feed, &ntv->pkts, &ntv->drops, &ntv->bytes)==0) {
double percent = 0;
if (ntv->drops > 0) {
double drops = ntv->drops;
percent = (drops / ( ntv->pkts+ntv->drops)) * 100;
}
SCLogInfo("Packets: %"PRIu64"; Drops: %"PRIu64" (%5.2f%%); Bytes: %"PRIu64, ntv->pkts, ntv->drops, percent, ntv->bytes);
}
}
/**
* \brief Deinitializes the NAPATECH card.
* \param tv pointer to ThreadVars
* \param data pointer that gets cast into PcapThreadVars for ptv
*/
TmEcode NapatechFeedThreadDeinit(ThreadVars *tv, void *data)
{
SCEnter();
NapatechThreadVars *ntv = (NapatechThreadVars *)data;
SCLogDebug("Closing Napatech feed %d:%d", ntv->adapter_number, ntv->feed_number);
napatech_close(ntv->feed);
SCReturnInt(TM_ECODE_OK);
}
/** Decode Napatech */
/**
* \brief This function passes off to link type decoders.
*
* DecodeNapatech reads packets from the PacketQueue and passes
* them off to the proper link type decoder.
*
* \param t pointer to ThreadVars
* \param p pointer to the current packet
* \param data pointer that gets cast into PcapThreadVars for ptv
* \param pq pointer to the current PacketQueue
*/
TmEcode NapatechDecode(ThreadVars *tv, Packet *p, void *data, PacketQueue *pq,
PacketQueue *postpq)
{
SCEnter();
DecodeThreadVars *dtv = (DecodeThreadVars *)data;
/* update counters */
SCPerfCounterIncr(dtv->counter_pkts, tv->sc_perf_pca);
SCPerfCounterIncr(dtv->counter_pkts_per_sec, tv->sc_perf_pca);
SCPerfCounterAddUI64(dtv->counter_bytes, tv->sc_perf_pca, GET_PKT_LEN(p));
// SCPerfCounterAddDouble(dtv->counter_bytes_per_sec, tv->sc_perf_pca, GET_PKT_LEN(p));
// SCPerfCounterAddDouble(dtv->counter_mbit_per_sec, tv->sc_perf_pca,
// (GET_PKT_LEN(p) * 8)/1000000.0);
SCPerfCounterAddUI64(dtv->counter_avg_pkt_size, tv->sc_perf_pca, GET_PKT_LEN(p));
SCPerfCounterSetUI64(dtv->counter_max_pkt_size, tv->sc_perf_pca, GET_PKT_LEN(p));
switch (p->datalink) {
case LINKTYPE_ETHERNET:
DecodeEthernet(tv, dtv, p, GET_PKT_DATA(p), GET_PKT_LEN(p), pq);
break;
default:
SCLogError(SC_ERR_DATALINK_UNIMPLEMENTED,
"Error: datalink type %" PRId32 " not yet supported in module DecodeNapatech",
p->datalink);
break;
}
SCReturnInt(TM_ECODE_OK);
}
TmEcode NapatechDecodeThreadInit(ThreadVars *tv, void *initdata, void **data)
{
SCEnter();
DecodeThreadVars *dtv = NULL;
dtv = DecodeThreadVarsAlloc();
if(dtv == NULL)
SCReturnInt(TM_ECODE_FAILED);
DecodeRegisterPerfCounters(dtv, tv);
*data = (void *)dtv;
SCReturnInt(TM_ECODE_OK);
}
#endif /* HAVE_NAPATECH */

38
src/source-napatech.h
Unescape Escape View File

@ -1,38 +0,0 @@
/* Copyright (C) 2010 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
* Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* version 2 along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*/
/**
* \file
*
* \author nPulse Technologies, LLC
* \author Randy Caldejon <rc@npulsetech.com>
*/
#ifndef __SOURCE_NAPATECH_H__
#define __SOURCE_NAPATECH_H__
void TmModuleNapatechFeedRegister (void);
TmEcode NapatechFeedThreadDeinit(ThreadVars *tv, void *data);
void TmModuleNapatechDecodeRegister (void);
#ifdef HAVE_NAPATECH
#include "ntfeeds.h"
#endif
#endif /* __SOURCE_NAPATECH_H__ */

21
src/suricata.c
Unescape Escape View File

@ -116,7 +116,6 @@
#include "source-erf-file.h"
#include "source-erf-dag.h"
#include "source-napatech.h"
#include "source-napatech-3gd.h"
#include "source-af-packet.h"
@ -522,9 +521,6 @@ void usage(const char *progname)
#ifdef HAVE_DAG
printf("\t--dag <dagX:Y> : process ERF records from DAG interface X, stream Y\n");
#endif
#ifdef HAVE_NAPATECH
printf("\t--napatech <adapter> : run Napatech feeds using <adapter>\n");
#endif
#ifdef HAVE_NAPATECH_3GD
printf("\t--napatech-3gd : run Napatech Streams using the 3GD API\n");
#endif
@ -776,7 +772,6 @@ int main(int argc, char **argv)
{"group", required_argument, 0, 0},
{"erf-in", required_argument, 0, 0},
{"dag", required_argument, 0, 0},
{"napatech", required_argument, 0, 0},
{"napatech-3gd", 0, 0, 0},
{"build-info", 0, &build_info, 1},
{NULL, 0, NULL, 0}
@ -1003,19 +998,6 @@ int main(int argc, char **argv)
" to receieve packets using --dag.");
exit(EXIT_FAILURE);
#endif /* HAVE_DAG */
}
else if (strcmp((long_opts[option_index]).name, "napatech") == 0) {
#ifdef HAVE_NAPATECH
run_mode = RUNMODE_NAPATECH;
if (ConfSet("napatech.adapter", optarg, 0) != 1) {
fprintf(stderr, "ERROR: Failed to set napatech.adapter\n");
exit(EXIT_FAILURE);
}
#else
SCLogError(SC_ERR_NAPATECH_REQUIRED, "libntcommoninterface and a Napatech adapter are required"
" to capture packets using --napatech.");
exit(EXIT_FAILURE);
#endif /* HAVE_NAPATECH */
}
else if (strcmp((long_opts[option_index]).name, "napatech-3gd") == 0) {
#ifdef HAVE_NAPATECH_3GD
@ -1484,9 +1466,6 @@ int main(int argc, char **argv)
/* dag live */
TmModuleReceiveErfDagRegister();
TmModuleDecodeErfDagRegister();
/* napatech */
TmModuleNapatechFeedRegister();
TmModuleNapatechDecodeRegister();
/* napatech-3gd */
TmModuleNapatech3GDStreamRegister();
TmModuleNapatech3GDDecodeRegister();

2
src/tm-modules.c
Unescape Escape View File

@ -260,8 +260,6 @@ const char * TmModuleTmmIdToString(TmmId id)
CASE_CODE (TMM_DECODEERFFILE);
CASE_CODE (TMM_RECEIVEERFDAG);
CASE_CODE (TMM_DECODEERFDAG);
CASE_CODE (TMM_RECEIVENAPATECH);
CASE_CODE (TMM_DECODENAPATECH);
CASE_CODE (TMM_RECEIVENAPATECH3GD);
CASE_CODE (TMM_DECODENAPATECH3GD);
CASE_CODE (TMM_RECEIVEAFP);

2
src/tm-threads-common.h
Unescape Escape View File

@ -73,8 +73,6 @@ typedef enum {
TMM_DECODEERFFILE,
TMM_RECEIVEERFDAG,
TMM_DECODEERFDAG,
TMM_RECEIVENAPATECH,
TMM_DECODENAPATECH,
TMM_RECEIVEAFP,
TMM_DECODEAFP,
TMM_ALERTPCAPINFO,

6
src/util-error.c
Unescape Escape View File

@ -190,12 +190,6 @@ const char * SCErrorToString(SCError err)
CASE_CODE (SC_ERR_ERF_DAG_STREAM_SET_FAILED);
CASE_CODE (SC_ERR_ERF_DAG_STREAM_READ_FAILED);
CASE_CODE (SC_WARN_ERF_DAG_REC_LEN_CHANGED);
CASE_CODE (SC_ERR_NAPATECH_OPEN_FAILED);
CASE_CODE (SC_ERR_NAPATECH_FEED_OPEN_FAILED);
CASE_CODE (SC_ERR_NAPATECH_FEED_START_FAILED);
CASE_CODE (SC_ERR_NAPATECH_FEED_NEXT_FAILED);
CASE_CODE (SC_ERR_NAPATECH_REQUIRED);
CASE_CODE (SC_ERR_NAPATECH_NOSUPPORT);
CASE_CODE (SC_ERR_NAPATECH_3GD_OPEN_FAILED);
CASE_CODE (SC_ERR_NAPATECH_3GD_STREAM_NEXT_FAILED);
CASE_CODE (SC_ERR_NAPATECH_3GD_NOSUPPORT);

6
src/util-error.h
Unescape Escape View File

@ -200,12 +200,6 @@ typedef enum {
SC_WARN_ERF_DAG_REC_LEN_CHANGED,
SC_ERR_DAG_REQUIRED,
SC_ERR_DAG_NOSUPPORT, /**< no ERF/DAG support compiled in */
SC_ERR_NAPATECH_OPEN_FAILED,
SC_ERR_NAPATECH_FEED_OPEN_FAILED,
SC_ERR_NAPATECH_FEED_START_FAILED,
SC_ERR_NAPATECH_FEED_NEXT_FAILED,
SC_ERR_NAPATECH_REQUIRED,
SC_ERR_NAPATECH_NOSUPPORT,
SC_ERR_FATAL,
SC_ERR_DCERPC,
SC_ERR_DETECT_PREPARE, /**< preparing the detection engine failed */

Write Preview
Loading…
Cancel
Save