|
|
|
@ -241,9 +241,16 @@ static void SignalHandlerSigterm(/*@unused@*/ int sig) {
|
|
|
|
suricata_ctl_flags |= SURICATA_KILL;
|
|
|
|
suricata_ctl_flags |= SURICATA_KILL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void SignalHandlerSigusr2Disabled(int sig)
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
SCLogInfo("Live rule reload not enabled in config.");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void SignalHandlerSigusr2SigFileStartup(int sig)
|
|
|
|
void SignalHandlerSigusr2SigFileStartup(int sig)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
SCLogInfo("Live rule not possible if -s or -S option used at runtime.");
|
|
|
|
SCLogInfo("Live rule reload not possible if -s or -S option used at runtime.");
|
|
|
|
|
|
|
|
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@ -255,7 +262,7 @@ static void SignalHandlerSigusr2Idle(int sig)
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
SCLogInfo("Hang on buddy! Ruleset load in progress. New ruleset load "
|
|
|
|
SCLogInfo("Ruleset load in progress. New ruleset load "
|
|
|
|
"allowed after current is done");
|
|
|
|
"allowed after current is done");
|
|
|
|
|
|
|
|
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
@ -677,6 +684,7 @@ int main(int argc, char **argv)
|
|
|
|
uint32_t groupid = 0;
|
|
|
|
uint32_t groupid = 0;
|
|
|
|
#endif /* OS_WIN32 */
|
|
|
|
#endif /* OS_WIN32 */
|
|
|
|
int build_info = 0;
|
|
|
|
int build_info = 0;
|
|
|
|
|
|
|
|
int rule_reload = 0;
|
|
|
|
|
|
|
|
|
|
|
|
char *log_dir;
|
|
|
|
char *log_dir;
|
|
|
|
#ifdef OS_WIN32
|
|
|
|
#ifdef OS_WIN32
|
|
|
|
@ -1262,6 +1270,17 @@ int main(int argc, char **argv)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ConfNode *denode = NULL;
|
|
|
|
|
|
|
|
ConfNode *decnf = ConfGetNode("detect-engine");
|
|
|
|
|
|
|
|
if (decnf != NULL) {
|
|
|
|
|
|
|
|
TAILQ_FOREACH(denode, &decnf->head, next) {
|
|
|
|
|
|
|
|
if (strcmp(denode->val, "rule-reload") == 0) {
|
|
|
|
|
|
|
|
(void)ConfGetChildValueBool(denode, "rule-reload", &rule_reload);
|
|
|
|
|
|
|
|
SCLogInfo("Live rule reloads %s", rule_reload ? "enabled" : "disabled");
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
AppLayerDetectProtoThreadInit();
|
|
|
|
AppLayerDetectProtoThreadInit();
|
|
|
|
@ -1459,10 +1478,14 @@ int main(int argc, char **argv)
|
|
|
|
|
|
|
|
|
|
|
|
AppLayerHtpNeedFileInspection();
|
|
|
|
AppLayerHtpNeedFileInspection();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (rule_reload) {
|
|
|
|
if (sig_file == NULL)
|
|
|
|
if (sig_file == NULL)
|
|
|
|
UtilSignalHandlerSetup(SIGUSR2, SignalHandlerSigusr2Idle);
|
|
|
|
UtilSignalHandlerSetup(SIGUSR2, SignalHandlerSigusr2Idle);
|
|
|
|
else
|
|
|
|
else
|
|
|
|
UtilSignalHandlerSetup(SIGUSR2, SignalHandlerSigusr2SigFileStartup);
|
|
|
|
UtilSignalHandlerSetup(SIGUSR2, SignalHandlerSigusr2SigFileStartup);
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
UtilSignalHandlerSetup(SIGUSR2, SignalHandlerSigusr2Disabled);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#ifdef UNITTESTS
|
|
|
|
#ifdef UNITTESTS
|
|
|
|
|
|
|
|
|
|
|
|
@ -1687,7 +1710,7 @@ int main(int argc, char **argv)
|
|
|
|
|
|
|
|
|
|
|
|
/* registering singal handlers we use. We register usr2 here, so that one
|
|
|
|
/* registering singal handlers we use. We register usr2 here, so that one
|
|
|
|
* can't call it during the first sig load phase */
|
|
|
|
* can't call it during the first sig load phase */
|
|
|
|
if (sig_file == NULL)
|
|
|
|
if (sig_file == NULL && rule_reload == 1)
|
|
|
|
UtilSignalHandlerSetup(SIGUSR2, SignalHandlerSigusr2);
|
|
|
|
UtilSignalHandlerSetup(SIGUSR2, SignalHandlerSigusr2);
|
|
|
|
|
|
|
|
|
|
|
|
#ifdef PROFILING
|
|
|
|
#ifdef PROFILING
|
|
|
|
@ -1877,6 +1900,7 @@ int main(int argc, char **argv)
|
|
|
|
(((1000000 + end_time.tv_usec - start_time.tv_usec) / 1000) - 1000);
|
|
|
|
(((1000000 + end_time.tv_usec - start_time.tv_usec) / 1000) - 1000);
|
|
|
|
SCLogInfo("time elapsed %.3fs", (float)milliseconds/(float)1000);
|
|
|
|
SCLogInfo("time elapsed %.3fs", (float)milliseconds/(float)1000);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (rule_reload == 1) {
|
|
|
|
/* Disable detect threads first. This is required by live rule swap */
|
|
|
|
/* Disable detect threads first. This is required by live rule swap */
|
|
|
|
TmThreadDisableDetectThreads();
|
|
|
|
TmThreadDisableDetectThreads();
|
|
|
|
|
|
|
|
|
|
|
|
@ -1891,6 +1915,7 @@ int main(int argc, char **argv)
|
|
|
|
SCLogInfo("Received notification that live rule swap is done. "
|
|
|
|
SCLogInfo("Received notification that live rule swap is done. "
|
|
|
|
"Continuing with engine/threads shutdown");
|
|
|
|
"Continuing with engine/threads shutdown");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
DetectEngineCtx *global_de_ctx = DetectEngineGetGlobalDeCtx();
|
|
|
|
DetectEngineCtx *global_de_ctx = DetectEngineGetGlobalDeCtx();
|
|
|
|
BUG_ON(global_de_ctx == NULL);
|
|
|
|
BUG_ON(global_de_ctx == NULL);
|
|
|
|
|
Victor Julien
13 years ago