modify runmodes to take all arguments from the conf API

15 years ago · d7c707e656
parent a165d45da9
commit d7c707e656
17 changed files with 102 additions and 55 deletions
--- a/src/runmode-erf-dag.c
+++ b/src/runmode-erf-dag.c
@ -45,7 +45,7 @@
 * \param   file
 * \notes   Currently only supports a single interface.
 */
-int RunModeErfDagAuto(DetectEngineCtx *de_ctx, char *file)
+int RunModeErfDagAuto(DetectEngineCtx *de_ctx)
 {
    SCEnter();
    char tname[12];
@ -56,7 +56,13 @@ int RunModeErfDagAuto(DetectEngineCtx *de_ctx, char *file)

    RunModeInitialize();

-    SCLogDebug("file %s", file);
+    char *iface = NULL;
+    if (ConfGet("runmode_erf_dag.iface", &iface) == 0) {
+        SCLogError(SC_ERR_RUNMODE, "Failed retrieving pcap_file from Conf");
+        exit(EXIT_FAILURE);
+    }
+    SCLogDebug("iface %s", iface);
+
    TimeModeSetOffline();

    /* @TODO/JNM: We need to create a separate processing pipeliine for each
@ -77,7 +83,7 @@ int RunModeErfDagAuto(DetectEngineCtx *de_ctx, char *file)
        printf("ERROR: TmModuleGetByName failed for ReceiveErfDag\n");
        exit(EXIT_FAILURE);
    }
-    Tm1SlotSetFunc(tv_receiveerf, tm_module, file);
+    Tm1SlotSetFunc(tv_receiveerf, tm_module, iface);

    if (threading_set_cpu_affinity) {
        TmThreadSetCPUAffinity(tv_receiveerf, 0);
--- a/src/runmode-erf-dag.h
+++ b/src/runmode-erf-dag.h
@ -23,6 +23,6 @@
 #ifndef __RUNMODE_ERF_DAG_H__
 #define __RUNMODE_ERF_DAG_H__

-int RunModeErfDagAuto(DetectEngineCtx *, char *);
+int RunModeErfDagAuto(DetectEngineCtx *);

 #endif /* __RUNMODE_ERF_DAG_H__ */
--- a/src/runmode-erf-file.c
+++ b/src/runmode-erf-file.c
@ -37,7 +37,7 @@
 #include "util-cpu.h"
 #include "util-affinity.h"

-int RunModeErfFileAuto(DetectEngineCtx *de_ctx, char *file)
+int RunModeErfFileAuto(DetectEngineCtx *de_ctx)
 {
    SCEnter();
    char tname[12];
@ -48,6 +48,12 @@ int RunModeErfFileAuto(DetectEngineCtx *de_ctx, char *file)

    RunModeInitialize();

+    char *file = NULL;
+    if (ConfGet("runmode_erf_file.file", &file) == 0) {
+        SCLogError(SC_ERR_RUNMODE, "Failed retrieving runmode_erf_file.file "
+                   "from Conf");
+        exit(EXIT_FAILURE);
+    }
    SCLogDebug("file %s", file);
    TimeModeSetOffline();

--- a/src/runmode-erf-file.h
+++ b/src/runmode-erf-file.h
@ -23,6 +23,6 @@
 #ifndef __RUNMODE_ERF_FILE_H__
 #define __RUNMODE_ERF_FILE_H__

-int RunModeErfFileAuto(DetectEngineCtx *, char *);
+int RunModeErfFileAuto(DetectEngineCtx *);

 #endif /* __RUNMODE_ERF_FILE_H__ */
--- a/src/runmode-nfq.c
+++ b/src/runmode-nfq.c
@ -56,7 +56,7 @@
 * \retval 0 if all goes well. (If any problem is detected the engine will
 *           exit())
 */
-int RunModeIpsNFQAuto(DetectEngineCtx *de_ctx, char *nfq_id) {
+int RunModeIpsNFQAuto(DetectEngineCtx *de_ctx) {
    SCEnter();
 #ifdef NFQ
    char tname[16];
--- a/src/runmode-nfq.h
+++ b/src/runmode-nfq.h
@ -23,6 +23,6 @@
 #ifndef __RUNMODE_NFQ_H__
 #define __RUNMODE_NFQ_H__

-int RunModeIpsNFQAuto(DetectEngineCtx *, char *);
+int RunModeIpsNFQAuto(DetectEngineCtx *);

 #endif /* __RUNMODE_NFQ_H__ */
--- a/src/runmode-pcap-file.c
+++ b/src/runmode-pcap-file.c
@ -40,8 +40,14 @@
 /**
 * \brief Single thread version of the Pcap file processing.
 */
-int RunModeFilePcap2(DetectEngineCtx *de_ctx, char *file) {
+int RunModeFilePcap2(DetectEngineCtx *de_ctx) {
+    char *file = NULL;
+    if (ConfGet("runmode_pcap_file.file", &file) == 0) {
+        SCLogError(SC_ERR_RUNMODE, "Failed retrieving pcap_file from Conf");
+        exit(EXIT_FAILURE);
+    }
    printf("RunModeFilePcap2: file %s\n", file);
+
    TimeModeSetOffline();

    /* create the threads */
@ -107,7 +113,7 @@ int RunModeFilePcap2(DetectEngineCtx *de_ctx, char *file) {
 * \retval 0 if all goes well. (If any problem is detected the engine will
 *           exit())
 */
-int RunModeFilePcapAuto(DetectEngineCtx *de_ctx, char *file) {
+int RunModeFilePcapAuto(DetectEngineCtx *de_ctx) {
    SCEnter();
    char tname[16];
    uint16_t cpu = 0;
@ -117,7 +123,13 @@ int RunModeFilePcapAuto(DetectEngineCtx *de_ctx, char *file) {
    /* Available cpus */
    uint16_t ncpus = UtilCpuGetNumProcessorsOnline();

+    char *file = NULL;
+    if (ConfGet("runmode_pcap_file.file", &file) == 0) {
+        SCLogError(SC_ERR_RUNMODE, "Failed retrieving pcap_file from Conf");
+        exit(EXIT_FAILURE);
+    }
    SCLogDebug("file %s", file);
+
    TimeModeSetOffline();

    /* create the threads */
@ -355,7 +367,7 @@ int RunModeFilePcapAuto(DetectEngineCtx *de_ctx, char *file) {
 * \retval 0 if all goes well. (If any problem is detected the engine will
 *           exit())
 */
-int RunModeFilePcapAutoFp(DetectEngineCtx *de_ctx, char *file) {
+int RunModeFilePcapAutoFp(DetectEngineCtx *de_ctx) {
    SCEnter();
    char tname[12];
    char qname[12];
@ -389,7 +401,13 @@ int RunModeFilePcapAutoFp(DetectEngineCtx *de_ctx, char *file) {
    }
    printf("queues %s\n", queues);

+    char *file = NULL;
+    if (ConfGet("runmode_pcap_file.file", &file) == 0) {
+        SCLogError(SC_ERR_RUNMODE, "Failed retrieving pcap_file from Conf");
+        exit(EXIT_FAILURE);
+    }
    SCLogDebug("file %s", file);
+
    TimeModeSetOffline();

    /* create the threads */
--- a/src/runmode-pcap-file.h
+++ b/src/runmode-pcap-file.h
@ -23,8 +23,8 @@
 #ifndef __RUNMODE_PCAP_FILE_H__
 #define __RUNMODE_PCAP_FILE_H__

-int RunModeFilePcap2(DetectEngineCtx *, char *);
-int RunModeFilePcapAuto(DetectEngineCtx *, char *);
-int RunModeFilePcapAutoFp(DetectEngineCtx *de_ctx, char *file);
+int RunModeFilePcap2(DetectEngineCtx *);
+int RunModeFilePcapAuto(DetectEngineCtx *);
+int RunModeFilePcapAutoFp(DetectEngineCtx *de_ctx);

 #endif /* __RUNMODE_PCAP_FILE_H__ */
--- a/src/runmode-pcap.c
+++ b/src/runmode-pcap.c
@ -52,12 +52,10 @@
 *        except the Detection threads if we have more than one cpu
 *
 * \param de_ctx pointer to the Detection Engine
- * \param iface pointer to the name of the interface from which we will
- *              fetch the packets
 * \retval 0 if all goes well. (If any problem is detected the engine will
 *           exit())
 */
-int RunModeIdsPcapAuto(DetectEngineCtx *de_ctx, char *iface) {
+int RunModeIdsPcapAuto(DetectEngineCtx *de_ctx) {
    SCEnter();
    /* tname = Detect + cpuid, this is 11bytes length as max */
    char tname[16];
@ -73,6 +71,16 @@ int RunModeIdsPcapAuto(DetectEngineCtx *de_ctx, char *iface) {
    int npcap = PcapLiveGetDeviceCount();

    if (npcap == 1) {
+        char *pcap_dev = NULL;
+        if (ConfGet("runmode_pcap.single_pcap_dev", &pcap_dev) == 0) {
+            SCLogError(SC_ERR_RUNMODE, "Failed retrieving "
+                       "runmode_pcap.single_pcap_dev from Conf");
+            exit(EXIT_FAILURE);
+        }
+        SCLogDebug("pcap_dev %s", pcap_dev);
+
+        char *pcap_devc = SCStrdup(pcap_dev);
+
        /* create the threads */
        ThreadVars *tv_receivepcap = TmThreadCreatePacketHandler("ReceivePcap","packetpool","packetpool","pickup-queue","simple","1slot");
        if (tv_receivepcap == NULL) {
@ -84,7 +92,7 @@ int RunModeIdsPcapAuto(DetectEngineCtx *de_ctx, char *iface) {
            printf("ERROR: TmModuleGetByName failed for ReceivePcap\n");
            exit(EXIT_FAILURE);
        }
-        Tm1SlotSetFunc(tv_receivepcap,tm_module,(void *)iface);
+        Tm1SlotSetFunc(tv_receivepcap,tm_module,(void *)pcap_devc);

        TmThreadSetCPU(tv_receivepcap, RECEIVE_CPU_SET);

--- a/src/runmode-pcap.h
+++ b/src/runmode-pcap.h
@ -23,6 +23,6 @@
 #ifndef __RUNMODE_PCAP_H__
 #define __RUNMODE_PCAP_H__

-int RunModeIdsPcapAuto(DetectEngineCtx *, char *);
+int RunModeIdsPcapAuto(DetectEngineCtx *);

 #endif /* __RUNMODE_PCAP_H__ */
--- a/src/runmode-pfring.c
+++ b/src/runmode-pfring.c
@ -54,11 +54,10 @@
 *        except the Detection threads if we have more than one cpu
 *
 * \param de_ctx pointer to the Detection Engine
- * \param iface pointer to the name of the network interface to listen packets
 * \retval 0 if all goes well. (If any problem is detected the engine will
 *           exit())
 */
-int RunModeIdsPfringAuto(DetectEngineCtx *de_ctx, char *iface) {
+int RunModeIdsPfringAuto(DetectEngineCtx *de_ctx) {
    SCEnter();
    char tname[12];
    uint16_t cpu = 0;
@ -81,7 +80,7 @@ int RunModeIdsPfringAuto(DetectEngineCtx *de_ctx, char *iface) {
        printf("ERROR: TmModuleGetByName failed for ReceivePfring\n");
        exit(EXIT_FAILURE);
    }
-    Tm1SlotSetFunc(tv_receivepfring,tm_module,(void *)iface);
+    Tm1SlotSetFunc(tv_receivepfring,tm_module, NULL);

    if (threading_set_cpu_affinity) {
        TmThreadSetCPUAffinity(tv_receivepfring, 0);
@ -245,7 +244,7 @@ int RunModeIdsPfringAuto(DetectEngineCtx *de_ctx, char *iface) {
    return 0;
 }

-int RunModeIdsPfringAutoFp(DetectEngineCtx *de_ctx, char *iface) {
+int RunModeIdsPfringAutoFp(DetectEngineCtx *de_ctx) {
    SCEnter();
    char tname[12];
    char qname[12];
@ -297,7 +296,7 @@ int RunModeIdsPfringAutoFp(DetectEngineCtx *de_ctx, char *iface) {
            printf("ERROR: TmModuleGetByName failed for ReceivePfring\n");
            exit(EXIT_FAILURE);
        }
-        TmVarSlotSetFuncAppend(tv_receive,tm_module,iface);
+        TmVarSlotSetFuncAppend(tv_receive,tm_module, NULL);

        tm_module = TmModuleGetByName("DecodePfring");
        if (tm_module == NULL) {
--- a/src/runmode-pfring.h
+++ b/src/runmode-pfring.h
@ -28,8 +28,8 @@
 /* We include only if pfring is enabled */
 #ifdef HAVE_PFRING

-int RunModeIdsPfringAuto(DetectEngineCtx *, char *);
-int RunModeIdsPfringAutoFp(DetectEngineCtx *de_ctx, char *iface);
+int RunModeIdsPfringAuto(DetectEngineCtx *);
+int RunModeIdsPfringAutoFp(DetectEngineCtx *de_ctx);

 #endif /* #ifdef HAVE_PFRING */

--- a/src/source-ipfw.c
+++ b/src/source-ipfw.c
@ -290,7 +290,7 @@ TmEcode ReceiveIPFWThreadInit(ThreadVars *tv, void *initdata, void **data) {
    SCEnter();

    /* divert socket port to listen/send on */
-    if ( (ConfGet("ipfw-divert-port", &tmpdivertport)) != 1 ) {
+    if ( (ConfGet("runmode_ipfw.ipfw_divert_port", &tmpdivertport)) != 1 ) {
        SCLogError(SC_ERR_IPFW_NOPORT,"Please supply an IPFW divert port");
        SCReturnInt(TM_ECODE_FAILED);

--- a/src/source-pfring.c
+++ b/src/source-pfring.c
@ -261,16 +261,16 @@ TmEcode ReceivePfringThreadInit(ThreadVars *tv, void *initdata, void **data) {
        return TM_ECODE_FAILED;
    memset(ptv, 0, sizeof(PfringThreadVars));

-    if (ConfGet("pfring.cluster-id", &tmpclusterid) != 1) {
-        SCLogError(SC_ERR_PF_RING_GET_CLUSTERID_FAILED,"could not get pfring.cluster-id");
+    if (ConfGet("runmode_pfring.cluster_id", &tmpclusterid) != 1) {
+        SCLogError(SC_ERR_PF_RING_GET_CLUSTERID_FAILED,"could not get runmode_pfring.cluster_id");
        return TM_ECODE_FAILED;
    } else {
        ptv->cluster_id = (uint8_t)atoi(tmpclusterid);
        SCLogDebug("Going to use cluster-id %" PRId32, ptv->cluster_id);
    }

-    if (ConfGet("pfring.interface", &ptv->interface) != 1) {
-        SCLogError(SC_ERR_PF_RING_GET_INTERFACE_FAILED,"Could not get pfring.interface");
+    if (ConfGet("runmode_pfring.interface", &ptv->interface) != 1) {
+        SCLogError(SC_ERR_PF_RING_GET_INTERFACE_FAILED,"Could not get runmode_pfring.interface");
        return TM_ECODE_FAILED;
    } else {
        SCLogDebug("going to use interface %s",ptv->interface);
@ -288,8 +288,8 @@ TmEcode ReceivePfringThreadInit(ThreadVars *tv, void *initdata, void **data) {
    }

 #ifdef HAVE_PFRING_CLUSTER_TYPE
-    if (ConfGet("pfring.cluster-type", &tmpctype) != 1) {
-        SCLogError(SC_ERR_GET_CLUSTER_TYPE_FAILED,"Could not get pfring.cluster-type");
+    if (ConfGet("runmode_pfring.cluster_type", &tmpctype) != 1) {
+        SCLogError(SC_ERR_GET_CLUSTER_TYPE_FAILED,"Could not get runmode_pfring.cluster_type");
        return TM_ECODE_FAILED;
    } else if (strcmp(tmpctype, "cluster_round_robin") == 0 || strcmp(tmpctype, "cluster_flow") == 0) {
        ptv->ctype = (cluster_type)tmpctype;
--- a/src/suricata.c
+++ b/src/suricata.c
@ -479,13 +479,11 @@ void SCPrintBuildInfo(void) {
 int main(int argc, char **argv)
 {
    int opt;
-    char *pcap_file = NULL;
    char pcap_dev[128];
 #ifdef HAVE_PFRING
    char *pfring_dev = NULL;
 #endif
    char *sig_file = NULL;
-    char *nfq_id = NULL;
    char *conf_filename = NULL;
    char *pid_filename = NULL;
 #ifdef UNITTESTS
@ -501,8 +499,6 @@ int main(int argc, char **argv)
    uint8_t do_setgid = FALSE;
    uint32_t userid = 0;
    uint32_t groupid = 0;
-    char *erf_file = NULL;
-    char *dag_input = NULL;
    int build_info = 0;

    char *log_dir;
@ -594,8 +590,8 @@ int main(int argc, char **argv)
 #ifdef HAVE_PFRING
                run_mode = RUNMODE_PFRING;
                if (optarg != NULL) {
-                    if (ConfSet("pfring.interface", optarg, 0) != 1) {
-                        fprintf(stderr, "ERROR: Failed to set pfring interface.\n");
+                    if (ConfSet("runmode_pfring.interface", optarg, 0) != 1) {
+                        fprintf(stderr, "ERROR: Failed to set runmode_pfring.interface.\n");
                        exit(EXIT_FAILURE);
                    }
                }
@ -607,8 +603,8 @@ int main(int argc, char **argv)
            }
            else if(strcmp((long_opts[option_index]).name , "pfring-cluster-id") == 0){
 #ifdef HAVE_PFRING
-                if (ConfSet("pfring.cluster-id", optarg, 0) != 1) {
-                    fprintf(stderr, "ERROR: Failed to set pfring cluster-id.\n");
+                if (ConfSet("runmode_pfring.cluster_id", optarg, 0) != 1) {
+                    fprintf(stderr, "ERROR: Failed to set runmode_pfring.cluster_id.\n");
                    exit(EXIT_FAILURE);
                }
 #else
@ -619,8 +615,8 @@ int main(int argc, char **argv)
            }
            else if(strcmp((long_opts[option_index]).name , "pfring-cluster-type") == 0){
 #ifdef HAVE_PFRING
-                if (ConfSet("pfring.cluster-type", optarg, 0) != 1) {
-                    fprintf(stderr, "ERROR: Failed to set pfring cluster-type.\n");
+                if (ConfSet("runmode_pfring.cluster_type", optarg, 0) != 1) {
+                    fprintf(stderr, "ERROR: Failed to set runmode_pfring.cluster_type.\n");
                    exit(EXIT_FAILURE);
                }
 #else
@ -711,12 +707,18 @@ int main(int argc, char **argv)
            }
            else if (strcmp((long_opts[option_index]).name, "erf-in") == 0) {
                run_mode = RUNMODE_ERF_FILE;
-                erf_file = optarg;
+                if (ConfSet("runmode_erf_file.file", optarg, 0) != 1) {
+                    fprintf(stderr, "ERROR: Failed to set runmode_erf_file.file\n");
+                    exit(EXIT_FAILURE);
+                }
            }
 			else if (strcmp((long_opts[option_index]).name, "dag") == 0) {
 #ifdef HAVE_DAG
 				run_mode = RUNMODE_DAG;
-				dag_input = optarg;
+                if (ConfSet("runmode_erf_dag.iface", optarg, 0) != 1) {
+                    fprintf(stderr, "ERROR: Failed to set runmode_erf_dag.iface\n");
+                    exit(EXIT_FAILURE);
+                }
 #else
 				SCLogError(SC_ERR_DAG_REQUIRED, "libdag and a DAG card are required"
 						" to receieve packets using --dag.");
@ -802,7 +804,6 @@ int main(int argc, char **argv)
                usage(argv[0]);
                exit(EXIT_FAILURE);
            }
-            nfq_id = optarg;
 #else
            SCLogError(SC_ERR_NFQ_NOSUPPORT,"NFQUEUE not enabled. Make sure to pass --enable-nfqueue to configure when building.");
            exit(EXIT_FAILURE);
@ -819,7 +820,7 @@ int main(int argc, char **argv)
                usage(argv[0]);
                exit(EXIT_SUCCESS);
            }
-            if (ConfSet("ipfw-divert-port", optarg, 0) != 1) {
+            if (ConfSet("runmode_ipfw.ipfw_divert_port", optarg, 0) != 1) {
                fprintf(stderr, "ERROR: Failed to set ipfw_divert_port\n");
                exit(EXIT_FAILURE);
            }
@ -837,7 +838,10 @@ int main(int argc, char **argv)
                usage(argv[0]);
                exit(EXIT_SUCCESS);
            }
-            pcap_file = optarg;
+            if (ConfSet("runmode_pcap_file.file", optarg, 0) != 1) {
+                fprintf(stderr, "ERROR: Failed to set runmode_pcap_file.file\n");
+                exit(EXIT_FAILURE);
+            }
            break;
        case 's':
            sig_file = optarg;
@ -1289,12 +1293,16 @@ int main(int argc, char **argv)
        //RunModeIdsPcap2(de_ctx, pcap_dev);
        //RunModeIdsPcap(de_ctx, pcap_dev);
        PcapTranslateIPToDevice(pcap_dev, sizeof(pcap_dev));
-        RunModeIdsPcapAuto(de_ctx, pcap_dev);
+        if (ConfSet("runmode_pcap.single_pcap_dev", pcap_dev, 0) != 1) {
+            fprintf(stderr, "ERROR: Failed to set runmode_pcap.single_pcap_dev\n");
+            exit(EXIT_FAILURE);
+        }
+        RunModeIdsPcapAuto(de_ctx);
    }
    else if (run_mode == RUNMODE_PCAP_FILE) {
        //RunModeFilePcap(de_ctx, pcap_file);
        //RunModeFilePcap2(de_ctx, pcap_file);
-        RunModeFilePcapAuto(de_ctx, pcap_file);
+        RunModeFilePcapAuto(de_ctx);
        //RunModeFilePcapAutoFp(de_ctx, pcap_file);
        //RunModeFilePcapAuto2(de_ctx, pcap_file);
    }
@ -1306,25 +1314,25 @@ int main(int argc, char **argv)
        //RunModeIdsPfring(de_ctx, pfring_dev);
        //RunModeIdsPfring4(de_ctx, pfring_dev);
        if (PfringConfGetThreads() == 1) {
-            RunModeIdsPfringAuto(de_ctx, pfring_dev);
+            RunModeIdsPfringAuto(de_ctx);
        } else {
-            RunModeIdsPfringAutoFp(de_ctx, pfring_dev);
+            RunModeIdsPfringAutoFp(de_ctx);
        }
    }
 #endif /* HAVE_PFRING */
    else if (run_mode == RUNMODE_NFQ) {
        //RunModeIpsNFQ(de_ctx, nfq_id);
-        RunModeIpsNFQAuto(de_ctx, nfq_id);
+        RunModeIpsNFQAuto(de_ctx);
    }
    else if (run_mode == RUNMODE_IPFW) {
        //RunModeIpsIPFW(de_ctx);
        RunModeIpsIPFWAuto(de_ctx);
    }
    else if (run_mode == RUNMODE_ERF_FILE) {
-        RunModeErfFileAuto(de_ctx, erf_file);
+        RunModeErfFileAuto(de_ctx);
    }
    else if (run_mode == RUNMODE_DAG) {
-        RunModeErfDagAuto(de_ctx, dag_input);
+        RunModeErfDagAuto(de_ctx);
    }
    else {
        SCLogError(SC_ERR_UNKNOWN_RUN_MODE, "Unknown runtime mode. Aborting");
--- a/src/util-error.c
+++ b/src/util-error.c
@ -203,6 +203,7 @@ const char * SCErrorToString(SCError err)
        CASE_CODE (SC_ERR_HTTP_COOKIE_RELATIVE_MISSING);
        CASE_CODE (SC_ERR_LOGPCAP_SGUIL_BASE_DIR_MISSING);
        CASE_CODE (SC_ERR_UNKNOWN_DECODE_EVENT);
+        CASE_CODE (SC_ERR_RUNMODE);

        default:
            return "UNKNOWN_ERROR";
--- a/src/util-error.h
+++ b/src/util-error.h
@ -214,6 +214,7 @@ typedef enum {
    SC_ERR_HTTP_COOKIE_RELATIVE_MISSING,
    SC_ERR_LOGPCAP_SGUIL_BASE_DIR_MISSING,
    SC_ERR_UNKNOWN_DECODE_EVENT,
+    SC_ERR_RUNMODE,
 } SCError;

 const char *SCErrorToString(SCError);