|
|
|
|
@ -3189,6 +3189,8 @@ int RunModeIpsNFQAuto(DetectEngineCtx *de_ctx, char *nfq_id) {
|
|
|
|
|
TimeModeSetLive();
|
|
|
|
|
|
|
|
|
|
/* create the threads */
|
|
|
|
|
|
|
|
|
|
/* receive nfq */
|
|
|
|
|
ThreadVars *tv_receivenfq = TmThreadCreatePacketHandler("ReceiveNFQ","packetpool","packetpool","pickup-queue","simple","1slot_noinout");
|
|
|
|
|
if (tv_receivenfq == NULL) {
|
|
|
|
|
printf("ERROR: TmThreadsCreate failed\n");
|
|
|
|
|
@ -3212,48 +3214,34 @@ int RunModeIpsNFQAuto(DetectEngineCtx *de_ctx, char *nfq_id) {
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode1","pickup-queue","simple","decode-queue1","simple","1slot");
|
|
|
|
|
if (tv_decode1 == NULL) {
|
|
|
|
|
/* decode and stream */
|
|
|
|
|
ThreadVars *tv_decode = TmThreadCreatePacketHandler("Decode1","pickup-queue","simple","decode-queue","simple","varslot");
|
|
|
|
|
if (tv_decode == NULL) {
|
|
|
|
|
printf("ERROR: TmThreadsCreate failed for Decode1\n");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
tm_module = TmModuleGetByName("DecodeNFQ");
|
|
|
|
|
if (tm_module == NULL) {
|
|
|
|
|
printf("ERROR: TmModuleGetByName DecodeNFQ failed\n");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
Tm1SlotSetFunc(tv_decode1,tm_module,NULL);
|
|
|
|
|
|
|
|
|
|
if (threading_set_cpu_affinity) {
|
|
|
|
|
TmThreadSetCPUAffinity(tv_decode1, 0);
|
|
|
|
|
if (ncpus > 1)
|
|
|
|
|
TmThreadSetThreadPriority(tv_decode1, PRIO_MEDIUM);
|
|
|
|
|
}
|
|
|
|
|
TmVarSlotSetFuncAppend(tv_decode,tm_module,NULL);
|
|
|
|
|
|
|
|
|
|
if (TmThreadSpawn(tv_decode1) != TM_ECODE_OK) {
|
|
|
|
|
printf("ERROR: TmThreadSpawn failed\n");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ThreadVars *tv_stream1 = TmThreadCreatePacketHandler("Stream1","decode-queue1","simple","stream-queue1","simple","1slot");
|
|
|
|
|
if (tv_stream1 == NULL) {
|
|
|
|
|
printf("ERROR: TmThreadsCreate failed for Stream1\n");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
tm_module = TmModuleGetByName("StreamTcp");
|
|
|
|
|
if (tm_module == NULL) {
|
|
|
|
|
printf("ERROR: TmModuleGetByName StreamTcp failed\n");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
Tm1SlotSetFunc(tv_stream1,tm_module,NULL);
|
|
|
|
|
TmVarSlotSetFuncAppend(tv_decode,tm_module,NULL);
|
|
|
|
|
|
|
|
|
|
if (threading_set_cpu_affinity) {
|
|
|
|
|
TmThreadSetCPUAffinity(tv_stream1, 0);
|
|
|
|
|
TmThreadSetCPUAffinity(tv_decode, 0);
|
|
|
|
|
if (ncpus > 1)
|
|
|
|
|
TmThreadSetThreadPriority(tv_stream1, PRIO_MEDIUM);
|
|
|
|
|
TmThreadSetThreadPriority(tv_decode, PRIO_MEDIUM);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (TmThreadSpawn(tv_stream1) != TM_ECODE_OK) {
|
|
|
|
|
if (TmThreadSpawn(tv_decode) != TM_ECODE_OK) {
|
|
|
|
|
printf("ERROR: TmThreadSpawn failed\n");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
@ -3277,7 +3265,7 @@ int RunModeIpsNFQAuto(DetectEngineCtx *de_ctx, char *nfq_id) {
|
|
|
|
|
char *thread_name = SCStrdup(tname);
|
|
|
|
|
SCLogDebug("Assigning %s affinity to cpu %u", thread_name, cpu);
|
|
|
|
|
|
|
|
|
|
ThreadVars *tv_detect_ncpu = TmThreadCreatePacketHandler(thread_name,"stream-queue1","simple","verdict-queue","simple","1slot");
|
|
|
|
|
ThreadVars *tv_detect_ncpu = TmThreadCreatePacketHandler(thread_name,"decode-queue","simple","verdict-queue","simple","1slot");
|
|
|
|
|
if (tv_detect_ncpu == NULL) {
|
|
|
|
|
printf("ERROR: TmThreadsCreate failed\n");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
@ -3320,7 +3308,7 @@ int RunModeIpsNFQAuto(DetectEngineCtx *de_ctx, char *nfq_id) {
|
|
|
|
|
cpu++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ThreadVars *tv_verdict = TmThreadCreatePacketHandler("Verdict","verdict-queue","simple","respond-queue","simple","1slot");
|
|
|
|
|
ThreadVars *tv_verdict = TmThreadCreatePacketHandler("Verdict","verdict-queue","simple","alert-queue","simple","varslot");
|
|
|
|
|
if (tv_verdict == NULL) {
|
|
|
|
|
printf("ERROR: TmThreadsCreate failed\n");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
@ -3330,44 +3318,28 @@ int RunModeIpsNFQAuto(DetectEngineCtx *de_ctx, char *nfq_id) {
|
|
|
|
|
printf("ERROR: TmModuleGetByName VerdictNFQ failed\n");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
Tm1SlotSetFunc(tv_verdict,tm_module,nfq_id);
|
|
|
|
|
|
|
|
|
|
if (threading_set_cpu_affinity) {
|
|
|
|
|
TmThreadSetCPUAffinity(tv_verdict, 0);
|
|
|
|
|
if (ncpus > 1)
|
|
|
|
|
TmThreadSetThreadPriority(tv_verdict, PRIO_MEDIUM);
|
|
|
|
|
}
|
|
|
|
|
TmVarSlotSetFuncAppend(tv_verdict,tm_module,nfq_id);
|
|
|
|
|
|
|
|
|
|
if (TmThreadSpawn(tv_verdict) != TM_ECODE_OK) {
|
|
|
|
|
printf("ERROR: TmThreadSpawn failed\n");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ThreadVars *tv_rreject = TmThreadCreatePacketHandler("RespondReject","respond-queue","simple","alert-queue1","simple","1slot");
|
|
|
|
|
if (tv_rreject == NULL) {
|
|
|
|
|
printf("ERROR: TmThreadsCreate failed\n");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
tm_module = TmModuleGetByName("RespondReject");
|
|
|
|
|
if (tm_module == NULL) {
|
|
|
|
|
printf("ERROR: TmModuleGetByName for RespondReject failed\n");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
Tm1SlotSetFunc(tv_rreject,tm_module,NULL);
|
|
|
|
|
TmVarSlotSetFuncAppend(tv_verdict,tm_module,NULL);
|
|
|
|
|
|
|
|
|
|
if (threading_set_cpu_affinity) {
|
|
|
|
|
TmThreadSetCPUAffinity(tv_rreject, 0);
|
|
|
|
|
TmThreadSetCPUAffinity(tv_verdict, 0);
|
|
|
|
|
if (ncpus > 1)
|
|
|
|
|
TmThreadSetThreadPriority(tv_rreject, PRIO_MEDIUM);
|
|
|
|
|
TmThreadSetThreadPriority(tv_verdict, PRIO_MEDIUM);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (TmThreadSpawn(tv_rreject) != TM_ECODE_OK) {
|
|
|
|
|
if (TmThreadSpawn(tv_verdict) != TM_ECODE_OK) {
|
|
|
|
|
printf("ERROR: TmThreadSpawn failed\n");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ThreadVars *tv_outputs = TmThreadCreatePacketHandler("Outputs",
|
|
|
|
|
"alert-queue1", "simple", "packetpool", "packetpool", "varslot");
|
|
|
|
|
"alert-queue", "simple", "packetpool", "packetpool", "varslot");
|
|
|
|
|
|
|
|
|
|
if (threading_set_cpu_affinity) {
|
|
|
|
|
TmThreadSetCPUAffinity(tv_outputs, 0);
|
|
|
|
|
|
Victor Julien
15 years ago