detect reload: load config

Load the YAML into a prefix "detect-engine-reloads.N" where N is the reload counter. This way we can load the updated config w/o overwriting the current one.
10 years ago · 71d01f06b9
parent b51075e804
commit 71d01f06b9
3 changed files with 41 additions and 5 deletions
--- a/src/detect-engine.c
+++ b/src/detect-engine.c
@ -1684,11 +1684,45 @@ void DetectEnginePruneFreeList(void)
    SCMutexUnlock(&master->lock);
 }

-int DetectEngineReload(void)
+static int reloads = 0;
+
+/** \brief Reload the detection engine
+ *
+ *  \param filename YAML file to load for the detect config
+ *
+ *  \retval -1 error
+ *  \retval 0 ok
+ */
+int DetectEngineReload(const char *filename)
 {
    DetectEngineCtx *new_de_ctx = NULL;
    DetectEngineCtx *old_de_ctx = NULL;

+    char prefix[128] = "";
+    if (filename != NULL) {
+        snprintf(prefix, sizeof(prefix), "detect-engine-reloads.%d", reloads++);
+
+        ConfNode *node = ConfGetNode(prefix);
+        if (node != NULL) {
+            SCLogError(SC_ERR_CONF_YAML_ERROR, "reload %d already loaded", reloads-1);
+            return -1;
+        }
+
+        if (ConfYamlLoadFileWithPrefix(filename, prefix) != 0) {
+            SCLogError(SC_ERR_CONF_YAML_ERROR, "failed to load yaml %s", filename);
+            return -1;
+        }
+
+        node = ConfGetNode(prefix);
+        if (node == NULL) {
+            SCLogError(SC_ERR_CONF_YAML_ERROR, "failed to properly setup yaml %s", filename);
+            return -1;
+        }
+#if 0
+        ConfDump();
+#endif
+    }
+
    /* get a reference to the current de_ctx */
    old_de_ctx = DetectEngineGetCurrent();
    if (old_de_ctx == NULL)
@ -1696,8 +1730,10 @@ int DetectEngineReload(void)
    SCLogDebug("get ref to old_de_ctx %p", old_de_ctx);

    /* get new detection engine */
-    new_de_ctx = DetectEngineCtxInit();
+    new_de_ctx = DetectEngineCtxInitWithPrefix(prefix);
    if (new_de_ctx == NULL) {
+        SCLogError(SC_ERR_INITIALIZATION, "initializing detection engine "
+                "context failed.");
        DetectEngineDeReference(&old_de_ctx);
        return -1;
    }
--- a/src/detect-engine.h
+++ b/src/detect-engine.h
@ -75,7 +75,7 @@ void DetectEnginePruneFreeList(void);
 int DetectEngineMoveToFreeList(DetectEngineCtx *de_ctx);
 DetectEngineCtx *DetectEngineReference(DetectEngineCtx *);
 void DetectEngineDeReference(DetectEngineCtx **de_ctx);
-int DetectEngineReload(void);
+int DetectEngineReload(const char *filename);
 int DetectEngineEnabled(void);

 /**
--- a/src/suricata.c
+++ b/src/suricata.c
@ -2381,7 +2381,7 @@ int main(int argc, char **argv)

    if (suri.delayed_detect) {
        /* force 'reload', this will load the rules and swap engines */
-        DetectEngineReload();
+        DetectEngineReload(NULL);

        if (suri.rule_reload) {
            if (suri.sig_file != NULL)
@ -2415,7 +2415,7 @@ int main(int argc, char **argv)
            sighup_count--;
        }
        if (sigusr2_count > 0) {
-            DetectEngineReload();
+            DetectEngineReload(conf_filename);
            sigusr2_count--;
        }