From f6af567ce0097068d2d2664380abce2b97eda724 Mon Sep 17 00:00:00 2001 From: Anoop Saldanha Date: Thu, 24 Mar 2011 17:10:30 +0530 Subject: [PATCH] move pcap live runmode into its own file runmode-pcap.[ch] --- src/Makefile.am | 1 + src/runmode-pcap.c | 343 +++++++++ src/runmode-pcap.h | 28 + src/runmodes.c | 1790 ++++++++++++-------------------------------- src/runmodes.h | 8 +- 5 files changed, 859 insertions(+), 1311 deletions(-) create mode 100644 src/runmode-pcap.c create mode 100644 src/runmode-pcap.h diff --git a/src/Makefile.am b/src/Makefile.am index 1e7314ebed..7e6b62fc91 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -7,6 +7,7 @@ noinst_HEADERS = action-globals.h \ bin_PROGRAMS = suricata suricata_SOURCES = suricata.c suricata.h \ runmodes.c runmodes.h \ +runmode-pcap.c runmode-pcap.h \ packet-queue.c packet-queue.h \ data-queue.c data-queue.h \ threads.c threads.h \ diff --git a/src/runmode-pcap.c b/src/runmode-pcap.c new file mode 100644 index 0000000000..26b8960206 --- /dev/null +++ b/src/runmode-pcap.c @@ -0,0 +1,343 @@ +/* Copyright (C) 2007-2010 Open Information Security Foundation + * + * You can copy, redistribute or modify this Program under the terms of + * the GNU General Public License version 2 as published by the Free + * Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * version 2 along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +#include "suricata-common.h" +#include "tm-threads.h" +#include "conf.h" +#include "runmodes.h" +#include "log-httplog.h" +#include "output.h" +#include "cuda-packet-batcher.h" +#include "source-pfring.h" + +#include "alert-fastlog.h" +#include "alert-prelude.h" +#include "alert-unified-log.h" +#include "alert-unified-alert.h" +#include "alert-unified2-alert.h" +#include "alert-debuglog.h" + +#include "util-debug.h" +#include "util-time.h" +#include "util-cpu.h" +#include "util-affinity.h" + + +/** + * \brief RunModeIdsPcapAuto set up the following thread packet handlers: + * - Receive thread (from iface pcap) + * - Decode thread + * - Stream thread + * - Detect: If we have only 1 cpu, it will setup one Detect thread + * If we have more than one, it will setup num_cpus - 1 + * starting from the second cpu available. + * - Respond/Reject thread + * - Outputs thread + * By default the threads will use the first cpu available + * except the Detection threads if we have more than one cpu + * + * \param de_ctx pointer to the Detection Engine + * \param iface pointer to the name of the interface from which we will + * fetch the packets + * \retval 0 if all goes well. (If any problem is detected the engine will + * exit()) + */ +int RunModeIdsPcapAuto(DetectEngineCtx *de_ctx, char *iface) { + SCEnter(); + /* tname = Detect + cpuid, this is 11bytes length as max */ + char tname[16]; + uint16_t cpu = 0; + TmModule *tm_module; + uint16_t thread; + + RunModeInitialize(); + TimeModeSetLive(); + + /* Available cpus */ + uint16_t ncpus = UtilCpuGetNumProcessorsOnline(); + int npcap = PcapLiveGetDeviceCount(); + + if (npcap == 1) { + /* create the threads */ + ThreadVars *tv_receivepcap = TmThreadCreatePacketHandler("ReceivePcap","packetpool","packetpool","pickup-queue","simple","1slot"); + if (tv_receivepcap == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); + exit(EXIT_FAILURE); + } + tm_module = TmModuleGetByName("ReceivePcap"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName failed for ReceivePcap\n"); + exit(EXIT_FAILURE); + } + Tm1SlotSetFunc(tv_receivepcap,tm_module,(void *)iface); + + TmThreadSetCPU(tv_receivepcap, RECEIVE_CPU_SET); + + if (TmThreadSpawn(tv_receivepcap) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } + } else { + SCLogInfo("Using %d pcap device(s).", npcap); + + for (thread = 0; thread < npcap; thread++) { + char *pcap_dev = PcapLiveGetDevice(thread); + if (pcap_dev == NULL) { + printf("Failed to lookup pcap dev %d\n", thread); + exit(EXIT_FAILURE); + } + SCLogDebug("pcap_dev %s", pcap_dev); + + snprintf(tname, sizeof(tname),"RecvPcap-%s", pcap_dev); + char *tnamec = SCStrdup(tname); + char *pcap_devc = SCStrdup(pcap_dev); + + /* create the threads */ + ThreadVars *tv_receivepcap = TmThreadCreatePacketHandler(tnamec,"packetpool","packetpool","pickup-queue","simple","1slot"); + if (tv_receivepcap == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); + exit(EXIT_FAILURE); + } + tm_module = TmModuleGetByName("ReceivePcap"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName failed for ReceivePcap\n"); + exit(EXIT_FAILURE); + } + Tm1SlotSetFunc(tv_receivepcap,tm_module,(void *)pcap_devc); + + TmThreadSetCPU(tv_receivepcap, RECEIVE_CPU_SET); + + if (TmThreadSpawn(tv_receivepcap) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } + } + } + +#if defined(__SC_CUDA_SUPPORT__) + if (PatternMatchDefaultMatcher() == MPM_B2G_CUDA) { + ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode", + "pickup-queue", "simple", + "decode-queue1", "simple", + "1slot"); + if (tv_decode1 == NULL) { + printf("ERROR: TmThreadsCreate failed for Decode1\n"); + exit(EXIT_FAILURE); + } + tm_module = TmModuleGetByName("DecodePcap"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName DecodePcap failed\n"); + exit(EXIT_FAILURE); + } + Tm1SlotSetFunc(tv_decode1, tm_module, NULL); + + TmThreadSetCPU(tv_decode1, DECODE_CPU_SET); + + if (TmThreadSpawn(tv_decode1) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } + + ThreadVars *tv_cuda_PB = TmThreadCreate("CUDA_PB", + "decode-queue1", "simple", + "cuda-pb-queue1", "simple", + "custom", SCCudaPBTmThreadsSlot1, 0); + if (tv_cuda_PB == NULL) { + printf("ERROR: TmThreadsCreate failed for CUDA_PB\n"); + exit(EXIT_FAILURE); + } + tv_cuda_PB->type = TVT_PPT; + + tm_module = TmModuleGetByName("CudaPacketBatcher"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName CudaPacketBatcher failed\n"); + exit(EXIT_FAILURE); + } + Tm1SlotSetFunc(tv_cuda_PB, tm_module, (void *)de_ctx); + + + TmThreadSetCPU(tv_cuda_PB, DETECT_CPU_SET); + + if (TmThreadSpawn(tv_cuda_PB) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } + + ThreadVars *tv_stream1 = TmThreadCreatePacketHandler("Stream1", + "cuda-pb-queue1", "simple", + "stream-queue1", "simple", + "1slot"); + if (tv_stream1 == NULL) { + printf("ERROR: TmThreadsCreate failed for Stream1\n"); + exit(EXIT_FAILURE); + } + tm_module = TmModuleGetByName("StreamTcp"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + exit(EXIT_FAILURE); + } + Tm1SlotSetFunc(tv_stream1,tm_module,NULL); + + TmThreadSetCPU(tv_stream1, STREAM_CPU_SET); + + if (TmThreadSpawn(tv_stream1) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } + } else { + ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode & Stream", + "pickup-queue", "simple", + "stream-queue1", "simple", + "varslot"); + if (tv_decode1 == NULL) { + printf("ERROR: TmThreadsCreate failed for Decode1\n"); + exit(EXIT_FAILURE); + } + tm_module = TmModuleGetByName("DecodePcap"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName DecodePcap failed\n"); + exit(EXIT_FAILURE); + } + TmVarSlotSetFuncAppend(tv_decode1,tm_module,NULL); + + tm_module = TmModuleGetByName("StreamTcp"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + exit(EXIT_FAILURE); + } + TmVarSlotSetFuncAppend(tv_decode1,tm_module,NULL); + + TmThreadSetCPU(tv_decode1, DECODE_CPU_SET); + + if (TmThreadSpawn(tv_decode1) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } + } +#else +//#if 0 + //ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode & Stream","pickup-queue","simple","packetpool","packetpool","varslot"); + ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode & Stream","pickup-queue","simple","stream-queue1","simple","varslot"); + if (tv_decode1 == NULL) { + printf("ERROR: TmThreadsCreate failed for Decode1\n"); + exit(EXIT_FAILURE); + } + tm_module = TmModuleGetByName("DecodePcap"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName DecodePcap failed\n"); + exit(EXIT_FAILURE); + } + TmVarSlotSetFuncAppend(tv_decode1,tm_module,NULL); + + tm_module = TmModuleGetByName("StreamTcp"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + exit(EXIT_FAILURE); + } + TmVarSlotSetFuncAppend(tv_decode1,tm_module,NULL); + + TmThreadSetCPU(tv_decode1, DECODE_CPU_SET); + + if (TmThreadSpawn(tv_decode1) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } +#endif + /* start with cpu 1 so that if we're creating an odd number of detect + * threads we're not creating the most on CPU0. */ + if (ncpus > 0) + cpu = 1; + + /* always create at least one thread */ + int thread_max = TmThreadGetNbThreads(DETECT_CPU_SET); + if (thread_max == 0) + thread_max = ncpus * threading_detect_ratio; + if (thread_max < 1) + thread_max = 1; + + for (thread = 0; thread < thread_max; thread++) { + snprintf(tname, sizeof(tname),"Detect%"PRIu16, thread+1); + if (tname == NULL) + break; + + char *thread_name = SCStrdup(tname); + SCLogDebug("Assigning %s affinity to cpu %u", thread_name, cpu); + + ThreadVars *tv_detect_ncpu = TmThreadCreatePacketHandler(thread_name,"stream-queue1","simple","verdict-queue","simple","1slot"); + if (tv_detect_ncpu == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); + exit(EXIT_FAILURE); + } + tm_module = TmModuleGetByName("Detect"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName Detect failed\n"); + exit(EXIT_FAILURE); + } + Tm1SlotSetFunc(tv_detect_ncpu,tm_module,(void *)de_ctx); + + TmThreadSetCPU(tv_detect_ncpu, DETECT_CPU_SET); + + char *thread_group_name = SCStrdup("Detect"); + if (thread_group_name == NULL) { + printf("Error allocating memory\n"); + exit(EXIT_FAILURE); + } + tv_detect_ncpu->thread_group_name = thread_group_name; + + if (TmThreadSpawn(tv_detect_ncpu) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } + + if ((cpu + 1) == ncpus) + cpu = 0; + else + cpu++; + } + + ThreadVars *tv_rreject = TmThreadCreatePacketHandler("RespondReject","verdict-queue","simple","alert-queue","simple","1slot"); + if (tv_rreject == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); + exit(EXIT_FAILURE); + } + tm_module = TmModuleGetByName("RespondReject"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName for RespondReject failed\n"); + exit(EXIT_FAILURE); + } + Tm1SlotSetFunc(tv_rreject,tm_module,NULL); + + TmThreadSetCPU(tv_rreject, REJECT_CPU_SET); + + if (TmThreadSpawn(tv_rreject) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } + + ThreadVars *tv_outputs = TmThreadCreatePacketHandler("Outputs", + "alert-queue", "simple", "packetpool", "packetpool", "varslot"); + SetupOutputs(tv_outputs); + + TmThreadSetCPU(tv_outputs, OUTPUT_CPU_SET); + + if (TmThreadSpawn(tv_outputs) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } + + return 0; +} diff --git a/src/runmode-pcap.h b/src/runmode-pcap.h new file mode 100644 index 0000000000..c365b149d9 --- /dev/null +++ b/src/runmode-pcap.h @@ -0,0 +1,28 @@ +/* Copyright (C) 2007-2010 Open Information Security Foundation + * + * You can copy, redistribute or modify this Program under the terms of + * the GNU General Public License version 2 as published by the Free + * Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * version 2 along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +/** \file + * + * \author Victor Julien + */ + +#ifndef __RUNMODE_PCAP_H__ +#define __RUNMODE_PCAP_H__ + +int RunModeIdsPcapAuto(DetectEngineCtx *, char *); + +#endif /* __RUNMODE_PCAP_H__ */ diff --git a/src/runmodes.c b/src/runmodes.c index 1418fe0d4c..291b93749c 100644 --- a/src/runmodes.c +++ b/src/runmodes.c @@ -146,7 +146,7 @@ void RunModeInitializeOutputs(void) * \param tv The ThreadVars for the thread the outputs will be * appended to. */ -static void SetupOutputs(ThreadVars *tv) +void SetupOutputs(ThreadVars *tv) { RunModeOutput *output; TAILQ_FOREACH(output, &RunModeOutputs, entries) { @@ -155,12 +155,12 @@ static void SetupOutputs(ThreadVars *tv) } } -static float threading_detect_ratio = 1; +float threading_detect_ratio = 1; /** * Initialize the output modules. */ -static void RunModeInitialize(void) +void RunModeInitialize(void) { threading_set_cpu_affinity = FALSE; if ((ConfGetBool("threading.set_cpu_affinity", &threading_set_cpu_affinity)) == 0) { @@ -177,25 +177,25 @@ static void RunModeInitialize(void) SCLogDebug("threading_detect_ratio %f", threading_detect_ratio); } -int RunModeIdsPcap(DetectEngineCtx *de_ctx, char *iface) { +int RunModeIpsNFQ(DetectEngineCtx *de_ctx, char *nfq_id) { TimeModeSetLive(); char *thread_group_name = NULL; /* create the threads */ - ThreadVars *tv_receivepcap = TmThreadCreatePacketHandler("ReceivePcap","packetpool","packetpool","pickup-queue","simple","1slot_noinout"); - if (tv_receivepcap == NULL) { + ThreadVars *tv_receivenfq = TmThreadCreatePacketHandler("ReceiveNFQ","packetpool","packetpool","pickup-queue","simple","1slot_noinout"); + if (tv_receivenfq == NULL) { printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - TmModule *tm_module = TmModuleGetByName("ReceivePcap"); + TmModule *tm_module = TmModuleGetByName("ReceiveNFQ"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName failed for ReceivePcap\n"); + printf("ERROR: TmModuleGetByName failed for ReceiveNFQ\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_receivepcap,tm_module,(void *)iface); + Tm1SlotSetFunc(tv_receivenfq,tm_module,nfq_id); - if (TmThreadSpawn(tv_receivepcap) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_receivenfq) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } @@ -205,9 +205,9 @@ int RunModeIdsPcap(DetectEngineCtx *de_ctx, char *iface) { printf("ERROR: TmThreadsCreate failed for Decode1\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("DecodePcap"); + tm_module = TmModuleGetByName("DecodeNFQ"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodePcap failed\n"); + printf("ERROR: TmModuleGetByName DecodeNFQ failed\n"); exit(EXIT_FAILURE); } Tm1SlotSetFunc(tv_decode1,tm_module,NULL); @@ -282,7 +282,24 @@ int RunModeIdsPcap(DetectEngineCtx *de_ctx, char *iface) { exit(EXIT_FAILURE); } - ThreadVars *tv_rreject = TmThreadCreatePacketHandler("RespondReject","verdict-queue","simple","alert-queue1","simple","1slot"); + ThreadVars *tv_verdict = TmThreadCreatePacketHandler("Verdict","verdict-queue","simple","respond-queue","simple","1slot"); + if (tv_verdict == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); + exit(EXIT_FAILURE); + } + tm_module = TmModuleGetByName("VerdictNFQ"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName VerdictNFQ failed\n"); + exit(EXIT_FAILURE); + } + Tm1SlotSetFunc(tv_verdict,tm_module,nfq_id); + + if (TmThreadSpawn(tv_verdict) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } + + ThreadVars *tv_rreject = TmThreadCreatePacketHandler("RespondReject","respond-queue","simple","alert-queue1","simple","1slot"); if (tv_rreject == NULL) { printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); @@ -310,36 +327,36 @@ int RunModeIdsPcap(DetectEngineCtx *de_ctx, char *iface) { return 0; } -/** \brief Live pcap mode with 4 stream tracking and reassembly threads, testing the flow queuehandler */ -int RunModeIdsPcap2(DetectEngineCtx *de_ctx, char *iface) { - TimeModeSetLive(); +int RunModeFilePcap(DetectEngineCtx *de_ctx, char *file) { + SCLogDebug("file %s", file); + TimeModeSetOffline(); char *thread_group_name = NULL; /* create the threads */ - ThreadVars *tv_receivepcap = TmThreadCreatePacketHandler("ReceivePcap","packetpool","packetpool","pickup-queue","simple","1slot_noinout"); + ThreadVars *tv_receivepcap = TmThreadCreatePacketHandler("ReceivePcapFile","packetpool","packetpool","pickup-queue","simple","1slot"); if (tv_receivepcap == NULL) { printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - TmModule *tm_module = TmModuleGetByName("ReceivePcap"); + TmModule *tm_module = TmModuleGetByName("ReceivePcapFile"); if (tm_module == NULL) { printf("ERROR: TmModuleGetByName failed for ReceivePcap\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_receivepcap,tm_module,(void *)iface); + Tm1SlotSetFunc(tv_receivepcap,tm_module,file); if (TmThreadSpawn(tv_receivepcap) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode1","pickup-queue","simple","decode-queue1,decode-queue2,decode-queue3,decode-queue4","flow","1slot"); + ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode1","pickup-queue","simple","decode-queue1","simple","1slot"); if (tv_decode1 == NULL) { printf("ERROR: TmThreadsCreate failed for Decode1\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("DecodePcap"); + tm_module = TmModuleGetByName("DecodePcapFile"); if (tm_module == NULL) { printf("ERROR: TmModuleGetByName DecodePcap failed\n"); exit(EXIT_FAILURE); @@ -350,7 +367,7 @@ int RunModeIdsPcap2(DetectEngineCtx *de_ctx, char *iface) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - +//#if 0 ThreadVars *tv_stream1 = TmThreadCreatePacketHandler("Stream1","decode-queue1","simple","stream-queue1","simple","1slot"); if (tv_stream1 == NULL) { printf("ERROR: TmThreadsCreate failed for Stream1\n"); @@ -368,58 +385,9 @@ int RunModeIdsPcap2(DetectEngineCtx *de_ctx, char *iface) { exit(EXIT_FAILURE); } - ThreadVars *tv_stream2 = TmThreadCreatePacketHandler("Stream2","decode-queue2","simple","stream-queue1","simple","1slot"); - if (tv_stream2 == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream2\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("StreamTcp"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_stream2,tm_module,NULL); - - if (TmThreadSpawn(tv_stream2) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_stream3 = TmThreadCreatePacketHandler("Stream3","decode-queue3","simple","stream-queue2","simple","1slot"); - if (tv_stream3 == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("StreamTcp"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_stream3,tm_module,NULL); - - if (TmThreadSpawn(tv_stream3) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_stream4 = TmThreadCreatePacketHandler("Stream4","decode-queue4","simple","stream-queue2","simple","1slot"); - if (tv_stream4 == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("StreamTcp"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_stream4,tm_module,NULL); - - if (TmThreadSpawn(tv_stream4) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_detect1 = TmThreadCreatePacketHandler("Detect1","stream-queue1","simple","verdict-queue","simple","1slot"); + ThreadVars *tv_detect1 = TmThreadCreatePacketHandler("Detect1","stream-queue1","simple","alert-queue1","simple","1slot"); +//#endif + //ThreadVars *tv_detect1 = TmThreadCreate("Detect1","decode-queue1","simple","alert-queue1","simple","1slot"); if (tv_detect1 == NULL) { printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); @@ -443,7 +411,7 @@ int RunModeIdsPcap2(DetectEngineCtx *de_ctx, char *iface) { exit(EXIT_FAILURE); } - ThreadVars *tv_detect2 = TmThreadCreatePacketHandler("Detect2","stream-queue2","simple","verdict-queue","simple","1slot"); + ThreadVars *tv_detect2 = TmThreadCreatePacketHandler("Detect2","stream-queue1","simple","alert-queue1","simple","1slot"); if (tv_detect2 == NULL) { printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); @@ -467,35 +435,62 @@ int RunModeIdsPcap2(DetectEngineCtx *de_ctx, char *iface) { exit(EXIT_FAILURE); } - ThreadVars *tv_rreject = TmThreadCreatePacketHandler("RespondReject","verdict-queue","simple","alert-queue1","simple","1slot"); - if (tv_rreject == NULL) { + ThreadVars *tv_outputs = TmThreadCreatePacketHandler("Outputs", + "alert-queue1", "simple", "packetpool", "packetpool", "varslot"); + SetupOutputs(tv_outputs); + if (TmThreadSpawn(tv_outputs) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } + + return 0; +} + +/** + * \brief Single thread version of the Pcap file processing. + */ +int RunModeFilePcap2(DetectEngineCtx *de_ctx, char *file) { + printf("RunModeFilePcap2: file %s\n", file); + TimeModeSetOffline(); + + /* create the threads */ + ThreadVars *tv = TmThreadCreatePacketHandler("PcapFile","packetpool","packetpool","packetpool","packetpool","varslot"); + if (tv == NULL) { printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("RespondReject"); + + TmModule *tm_module = TmModuleGetByName("ReceivePcapFile"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName for RespondReject failed\n"); + printf("ERROR: TmModuleGetByName failed for ReceivePcap\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_rreject,tm_module,NULL); + TmVarSlotSetFuncAppend(tv,tm_module,file); - if (TmThreadSpawn(tv_rreject) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); + tm_module = TmModuleGetByName("DecodePcapFile"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName DecodePcap failed\n"); exit(EXIT_FAILURE); } + TmVarSlotSetFuncAppend(tv,tm_module,NULL); - ThreadVars *tv_outputs = TmThreadCreatePacketHandler("Outputs", - "alert-queue1", "simple", "packetpool", "packetpool", "varslot"); - SetupOutputs(tv_outputs); - if (TmThreadSpawn(tv_outputs) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); + tm_module = TmModuleGetByName("StreamTcp"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName StreamTcp failed\n"); exit(EXIT_FAILURE); } + TmVarSlotSetFuncAppend(tv,tm_module,NULL); - ThreadVars *tv_outputs1 = TmThreadCreatePacketHandler("Outputs1", - "alert-queue1", "simple", "packetpool", "packetpool", "varslot"); - SetupOutputs(tv_outputs1); - if (TmThreadSpawn(tv_outputs1) != TM_ECODE_OK) { + tm_module = TmModuleGetByName("Detect"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName Detect failed\n"); + exit(EXIT_FAILURE); + } + TmVarSlotSetFuncAppend(tv,tm_module,(void *)de_ctx); + + SetupOutputs(tv); + + if (TmThreadSpawn(tv) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } @@ -503,88 +498,82 @@ int RunModeIdsPcap2(DetectEngineCtx *de_ctx, char *iface) { return 0; } -/** \brief Live pcap mode with 4 stream tracking and reassembly threads, testing the flow queuehandler */ -int RunModeIdsPcap3(DetectEngineCtx *de_ctx, char *iface) { +int RunModeIdsPfring(DetectEngineCtx *de_ctx, char *iface) { TimeModeSetLive(); + char *thread_group_name = NULL; + /* create the threads */ - ThreadVars *tv_receivepcap = TmThreadCreatePacketHandler("ReceivePcap","packetpool","packetpool","pickup-queue","simple","1slot_noinout"); - if (tv_receivepcap == NULL) { + ThreadVars *tv_receivepfring = TmThreadCreatePacketHandler("ReceivePfring","packetpool","packetpool","pickup-queue1","simple","1slot"); + if (tv_receivepfring == NULL) { printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - TmModule *tm_module = TmModuleGetByName("ReceivePcap"); + TmModule *tm_module = TmModuleGetByName("ReceivePfring"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName failed for ReceivePcap\n"); + printf("ERROR: TmModuleGetByName failed for ReceivePfring\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_receivepcap,tm_module,(void *)iface); + Tm1SlotSetFunc(tv_receivepfring,tm_module,(void *)iface); - if (TmThreadSpawn(tv_receivepcap) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_receivepfring) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode1","pickup-queue","simple","decode-queue1,decode-queue2,decode-queue3,decode-queue4","flow","1slot"); - if (tv_decode1 == NULL) { - printf("ERROR: TmThreadsCreate failed for Decode1\n"); + ThreadVars *tv_receivepfring2 = TmThreadCreatePacketHandler("ReceivePfring2","packetpool","packetpool","pickup-queue2","simple","1slot"); + if (tv_receivepfring2 == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("DecodePcap"); + tm_module = TmModuleGetByName("ReceivePfring"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodePcap failed\n"); + printf("ERROR: TmModuleGetByName failed for ReceivePfring\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_decode1,tm_module,NULL); + Tm1SlotSetFunc(tv_receivepfring2,tm_module,(void *)iface); - if (TmThreadSpawn(tv_decode1) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_receivepfring2) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv; - tv = TmThreadCreatePacketHandler("Stream1","decode-queue1","simple","packetpool","packetpool","varslot"); - if (tv == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); + ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode1","pickup-queue1","simple","decode-queue1","simple","1slot"); + if (tv_decode1 == NULL) { + printf("ERROR: TmThreadsCreate failed for Decode1\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("StreamTcp"); + tm_module = TmModuleGetByName("DecodePfring"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + printf("ERROR: TmModuleGetByName DecodePfring failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,NULL); + Tm1SlotSetFunc(tv_decode1,tm_module,NULL); - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + if (TmThreadSpawn(tv_decode1) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,(void *)de_ctx); - tm_module = TmModuleGetByName("RespondReject"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName for RespondReject failed\n"); + ThreadVars *tv_decode2 = TmThreadCreatePacketHandler("Decode2","pickup-queue2","simple","decode-queue2","simple","1slot"); + if (tv_decode2 == NULL) { + printf("ERROR: TmThreadsCreate failed for Decode1\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,NULL); - - /* In this mode we don't create a new thread for alerting/logging. - * We'll pass the one currently being setup and the alerting - * modules will be appended to it. */ - SetupOutputs(tv); - - if (threading_set_cpu_affinity) { - TmThreadSetCPUAffinity(tv, 0); + tm_module = TmModuleGetByName("DecodePfring"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName DecodePfring failed\n"); + exit(EXIT_FAILURE); } + Tm1SlotSetFunc(tv_decode2,tm_module,NULL); - if (TmThreadSpawn(tv) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_decode2) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - tv = TmThreadCreatePacketHandler("Stream2","decode-queue2","simple","packetpool","packetpool","varslot"); - if (tv == NULL) { + ThreadVars *tv_stream1 = TmThreadCreatePacketHandler("Stream1","decode-queue1","simple","stream-queue1","simple","1slot"); + if (tv_stream1 == NULL) { printf("ERROR: TmThreadsCreate failed for Stream1\n"); exit(EXIT_FAILURE); } @@ -593,35 +582,15 @@ int RunModeIdsPcap3(DetectEngineCtx *de_ctx, char *iface) { printf("ERROR: TmModuleGetByName StreamTcp failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,NULL); - - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); - exit(EXIT_FAILURE); - } - TmVarSlotSetFuncAppend(tv,tm_module,(void *)de_ctx); - - tm_module = TmModuleGetByName("RespondReject"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName for RespondReject failed\n"); - exit(EXIT_FAILURE); - } - TmVarSlotSetFuncAppend(tv,tm_module,NULL); - - SetupOutputs(tv); - - if (threading_set_cpu_affinity) { - TmThreadSetCPUAffinity(tv, 0); - } + Tm1SlotSetFunc(tv_stream1,tm_module,NULL); - if (TmThreadSpawn(tv) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_stream1) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - tv = TmThreadCreatePacketHandler("Stream3","decode-queue3","simple","packetpool","packetpool","varslot"); - if (tv == NULL) { + ThreadVars *tv_stream2 = TmThreadCreatePacketHandler("Stream2","decode-queue2","simple","stream-queue2","simple","1slot"); + if (tv_stream2 == NULL) { printf("ERROR: TmThreadsCreate failed for Stream1\n"); exit(EXIT_FAILURE); } @@ -630,103 +599,121 @@ int RunModeIdsPcap3(DetectEngineCtx *de_ctx, char *iface) { printf("ERROR: TmModuleGetByName StreamTcp failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,NULL); + Tm1SlotSetFunc(tv_stream2,tm_module,NULL); - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + if (TmThreadSpawn(tv_stream2) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,(void *)de_ctx); - tm_module = TmModuleGetByName("RespondReject"); + ThreadVars *tv_detect1 = TmThreadCreatePacketHandler("Detect1","stream-queue1","simple","verdict-queue","simple","1slot"); + if (tv_detect1 == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); + exit(EXIT_FAILURE); + } + tm_module = TmModuleGetByName("Detect"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName for RespondReject failed\n"); + printf("ERROR: TmModuleGetByName Detect failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,NULL); - - SetupOutputs(tv); + Tm1SlotSetFunc(tv_detect1,tm_module,(void *)de_ctx); - if (threading_set_cpu_affinity) { - TmThreadSetCPUAffinity(tv, 1); + thread_group_name = SCStrdup("Detect"); + if (thread_group_name == NULL) { + printf("Error allocating memory\n"); + exit(EXIT_FAILURE); } + tv_detect1->thread_group_name = thread_group_name; - if (TmThreadSpawn(tv) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_detect1) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - tv = TmThreadCreatePacketHandler("Stream4","decode-queue4","simple","packetpool","packetpool","varslot"); - if (tv == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); + ThreadVars *tv_detect2 = TmThreadCreatePacketHandler("Detect2","stream-queue2","simple","verdict-queue","simple","1slot"); + if (tv_detect2 == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("StreamTcp"); + tm_module = TmModuleGetByName("Detect"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + printf("ERROR: TmModuleGetByName Detect failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,NULL); + Tm1SlotSetFunc(tv_detect2,tm_module,(void *)de_ctx); - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + thread_group_name = SCStrdup("Detect"); + if (thread_group_name == NULL) { + printf("Error allocating memory\n"); + exit(EXIT_FAILURE); + } + tv_detect2->thread_group_name = thread_group_name; + + if (TmThreadSpawn(tv_detect2) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,(void *)de_ctx); + ThreadVars *tv_rreject = TmThreadCreatePacketHandler("RespondReject","verdict-queue","simple","alert-queue1","simple","1slot"); + if (tv_rreject == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); + exit(EXIT_FAILURE); + } tm_module = TmModuleGetByName("RespondReject"); if (tm_module == NULL) { printf("ERROR: TmModuleGetByName for RespondReject failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,NULL); - - SetupOutputs(tv); + Tm1SlotSetFunc(tv_rreject,tm_module,NULL); - if (threading_set_cpu_affinity) { - TmThreadSetCPUAffinity(tv, 1); + if (TmThreadSpawn(tv_rreject) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); } - if (TmThreadSpawn(tv) != TM_ECODE_OK) { + ThreadVars *tv_outputs = TmThreadCreatePacketHandler("Outputs", + "alert-queue1", "simple", "packetpool", "packetpool", "varslot"); + SetupOutputs(tv_outputs); + if (TmThreadSpawn(tv_outputs) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } + return 0; } -int RunModeIpsNFQ(DetectEngineCtx *de_ctx, char *nfq_id) { +/** \brief Live pfring mode with 4 stream tracking and reassembly threads, testing the flow queuehandler */ +int RunModeIdsPfring2(DetectEngineCtx *de_ctx, char *iface) { TimeModeSetLive(); char *thread_group_name = NULL; /* create the threads */ - ThreadVars *tv_receivenfq = TmThreadCreatePacketHandler("ReceiveNFQ","packetpool","packetpool","pickup-queue","simple","1slot_noinout"); - if (tv_receivenfq == NULL) { + ThreadVars *tv_receivepfring = TmThreadCreatePacketHandler("ReceivePfring","packetpool","packetpool","pickup-queue","simple","1slot"); + if (tv_receivepfring == NULL) { printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - TmModule *tm_module = TmModuleGetByName("ReceiveNFQ"); + TmModule *tm_module = TmModuleGetByName("ReceivePfring"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName failed for ReceiveNFQ\n"); + printf("ERROR: TmModuleGetByName failed for ReceivePfring\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_receivenfq,tm_module,nfq_id); + Tm1SlotSetFunc(tv_receivepfring,tm_module,(void *)iface); - if (TmThreadSpawn(tv_receivenfq) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_receivepfring) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode1","pickup-queue","simple","decode-queue1","simple","1slot"); + ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode1","pickup-queue","simple","decode-queue1,decode-queue2,decode-queue3,decode-queue4","flow","1slot"); if (tv_decode1 == NULL) { printf("ERROR: TmThreadsCreate failed for Decode1\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("DecodeNFQ"); + tm_module = TmModuleGetByName("DecodePfring"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodeNFQ failed\n"); + printf("ERROR: TmModuleGetByName DecodePfring failed\n"); exit(EXIT_FAILURE); } Tm1SlotSetFunc(tv_decode1,tm_module,NULL); @@ -753,6 +740,57 @@ int RunModeIpsNFQ(DetectEngineCtx *de_ctx, char *nfq_id) { exit(EXIT_FAILURE); } + ThreadVars *tv_stream2 = TmThreadCreatePacketHandler("Stream2","decode-queue2","simple","stream-queue1","simple","1slot"); + if (tv_stream2 == NULL) { + printf("ERROR: TmThreadsCreate failed for Stream2\n"); + exit(EXIT_FAILURE); + } + tm_module = TmModuleGetByName("StreamTcp"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + exit(EXIT_FAILURE); + } + Tm1SlotSetFunc(tv_stream2,tm_module,NULL); + + if (TmThreadSpawn(tv_stream2) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } + + ThreadVars *tv_stream3 = TmThreadCreatePacketHandler("Stream3","decode-queue3","simple","stream-queue2","simple","1slot"); + if (tv_stream3 == NULL) { + printf("ERROR: TmThreadsCreate failed for Stream1\n"); + exit(EXIT_FAILURE); + } + tm_module = TmModuleGetByName("StreamTcp"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + exit(EXIT_FAILURE); + } + Tm1SlotSetFunc(tv_stream3,tm_module,NULL); + + if (TmThreadSpawn(tv_stream3) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } + + ThreadVars *tv_stream4 = TmThreadCreatePacketHandler("Stream4","decode-queue4","simple","stream-queue2","simple","1slot"); + if (tv_stream4 == NULL) { + printf("ERROR: TmThreadsCreate failed for Stream1\n"); + exit(EXIT_FAILURE); + } + tm_module = TmModuleGetByName("StreamTcp"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + exit(EXIT_FAILURE); + } + Tm1SlotSetFunc(tv_stream4,tm_module,NULL); + + if (TmThreadSpawn(tv_stream4) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } + ThreadVars *tv_detect1 = TmThreadCreatePacketHandler("Detect1","stream-queue1","simple","verdict-queue","simple","1slot"); if (tv_detect1 == NULL) { printf("ERROR: TmThreadsCreate failed\n"); @@ -777,7 +815,7 @@ int RunModeIpsNFQ(DetectEngineCtx *de_ctx, char *nfq_id) { exit(EXIT_FAILURE); } - ThreadVars *tv_detect2 = TmThreadCreatePacketHandler("Detect2","stream-queue1","simple","verdict-queue","simple","1slot"); + ThreadVars *tv_detect2 = TmThreadCreatePacketHandler("Detect2","stream-queue2","simple","verdict-queue","simple","1slot"); if (tv_detect2 == NULL) { printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); @@ -801,24 +839,7 @@ int RunModeIpsNFQ(DetectEngineCtx *de_ctx, char *nfq_id) { exit(EXIT_FAILURE); } - ThreadVars *tv_verdict = TmThreadCreatePacketHandler("Verdict","verdict-queue","simple","respond-queue","simple","1slot"); - if (tv_verdict == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("VerdictNFQ"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName VerdictNFQ failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_verdict,tm_module,nfq_id); - - if (TmThreadSpawn(tv_verdict) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_rreject = TmThreadCreatePacketHandler("RespondReject","respond-queue","simple","alert-queue1","simple","1slot"); + ThreadVars *tv_rreject = TmThreadCreatePacketHandler("RespondReject","verdict-queue","simple","alert-queue1","simple","1slot"); if (tv_rreject == NULL) { printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); @@ -845,39 +866,36 @@ int RunModeIpsNFQ(DetectEngineCtx *de_ctx, char *nfq_id) { return 0; } - -int RunModeFilePcap(DetectEngineCtx *de_ctx, char *file) { - SCLogDebug("file %s", file); - TimeModeSetOffline(); - - char *thread_group_name = NULL; +/** \brief Live pfring mode with 4 stream tracking and reassembly threads, testing the flow queuehandler */ +int RunModeIdsPfring3(DetectEngineCtx *de_ctx, char *iface) { + TimeModeSetLive(); /* create the threads */ - ThreadVars *tv_receivepcap = TmThreadCreatePacketHandler("ReceivePcapFile","packetpool","packetpool","pickup-queue","simple","1slot"); - if (tv_receivepcap == NULL) { + ThreadVars *tv_receivepfring = TmThreadCreatePacketHandler("ReceivePfring","packetpool","packetpool","pickup-queue","simple","1slot"); + if (tv_receivepfring == NULL) { printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - TmModule *tm_module = TmModuleGetByName("ReceivePcapFile"); + TmModule *tm_module = TmModuleGetByName("ReceivePfring"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName failed for ReceivePcap\n"); + printf("ERROR: TmModuleGetByName failed for ReceivePfring\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_receivepcap,tm_module,file); + Tm1SlotSetFunc(tv_receivepfring,tm_module,(void *)iface); - if (TmThreadSpawn(tv_receivepcap) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_receivepfring) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode1","pickup-queue","simple","decode-queue1","simple","1slot"); + ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode1","pickup-queue","simple","decode-queue1,decode-queue2,decode-queue3,decode-queue4","flow","1slot"); if (tv_decode1 == NULL) { printf("ERROR: TmThreadsCreate failed for Decode1\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("DecodePcapFile"); + tm_module = TmModuleGetByName("DecodePfring"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodePcap failed\n"); + printf("ERROR: TmModuleGetByName DecodePfring failed\n"); exit(EXIT_FAILURE); } Tm1SlotSetFunc(tv_decode1,tm_module,NULL); @@ -886,9 +904,10 @@ int RunModeFilePcap(DetectEngineCtx *de_ctx, char *file) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } -//#if 0 - ThreadVars *tv_stream1 = TmThreadCreatePacketHandler("Stream1","decode-queue1","simple","stream-queue1","simple","1slot"); - if (tv_stream1 == NULL) { + + ThreadVars *tv; + tv = TmThreadCreatePacketHandler("Stream1","decode-queue1","simple","packetpool","packetpool","varslot"); + if (tv == NULL) { printf("ERROR: TmThreadsCreate failed for Stream1\n"); exit(EXIT_FAILURE); } @@ -897,102 +916,112 @@ int RunModeFilePcap(DetectEngineCtx *de_ctx, char *file) { printf("ERROR: TmModuleGetByName StreamTcp failed\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_stream1,tm_module,NULL); + TmVarSlotSetFuncAppend(tv,tm_module,NULL); - if (TmThreadSpawn(tv_stream1) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); + tm_module = TmModuleGetByName("Detect"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName StreamTcp failed\n"); exit(EXIT_FAILURE); } + TmVarSlotSetFuncAppend(tv,tm_module,(void *)de_ctx); - ThreadVars *tv_detect1 = TmThreadCreatePacketHandler("Detect1","stream-queue1","simple","alert-queue1","simple","1slot"); -//#endif - //ThreadVars *tv_detect1 = TmThreadCreate("Detect1","decode-queue1","simple","alert-queue1","simple","1slot"); - if (tv_detect1 == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("Detect"); + tm_module = TmModuleGetByName("RespondReject"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName Detect failed\n"); + printf("ERROR: TmModuleGetByName for RespondReject failed\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_detect1,tm_module,(void *)de_ctx); + TmVarSlotSetFuncAppend(tv,tm_module,NULL); - thread_group_name = SCStrdup("Detect"); - if (thread_group_name == NULL) { - printf("Error allocating memory\n"); - exit(EXIT_FAILURE); + SetupOutputs(tv); + + if (threading_set_cpu_affinity) { + TmThreadSetCPUAffinity(tv, 0); } - tv_detect1->thread_group_name = thread_group_name; - if (TmThreadSpawn(tv_detect1) != TM_ECODE_OK) { + if (TmThreadSpawn(tv) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv_detect2 = TmThreadCreatePacketHandler("Detect2","stream-queue1","simple","alert-queue1","simple","1slot"); - if (tv_detect2 == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); + tv = TmThreadCreatePacketHandler("Stream2","decode-queue2","simple","packetpool","packetpool","varslot"); + if (tv == NULL) { + printf("ERROR: TmThreadsCreate failed for Stream1\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("Detect"); + tm_module = TmModuleGetByName("StreamTcp"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName Detect failed\n"); + printf("ERROR: TmModuleGetByName StreamTcp failed\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_detect2,tm_module,(void *)de_ctx); + TmVarSlotSetFuncAppend(tv,tm_module,NULL); - thread_group_name = SCStrdup("Detect"); - if (thread_group_name == NULL) { - printf("Error allocating memory\n"); + tm_module = TmModuleGetByName("Detect"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName StreamTcp failed\n"); exit(EXIT_FAILURE); } - tv_detect2->thread_group_name = thread_group_name; + TmVarSlotSetFuncAppend(tv,tm_module,(void *)de_ctx); - if (TmThreadSpawn(tv_detect2) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); + tm_module = TmModuleGetByName("RespondReject"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName for RespondReject failed\n"); exit(EXIT_FAILURE); } + TmVarSlotSetFuncAppend(tv,tm_module,NULL); - ThreadVars *tv_outputs = TmThreadCreatePacketHandler("Outputs", - "alert-queue1", "simple", "packetpool", "packetpool", "varslot"); - SetupOutputs(tv_outputs); - if (TmThreadSpawn(tv_outputs) != TM_ECODE_OK) { + SetupOutputs(tv); + + if (threading_set_cpu_affinity) { + TmThreadSetCPUAffinity(tv, 0); + } + + if (TmThreadSpawn(tv) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - return 0; -} - -/** - * \brief Single thread version of the Pcap file processing. - */ -int RunModeFilePcap2(DetectEngineCtx *de_ctx, char *file) { - printf("RunModeFilePcap2: file %s\n", file); - TimeModeSetOffline(); - - /* create the threads */ - ThreadVars *tv = TmThreadCreatePacketHandler("PcapFile","packetpool","packetpool","packetpool","packetpool","varslot"); + tv = TmThreadCreatePacketHandler("Stream3","decode-queue3","simple","packetpool","packetpool","varslot"); if (tv == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); + printf("ERROR: TmThreadsCreate failed for Stream1\n"); + exit(EXIT_FAILURE); + } + tm_module = TmModuleGetByName("StreamTcp"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName StreamTcp failed\n"); exit(EXIT_FAILURE); } + TmVarSlotSetFuncAppend(tv,tm_module,NULL); - TmModule *tm_module = TmModuleGetByName("ReceivePcapFile"); + tm_module = TmModuleGetByName("Detect"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName failed for ReceivePcap\n"); + printf("ERROR: TmModuleGetByName StreamTcp failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,file); + TmVarSlotSetFuncAppend(tv,tm_module,(void *)de_ctx); - tm_module = TmModuleGetByName("DecodePcapFile"); + tm_module = TmModuleGetByName("RespondReject"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodePcap failed\n"); + printf("ERROR: TmModuleGetByName for RespondReject failed\n"); exit(EXIT_FAILURE); } TmVarSlotSetFuncAppend(tv,tm_module,NULL); + SetupOutputs(tv); + + if (threading_set_cpu_affinity) { + TmThreadSetCPUAffinity(tv, 1); + } + + if (TmThreadSpawn(tv) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } + + tv = TmThreadCreatePacketHandler("Stream4","decode-queue4","simple","packetpool","packetpool","varslot"); + if (tv == NULL) { + printf("ERROR: TmThreadsCreate failed for Stream1\n"); + exit(EXIT_FAILURE); + } tm_module = TmModuleGetByName("StreamTcp"); if (tm_module == NULL) { printf("ERROR: TmModuleGetByName StreamTcp failed\n"); @@ -1002,69 +1031,64 @@ int RunModeFilePcap2(DetectEngineCtx *de_ctx, char *file) { tm_module = TmModuleGetByName("Detect"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName Detect failed\n"); + printf("ERROR: TmModuleGetByName StreamTcp failed\n"); exit(EXIT_FAILURE); } TmVarSlotSetFuncAppend(tv,tm_module,(void *)de_ctx); + tm_module = TmModuleGetByName("RespondReject"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName for RespondReject failed\n"); + exit(EXIT_FAILURE); + } + TmVarSlotSetFuncAppend(tv,tm_module,NULL); + SetupOutputs(tv); + if (threading_set_cpu_affinity) { + TmThreadSetCPUAffinity(tv, 1); + } + if (TmThreadSpawn(tv) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - return 0; } -int RunModeIdsPfring(DetectEngineCtx *de_ctx, char *iface) { +int RunModeIpsIPFW(DetectEngineCtx *de_ctx) { + TimeModeSetLive(); char *thread_group_name = NULL; /* create the threads */ - ThreadVars *tv_receivepfring = TmThreadCreatePacketHandler("ReceivePfring","packetpool","packetpool","pickup-queue1","simple","1slot"); - if (tv_receivepfring == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - TmModule *tm_module = TmModuleGetByName("ReceivePfring"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName failed for ReceivePfring\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_receivepfring,tm_module,(void *)iface); - - if (TmThreadSpawn(tv_receivepfring) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } + ThreadVars *tv_receiveipfw = TmThreadCreatePacketHandler("ReceiveIPFW","packetpool","packetpool","pickup-queue","simple","1slot_noinout"); - ThreadVars *tv_receivepfring2 = TmThreadCreatePacketHandler("ReceivePfring2","packetpool","packetpool","pickup-queue2","simple","1slot"); - if (tv_receivepfring2 == NULL) { + if (tv_receiveipfw == NULL) { printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("ReceivePfring"); + TmModule *tm_module = TmModuleGetByName("ReceiveIPFW"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName failed for ReceivePfring\n"); + printf("ERROR: TmModuleGetByName failed for ReceiveIPFW\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_receivepfring2,tm_module,(void *)iface); + Tm1SlotSetFunc(tv_receiveipfw,tm_module,NULL); - if (TmThreadSpawn(tv_receivepfring2) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_receiveipfw) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode1","pickup-queue1","simple","decode-queue1","simple","1slot"); + ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode1","pickup-queue","simple","decode-queue1","simple","1slot"); if (tv_decode1 == NULL) { printf("ERROR: TmThreadsCreate failed for Decode1\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("DecodePfring"); + tm_module = TmModuleGetByName("DecodeIPFW"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodePfring failed\n"); + printf("ERROR: TmModuleGetByName DecodeIPFW failed\n"); exit(EXIT_FAILURE); } Tm1SlotSetFunc(tv_decode1,tm_module,NULL); @@ -1074,23 +1098,6 @@ int RunModeIdsPfring(DetectEngineCtx *de_ctx, char *iface) { exit(EXIT_FAILURE); } - ThreadVars *tv_decode2 = TmThreadCreatePacketHandler("Decode2","pickup-queue2","simple","decode-queue2","simple","1slot"); - if (tv_decode2 == NULL) { - printf("ERROR: TmThreadsCreate failed for Decode1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("DecodePfring"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodePfring failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_decode2,tm_module,NULL); - - if (TmThreadSpawn(tv_decode2) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - ThreadVars *tv_stream1 = TmThreadCreatePacketHandler("Stream1","decode-queue1","simple","stream-queue1","simple","1slot"); if (tv_stream1 == NULL) { printf("ERROR: TmThreadsCreate failed for Stream1\n"); @@ -1108,23 +1115,6 @@ int RunModeIdsPfring(DetectEngineCtx *de_ctx, char *iface) { exit(EXIT_FAILURE); } - ThreadVars *tv_stream2 = TmThreadCreatePacketHandler("Stream2","decode-queue2","simple","stream-queue2","simple","1slot"); - if (tv_stream2 == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("StreamTcp"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_stream2,tm_module,NULL); - - if (TmThreadSpawn(tv_stream2) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - ThreadVars *tv_detect1 = TmThreadCreatePacketHandler("Detect1","stream-queue1","simple","verdict-queue","simple","1slot"); if (tv_detect1 == NULL) { printf("ERROR: TmThreadsCreate failed\n"); @@ -1149,7 +1139,7 @@ int RunModeIdsPfring(DetectEngineCtx *de_ctx, char *iface) { exit(EXIT_FAILURE); } - ThreadVars *tv_detect2 = TmThreadCreatePacketHandler("Detect2","stream-queue2","simple","verdict-queue","simple","1slot"); + ThreadVars *tv_detect2 = TmThreadCreatePacketHandler("Detect2","stream-queue1","simple","verdict-queue","simple","1slot"); if (tv_detect2 == NULL) { printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); @@ -1173,7 +1163,24 @@ int RunModeIdsPfring(DetectEngineCtx *de_ctx, char *iface) { exit(EXIT_FAILURE); } - ThreadVars *tv_rreject = TmThreadCreatePacketHandler("RespondReject","verdict-queue","simple","alert-queue1","simple","1slot"); + ThreadVars *tv_verdict = TmThreadCreatePacketHandler("Verdict","verdict-queue","simple","respond-queue","simple","1slot"); + if (tv_verdict == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); + exit(EXIT_FAILURE); + } + tm_module = TmModuleGetByName("VerdictIPFW"); + if (tm_module == NULL) { + printf("ERROR: TmModuleGetByName VerdictIPFW failed\n"); + exit(EXIT_FAILURE); + } + Tm1SlotSetFunc(tv_verdict,tm_module,NULL); + + if (TmThreadSpawn(tv_verdict) != TM_ECODE_OK) { + printf("ERROR: TmThreadSpawn failed\n"); + exit(EXIT_FAILURE); + } + + ThreadVars *tv_rreject = TmThreadCreatePacketHandler("RespondReject","respond-queue","simple","alert-queue1","simple","1slot"); if (tv_rreject == NULL) { printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); @@ -1201,14 +1208,14 @@ int RunModeIdsPfring(DetectEngineCtx *de_ctx, char *iface) { return 0; } -/** \brief Live pfring mode with 4 stream tracking and reassembly threads, testing the flow queuehandler */ -int RunModeIdsPfring2(DetectEngineCtx *de_ctx, char *iface) { +/** RunmodeIdsPfring4 simple 4 pfring, decode, stream, and detect threads */ +int RunModeIdsPfring4(DetectEngineCtx *de_ctx, char *iface) { TimeModeSetLive(); char *thread_group_name = NULL; /* create the threads */ - ThreadVars *tv_receivepfring = TmThreadCreatePacketHandler("ReceivePfring","packetpool","packetpool","pickup-queue","simple","1slot"); + ThreadVars *tv_receivepfring = TmThreadCreatePacketHandler("ReceivePfring","packetpool","packetpool","pickup-queue1","simple","1slot"); if (tv_receivepfring == NULL) { printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); @@ -1225,208 +1232,177 @@ int RunModeIdsPfring2(DetectEngineCtx *de_ctx, char *iface) { exit(EXIT_FAILURE); } - ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode1","pickup-queue","simple","decode-queue1,decode-queue2,decode-queue3,decode-queue4","flow","1slot"); - if (tv_decode1 == NULL) { - printf("ERROR: TmThreadsCreate failed for Decode1\n"); + ThreadVars *tv_receivepfring2 = TmThreadCreatePacketHandler("ReceivePfring2","packetpool","packetpool","pickup-queue2","simple","1slot"); + if (tv_receivepfring2 == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("DecodePfring"); + tm_module = TmModuleGetByName("ReceivePfring"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodePfring failed\n"); + printf("ERROR: TmModuleGetByName failed for ReceivePfring\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_decode1,tm_module,NULL); + Tm1SlotSetFunc(tv_receivepfring2,tm_module,(void *)iface); - if (TmThreadSpawn(tv_decode1) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_receivepfring2) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv_stream1 = TmThreadCreatePacketHandler("Stream1","decode-queue1","simple","stream-queue1","simple","1slot"); - if (tv_stream1 == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); + ThreadVars *tv_receivepfring3 = TmThreadCreatePacketHandler("ReceivePfring3","packetpool","packetpool","pickup-queue3","simple","1slot"); + if (tv_receivepfring3 == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("StreamTcp"); + tm_module = TmModuleGetByName("ReceivePfring"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + printf("ERROR: TmModuleGetByName failed for ReceivePfring\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_stream1,tm_module,NULL); + Tm1SlotSetFunc(tv_receivepfring3,tm_module,(void *)iface); - if (TmThreadSpawn(tv_stream1) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_receivepfring3) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv_stream2 = TmThreadCreatePacketHandler("Stream2","decode-queue2","simple","stream-queue1","simple","1slot"); - if (tv_stream2 == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream2\n"); + ThreadVars *tv_receivepfring4 = TmThreadCreatePacketHandler("ReceivePfring4","packetpool","packetpool","pickup-queue4","simple","1slot"); + if (tv_receivepfring4 == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("StreamTcp"); + tm_module = TmModuleGetByName("ReceivePfring"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + printf("ERROR: TmModuleGetByName failed for ReceivePfring\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_stream2,tm_module,NULL); + Tm1SlotSetFunc(tv_receivepfring4,tm_module,(void *)iface); - if (TmThreadSpawn(tv_stream2) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_receivepfring4) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv_stream3 = TmThreadCreatePacketHandler("Stream3","decode-queue3","simple","stream-queue2","simple","1slot"); - if (tv_stream3 == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); + ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode1","pickup-queue1","simple","decode-queue1","simple","1slot"); + if (tv_decode1 == NULL) { + printf("ERROR: TmThreadsCreate failed for Decode1\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("StreamTcp"); + tm_module = TmModuleGetByName("DecodePfring"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + printf("ERROR: TmModuleGetByName DecodePfring failed\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_stream3,tm_module,NULL); + Tm1SlotSetFunc(tv_decode1,tm_module,NULL); - if (TmThreadSpawn(tv_stream3) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_decode1) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv_stream4 = TmThreadCreatePacketHandler("Stream4","decode-queue4","simple","stream-queue2","simple","1slot"); - if (tv_stream4 == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); + ThreadVars *tv_decode2 = TmThreadCreatePacketHandler("Decode2","pickup-queue2","simple","decode-queue2","simple","1slot"); + if (tv_decode2 == NULL) { + printf("ERROR: TmThreadsCreate failed for Decode1\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("StreamTcp"); + tm_module = TmModuleGetByName("DecodePfring"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + printf("ERROR: TmModuleGetByName DecodePfring failed\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_stream4,tm_module,NULL); + Tm1SlotSetFunc(tv_decode2,tm_module,NULL); - if (TmThreadSpawn(tv_stream4) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_decode2) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv_detect1 = TmThreadCreatePacketHandler("Detect1","stream-queue1","simple","verdict-queue","simple","1slot"); - if (tv_detect1 == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); + ThreadVars *tv_decode3 = TmThreadCreatePacketHandler("Decode3","pickup-queue3","simple","decode-queue3","simple","1slot"); + if (tv_decode3 == NULL) { + printf("ERROR: TmThreadsCreate failed for Decode1\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("Detect"); + tm_module = TmModuleGetByName("DecodePfring"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName Detect failed\n"); + printf("ERROR: TmModuleGetByName DecodePfring failed\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_detect1,tm_module,(void *)de_ctx); + Tm1SlotSetFunc(tv_decode3,tm_module,NULL); - thread_group_name = SCStrdup("Detect"); - if (thread_group_name == NULL) { - printf("Error allocating memory\n"); - exit(EXIT_FAILURE); - } - tv_detect1->thread_group_name = thread_group_name; - - if (TmThreadSpawn(tv_detect1) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_decode3) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv_detect2 = TmThreadCreatePacketHandler("Detect2","stream-queue2","simple","verdict-queue","simple","1slot"); - if (tv_detect2 == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); + ThreadVars *tv_decode4 = TmThreadCreatePacketHandler("Decode4","pickup-queue4","simple","decode-queue4","simple","1slot"); + if (tv_decode4 == NULL) { + printf("ERROR: TmThreadsCreate failed for Decode1\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("Detect"); + tm_module = TmModuleGetByName("DecodePfring"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName Detect failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_detect2,tm_module,(void *)de_ctx); - - thread_group_name = SCStrdup("Detect"); - if (thread_group_name == NULL) { - printf("Error allocating memory\n"); + printf("ERROR: TmModuleGetByName DecodePfring failed\n"); exit(EXIT_FAILURE); } - tv_detect2->thread_group_name = thread_group_name; + Tm1SlotSetFunc(tv_decode4,tm_module,NULL); - if (TmThreadSpawn(tv_detect2) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_decode4) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv_rreject = TmThreadCreatePacketHandler("RespondReject","verdict-queue","simple","alert-queue1","simple","1slot"); - if (tv_rreject == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); + ThreadVars *tv_stream1 = TmThreadCreatePacketHandler("Stream1","decode-queue1","simple","stream-queue1","simple","1slot"); + if (tv_stream1 == NULL) { + printf("ERROR: TmThreadsCreate failed for Stream1\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("RespondReject"); + tm_module = TmModuleGetByName("StreamTcp"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName for RespondReject failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_rreject,tm_module,NULL); - - if (TmThreadSpawn(tv_rreject) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); + printf("ERROR: TmModuleGetByName StreamTcp failed\n"); exit(EXIT_FAILURE); } + Tm1SlotSetFunc(tv_stream1,tm_module,NULL); - ThreadVars *tv_outputs = TmThreadCreatePacketHandler("Outputs", - "alert-queue1", "simple", "packetpool", "packetpool", "varslot"); - SetupOutputs(tv_outputs); - if (TmThreadSpawn(tv_outputs) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_stream1) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - return 0; -} -/** \brief Live pfring mode with 4 stream tracking and reassembly threads, testing the flow queuehandler */ -int RunModeIdsPfring3(DetectEngineCtx *de_ctx, char *iface) { - TimeModeSetLive(); - - /* create the threads */ - ThreadVars *tv_receivepfring = TmThreadCreatePacketHandler("ReceivePfring","packetpool","packetpool","pickup-queue","simple","1slot"); - if (tv_receivepfring == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); + ThreadVars *tv_stream2 = TmThreadCreatePacketHandler("Stream2","decode-queue2","simple","stream-queue2","simple","1slot"); + if (tv_stream2 == NULL) { + printf("ERROR: TmThreadsCreate failed for Stream1\n"); exit(EXIT_FAILURE); } - TmModule *tm_module = TmModuleGetByName("ReceivePfring"); + tm_module = TmModuleGetByName("StreamTcp"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName failed for ReceivePfring\n"); + printf("ERROR: TmModuleGetByName StreamTcp failed\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_receivepfring,tm_module,(void *)iface); - - if (TmThreadSpawn(tv_receivepfring) != TM_ECODE_OK) { + Tm1SlotSetFunc(tv_stream2,tm_module,NULL); + if (TmThreadSpawn(tv_stream2) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode1","pickup-queue","simple","decode-queue1,decode-queue2,decode-queue3,decode-queue4","flow","1slot"); - if (tv_decode1 == NULL) { - printf("ERROR: TmThreadsCreate failed for Decode1\n"); + ThreadVars *tv_stream3 = TmThreadCreatePacketHandler("Stream3","decode-queue3","simple","stream-queue3","simple","1slot"); + if (tv_stream3 == NULL) { + printf("ERROR: TmThreadsCreate failed for Stream1\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("DecodePfring"); + tm_module = TmModuleGetByName("StreamTcp"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodePfring failed\n"); + printf("ERROR: TmModuleGetByName StreamTcp failed\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_decode1,tm_module,NULL); + Tm1SlotSetFunc(tv_stream3,tm_module,NULL); - if (TmThreadSpawn(tv_decode1) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_stream3) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv; - tv = TmThreadCreatePacketHandler("Stream1","decode-queue1","simple","packetpool","packetpool","varslot"); - if (tv == NULL) { + ThreadVars *tv_stream4 = TmThreadCreatePacketHandler("Stream4","decode-queue4","simple","stream-queue4","simple","1slot"); + if (tv_stream4 == NULL) { printf("ERROR: TmThreadsCreate failed for Stream1\n"); exit(EXIT_FAILURE); } @@ -1435,283 +1411,121 @@ int RunModeIdsPfring3(DetectEngineCtx *de_ctx, char *iface) { printf("ERROR: TmModuleGetByName StreamTcp failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,NULL); - - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); - exit(EXIT_FAILURE); - } - TmVarSlotSetFuncAppend(tv,tm_module,(void *)de_ctx); - - tm_module = TmModuleGetByName("RespondReject"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName for RespondReject failed\n"); - exit(EXIT_FAILURE); - } - TmVarSlotSetFuncAppend(tv,tm_module,NULL); - - SetupOutputs(tv); - - if (threading_set_cpu_affinity) { - TmThreadSetCPUAffinity(tv, 0); - } + Tm1SlotSetFunc(tv_stream4,tm_module,NULL); - if (TmThreadSpawn(tv) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_stream4) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - tv = TmThreadCreatePacketHandler("Stream2","decode-queue2","simple","packetpool","packetpool","varslot"); - if (tv == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("StreamTcp"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + ThreadVars *tv_detect1 = TmThreadCreatePacketHandler("Detect1","stream-queue1","simple","verdict-queue","simple","1slot"); + if (tv_detect1 == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,NULL); - tm_module = TmModuleGetByName("Detect"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + printf("ERROR: TmModuleGetByName Detect failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,(void *)de_ctx); + Tm1SlotSetFunc(tv_detect1,tm_module,(void *)de_ctx); - tm_module = TmModuleGetByName("RespondReject"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName for RespondReject failed\n"); + thread_group_name = SCStrdup("Detect"); + if (thread_group_name == NULL) { + printf("Error allocating memory\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,NULL); - - SetupOutputs(tv); - - if (threading_set_cpu_affinity) { - TmThreadSetCPUAffinity(tv, 0); - } + tv_detect1->thread_group_name = thread_group_name; - if (TmThreadSpawn(tv) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_detect1) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - - tv = TmThreadCreatePacketHandler("Stream3","decode-queue3","simple","packetpool","packetpool","varslot"); - if (tv == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("StreamTcp"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + ThreadVars *tv_detect2 = TmThreadCreatePacketHandler("Detect2","stream-queue2","simple","verdict-queue","simple","1slot"); + if (tv_detect2 == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,NULL); - tm_module = TmModuleGetByName("Detect"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + printf("ERROR: TmModuleGetByName Detect failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,(void *)de_ctx); + Tm1SlotSetFunc(tv_detect2,tm_module,(void *)de_ctx); - tm_module = TmModuleGetByName("RespondReject"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName for RespondReject failed\n"); + thread_group_name = SCStrdup("Detect"); + if (thread_group_name == NULL) { + printf("Error allocating memory\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,NULL); - - SetupOutputs(tv); - - if (threading_set_cpu_affinity) { - TmThreadSetCPUAffinity(tv, 1); - } + tv_detect2->thread_group_name = thread_group_name; - if (TmThreadSpawn(tv) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_detect2) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - tv = TmThreadCreatePacketHandler("Stream4","decode-queue4","simple","packetpool","packetpool","varslot"); - if (tv == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("StreamTcp"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + ThreadVars *tv_detect3 = TmThreadCreatePacketHandler("Detect3","stream-queue3","simple","verdict-queue","simple","1slot"); + if (tv_detect3 == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,NULL); - tm_module = TmModuleGetByName("Detect"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); + printf("ERROR: TmModuleGetByName Detect failed\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,(void *)de_ctx); + Tm1SlotSetFunc(tv_detect3,tm_module,(void *)de_ctx); - tm_module = TmModuleGetByName("RespondReject"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName for RespondReject failed\n"); + thread_group_name = SCStrdup("Detect"); + if (thread_group_name == NULL) { + printf("Error allocating memory\n"); exit(EXIT_FAILURE); } - TmVarSlotSetFuncAppend(tv,tm_module,NULL); - - SetupOutputs(tv); - - if (threading_set_cpu_affinity) { - TmThreadSetCPUAffinity(tv, 1); - } + tv_detect3->thread_group_name = thread_group_name; - if (TmThreadSpawn(tv) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_detect3) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - return 0; -} - -int RunModeIpsIPFW(DetectEngineCtx *de_ctx) { - - TimeModeSetLive(); - - char *thread_group_name = NULL; - - /* create the threads */ - ThreadVars *tv_receiveipfw = TmThreadCreatePacketHandler("ReceiveIPFW","packetpool","packetpool","pickup-queue","simple","1slot_noinout"); - if (tv_receiveipfw == NULL) { + ThreadVars *tv_detect4= TmThreadCreatePacketHandler("Detect4","stream-queue4","simple","verdict-queue","simple","1slot"); + if (tv_detect4 == NULL) { printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - TmModule *tm_module = TmModuleGetByName("ReceiveIPFW"); + tm_module = TmModuleGetByName("Detect"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName failed for ReceiveIPFW\n"); + printf("ERROR: TmModuleGetByName Detect failed\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_receiveipfw,tm_module,NULL); + Tm1SlotSetFunc(tv_detect4,tm_module,(void *)de_ctx); - if (TmThreadSpawn(tv_receiveipfw) != TM_ECODE_OK) { + thread_group_name = SCStrdup("Detect"); + if (thread_group_name == NULL) { + printf("Error allocating memory\n"); + exit(EXIT_FAILURE); + } + tv_detect4->thread_group_name = thread_group_name; + + if (TmThreadSpawn(tv_detect4) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } - ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode1","pickup-queue","simple","decode-queue1","simple","1slot"); - if (tv_decode1 == NULL) { - printf("ERROR: TmThreadsCreate failed for Decode1\n"); + ThreadVars *tv_rreject = TmThreadCreatePacketHandler("RespondReject","verdict-queue","simple","alert-queue1","simple","1slot"); + if (tv_rreject == NULL) { + printf("ERROR: TmThreadsCreate failed\n"); exit(EXIT_FAILURE); } - tm_module = TmModuleGetByName("DecodeIPFW"); + tm_module = TmModuleGetByName("RespondReject"); if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodeIPFW failed\n"); + printf("ERROR: TmModuleGetByName for RespondReject failed\n"); exit(EXIT_FAILURE); } - Tm1SlotSetFunc(tv_decode1,tm_module,NULL); + Tm1SlotSetFunc(tv_rreject,tm_module,NULL); - if (TmThreadSpawn(tv_decode1) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_stream1 = TmThreadCreatePacketHandler("Stream1","decode-queue1","simple","stream-queue1","simple","1slot"); - if (tv_stream1 == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("StreamTcp"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_stream1,tm_module,NULL); - - if (TmThreadSpawn(tv_stream1) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_detect1 = TmThreadCreatePacketHandler("Detect1","stream-queue1","simple","verdict-queue","simple","1slot"); - if (tv_detect1 == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName Detect failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_detect1,tm_module,(void *)de_ctx); - - thread_group_name = SCStrdup("Detect"); - if (thread_group_name == NULL) { - printf("Error allocating memory\n"); - exit(EXIT_FAILURE); - } - tv_detect1->thread_group_name = thread_group_name; - - if (TmThreadSpawn(tv_detect1) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_detect2 = TmThreadCreatePacketHandler("Detect2","stream-queue1","simple","verdict-queue","simple","1slot"); - if (tv_detect2 == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName Detect failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_detect2,tm_module,(void *)de_ctx); - - thread_group_name = SCStrdup("Detect"); - if (thread_group_name == NULL) { - printf("Error allocating memory\n"); - exit(EXIT_FAILURE); - } - tv_detect2->thread_group_name = thread_group_name; - - if (TmThreadSpawn(tv_detect2) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_verdict = TmThreadCreatePacketHandler("Verdict","verdict-queue","simple","respond-queue","simple","1slot"); - if (tv_verdict == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("VerdictIPFW"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName VerdictIPFW failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_verdict,tm_module,NULL); - - if (TmThreadSpawn(tv_verdict) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_rreject = TmThreadCreatePacketHandler("RespondReject","respond-queue","simple","alert-queue1","simple","1slot"); - if (tv_rreject == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("RespondReject"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName for RespondReject failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_rreject,tm_module,NULL); - - if (TmThreadSpawn(tv_rreject) != TM_ECODE_OK) { + if (TmThreadSpawn(tv_rreject) != TM_ECODE_OK) { printf("ERROR: TmThreadSpawn failed\n"); exit(EXIT_FAILURE); } @@ -1727,644 +1541,6 @@ int RunModeIpsIPFW(DetectEngineCtx *de_ctx) { return 0; } -/** RunmodeIdsPfring4 simple 4 pfring, decode, stream, and detect threads */ -int RunModeIdsPfring4(DetectEngineCtx *de_ctx, char *iface) { - TimeModeSetLive(); - - char *thread_group_name = NULL; - - /* create the threads */ - ThreadVars *tv_receivepfring = TmThreadCreatePacketHandler("ReceivePfring","packetpool","packetpool","pickup-queue1","simple","1slot"); - if (tv_receivepfring == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - TmModule *tm_module = TmModuleGetByName("ReceivePfring"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName failed for ReceivePfring\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_receivepfring,tm_module,(void *)iface); - - if (TmThreadSpawn(tv_receivepfring) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_receivepfring2 = TmThreadCreatePacketHandler("ReceivePfring2","packetpool","packetpool","pickup-queue2","simple","1slot"); - if (tv_receivepfring2 == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("ReceivePfring"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName failed for ReceivePfring\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_receivepfring2,tm_module,(void *)iface); - - if (TmThreadSpawn(tv_receivepfring2) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_receivepfring3 = TmThreadCreatePacketHandler("ReceivePfring3","packetpool","packetpool","pickup-queue3","simple","1slot"); - if (tv_receivepfring3 == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("ReceivePfring"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName failed for ReceivePfring\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_receivepfring3,tm_module,(void *)iface); - - if (TmThreadSpawn(tv_receivepfring3) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_receivepfring4 = TmThreadCreatePacketHandler("ReceivePfring4","packetpool","packetpool","pickup-queue4","simple","1slot"); - if (tv_receivepfring4 == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("ReceivePfring"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName failed for ReceivePfring\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_receivepfring4,tm_module,(void *)iface); - - if (TmThreadSpawn(tv_receivepfring4) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode1","pickup-queue1","simple","decode-queue1","simple","1slot"); - if (tv_decode1 == NULL) { - printf("ERROR: TmThreadsCreate failed for Decode1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("DecodePfring"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodePfring failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_decode1,tm_module,NULL); - - if (TmThreadSpawn(tv_decode1) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_decode2 = TmThreadCreatePacketHandler("Decode2","pickup-queue2","simple","decode-queue2","simple","1slot"); - if (tv_decode2 == NULL) { - printf("ERROR: TmThreadsCreate failed for Decode1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("DecodePfring"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodePfring failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_decode2,tm_module,NULL); - - if (TmThreadSpawn(tv_decode2) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_decode3 = TmThreadCreatePacketHandler("Decode3","pickup-queue3","simple","decode-queue3","simple","1slot"); - if (tv_decode3 == NULL) { - printf("ERROR: TmThreadsCreate failed for Decode1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("DecodePfring"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodePfring failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_decode3,tm_module,NULL); - - if (TmThreadSpawn(tv_decode3) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_decode4 = TmThreadCreatePacketHandler("Decode4","pickup-queue4","simple","decode-queue4","simple","1slot"); - if (tv_decode4 == NULL) { - printf("ERROR: TmThreadsCreate failed for Decode1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("DecodePfring"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodePfring failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_decode4,tm_module,NULL); - - if (TmThreadSpawn(tv_decode4) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_stream1 = TmThreadCreatePacketHandler("Stream1","decode-queue1","simple","stream-queue1","simple","1slot"); - if (tv_stream1 == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("StreamTcp"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_stream1,tm_module,NULL); - - if (TmThreadSpawn(tv_stream1) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_stream2 = TmThreadCreatePacketHandler("Stream2","decode-queue2","simple","stream-queue2","simple","1slot"); - if (tv_stream2 == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("StreamTcp"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_stream2,tm_module,NULL); - if (TmThreadSpawn(tv_stream2) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_stream3 = TmThreadCreatePacketHandler("Stream3","decode-queue3","simple","stream-queue3","simple","1slot"); - if (tv_stream3 == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("StreamTcp"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_stream3,tm_module,NULL); - - if (TmThreadSpawn(tv_stream3) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_stream4 = TmThreadCreatePacketHandler("Stream4","decode-queue4","simple","stream-queue4","simple","1slot"); - if (tv_stream4 == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("StreamTcp"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_stream4,tm_module,NULL); - - if (TmThreadSpawn(tv_stream4) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_detect1 = TmThreadCreatePacketHandler("Detect1","stream-queue1","simple","verdict-queue","simple","1slot"); - if (tv_detect1 == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName Detect failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_detect1,tm_module,(void *)de_ctx); - - thread_group_name = SCStrdup("Detect"); - if (thread_group_name == NULL) { - printf("Error allocating memory\n"); - exit(EXIT_FAILURE); - } - tv_detect1->thread_group_name = thread_group_name; - - if (TmThreadSpawn(tv_detect1) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - ThreadVars *tv_detect2 = TmThreadCreatePacketHandler("Detect2","stream-queue2","simple","verdict-queue","simple","1slot"); - if (tv_detect2 == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName Detect failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_detect2,tm_module,(void *)de_ctx); - - thread_group_name = SCStrdup("Detect"); - if (thread_group_name == NULL) { - printf("Error allocating memory\n"); - exit(EXIT_FAILURE); - } - tv_detect2->thread_group_name = thread_group_name; - - if (TmThreadSpawn(tv_detect2) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_detect3 = TmThreadCreatePacketHandler("Detect3","stream-queue3","simple","verdict-queue","simple","1slot"); - if (tv_detect3 == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName Detect failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_detect3,tm_module,(void *)de_ctx); - - thread_group_name = SCStrdup("Detect"); - if (thread_group_name == NULL) { - printf("Error allocating memory\n"); - exit(EXIT_FAILURE); - } - tv_detect3->thread_group_name = thread_group_name; - - if (TmThreadSpawn(tv_detect3) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_detect4= TmThreadCreatePacketHandler("Detect4","stream-queue4","simple","verdict-queue","simple","1slot"); - if (tv_detect4 == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName Detect failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_detect4,tm_module,(void *)de_ctx); - - thread_group_name = SCStrdup("Detect"); - if (thread_group_name == NULL) { - printf("Error allocating memory\n"); - exit(EXIT_FAILURE); - } - tv_detect4->thread_group_name = thread_group_name; - - if (TmThreadSpawn(tv_detect4) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_rreject = TmThreadCreatePacketHandler("RespondReject","verdict-queue","simple","alert-queue1","simple","1slot"); - if (tv_rreject == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("RespondReject"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName for RespondReject failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_rreject,tm_module,NULL); - - if (TmThreadSpawn(tv_rreject) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_outputs = TmThreadCreatePacketHandler("Outputs", - "alert-queue1", "simple", "packetpool", "packetpool", "varslot"); - SetupOutputs(tv_outputs); - if (TmThreadSpawn(tv_outputs) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - return 0; -} - -/** - * \brief RunModeIdsPcapAuto set up the following thread packet handlers: - * - Receive thread (from iface pcap) - * - Decode thread - * - Stream thread - * - Detect: If we have only 1 cpu, it will setup one Detect thread - * If we have more than one, it will setup num_cpus - 1 - * starting from the second cpu available. - * - Respond/Reject thread - * - Outputs thread - * By default the threads will use the first cpu available - * except the Detection threads if we have more than one cpu - * - * \param de_ctx pointer to the Detection Engine - * \param iface pointer to the name of the interface from which we will - * fetch the packets - * \retval 0 if all goes well. (If any problem is detected the engine will - * exit()) - */ -int RunModeIdsPcapAuto(DetectEngineCtx *de_ctx, char *iface) { - SCEnter(); - /* tname = Detect + cpuid, this is 11bytes length as max */ - char tname[16]; - uint16_t cpu = 0; - TmModule *tm_module; - uint16_t thread; - - RunModeInitialize(); - TimeModeSetLive(); - - /* Available cpus */ - uint16_t ncpus = UtilCpuGetNumProcessorsOnline(); - int npcap = PcapLiveGetDeviceCount(); - - if (npcap == 1) { - /* create the threads */ - ThreadVars *tv_receivepcap = TmThreadCreatePacketHandler("ReceivePcap","packetpool","packetpool","pickup-queue","simple","1slot"); - if (tv_receivepcap == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("ReceivePcap"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName failed for ReceivePcap\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_receivepcap,tm_module,(void *)iface); - - TmThreadSetCPU(tv_receivepcap, RECEIVE_CPU_SET); - - if (TmThreadSpawn(tv_receivepcap) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - } else { - SCLogInfo("Using %d pcap device(s).", npcap); - - for (thread = 0; thread < npcap; thread++) { - char *pcap_dev = PcapLiveGetDevice(thread); - if (pcap_dev == NULL) { - printf("Failed to lookup pcap dev %d\n", thread); - exit(EXIT_FAILURE); - } - SCLogDebug("pcap_dev %s", pcap_dev); - - snprintf(tname, sizeof(tname),"RecvPcap-%s", pcap_dev); - char *tnamec = SCStrdup(tname); - char *pcap_devc = SCStrdup(pcap_dev); - - /* create the threads */ - ThreadVars *tv_receivepcap = TmThreadCreatePacketHandler(tnamec,"packetpool","packetpool","pickup-queue","simple","1slot"); - if (tv_receivepcap == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("ReceivePcap"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName failed for ReceivePcap\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_receivepcap,tm_module,(void *)pcap_devc); - - TmThreadSetCPU(tv_receivepcap, RECEIVE_CPU_SET); - - if (TmThreadSpawn(tv_receivepcap) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - } - } - -#if defined(__SC_CUDA_SUPPORT__) - if (PatternMatchDefaultMatcher() == MPM_B2G_CUDA) { - ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode", - "pickup-queue", "simple", - "decode-queue1", "simple", - "1slot"); - if (tv_decode1 == NULL) { - printf("ERROR: TmThreadsCreate failed for Decode1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("DecodePcap"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodePcap failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_decode1, tm_module, NULL); - - TmThreadSetCPU(tv_decode1, DECODE_CPU_SET); - - if (TmThreadSpawn(tv_decode1) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_cuda_PB = TmThreadCreate("CUDA_PB", - "decode-queue1", "simple", - "cuda-pb-queue1", "simple", - "custom", SCCudaPBTmThreadsSlot1, 0); - if (tv_cuda_PB == NULL) { - printf("ERROR: TmThreadsCreate failed for CUDA_PB\n"); - exit(EXIT_FAILURE); - } - tv_cuda_PB->type = TVT_PPT; - - tm_module = TmModuleGetByName("CudaPacketBatcher"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName CudaPacketBatcher failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_cuda_PB, tm_module, (void *)de_ctx); - - - TmThreadSetCPU(tv_cuda_PB, DETECT_CPU_SET); - - if (TmThreadSpawn(tv_cuda_PB) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_stream1 = TmThreadCreatePacketHandler("Stream1", - "cuda-pb-queue1", "simple", - "stream-queue1", "simple", - "1slot"); - if (tv_stream1 == NULL) { - printf("ERROR: TmThreadsCreate failed for Stream1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("StreamTcp"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_stream1,tm_module,NULL); - - TmThreadSetCPU(tv_stream1, STREAM_CPU_SET); - - if (TmThreadSpawn(tv_stream1) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - } else { - ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode & Stream", - "pickup-queue", "simple", - "stream-queue1", "simple", - "varslot"); - if (tv_decode1 == NULL) { - printf("ERROR: TmThreadsCreate failed for Decode1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("DecodePcap"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodePcap failed\n"); - exit(EXIT_FAILURE); - } - TmVarSlotSetFuncAppend(tv_decode1,tm_module,NULL); - - tm_module = TmModuleGetByName("StreamTcp"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); - exit(EXIT_FAILURE); - } - TmVarSlotSetFuncAppend(tv_decode1,tm_module,NULL); - - TmThreadSetCPU(tv_decode1, DECODE_CPU_SET); - - if (TmThreadSpawn(tv_decode1) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - } -#else -//#if 0 - //ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode & Stream","pickup-queue","simple","packetpool","packetpool","varslot"); - ThreadVars *tv_decode1 = TmThreadCreatePacketHandler("Decode & Stream","pickup-queue","simple","stream-queue1","simple","varslot"); - if (tv_decode1 == NULL) { - printf("ERROR: TmThreadsCreate failed for Decode1\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("DecodePcap"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName DecodePcap failed\n"); - exit(EXIT_FAILURE); - } - TmVarSlotSetFuncAppend(tv_decode1,tm_module,NULL); - - tm_module = TmModuleGetByName("StreamTcp"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName StreamTcp failed\n"); - exit(EXIT_FAILURE); - } - TmVarSlotSetFuncAppend(tv_decode1,tm_module,NULL); - - TmThreadSetCPU(tv_decode1, DECODE_CPU_SET); - - if (TmThreadSpawn(tv_decode1) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } -#endif - /* start with cpu 1 so that if we're creating an odd number of detect - * threads we're not creating the most on CPU0. */ - if (ncpus > 0) - cpu = 1; - - /* always create at least one thread */ - int thread_max = TmThreadGetNbThreads(DETECT_CPU_SET); - if (thread_max == 0) - thread_max = ncpus * threading_detect_ratio; - if (thread_max < 1) - thread_max = 1; - - for (thread = 0; thread < thread_max; thread++) { - snprintf(tname, sizeof(tname),"Detect%"PRIu16, thread+1); - if (tname == NULL) - break; - - char *thread_name = SCStrdup(tname); - SCLogDebug("Assigning %s affinity to cpu %u", thread_name, cpu); - - ThreadVars *tv_detect_ncpu = TmThreadCreatePacketHandler(thread_name,"stream-queue1","simple","verdict-queue","simple","1slot"); - if (tv_detect_ncpu == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("Detect"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName Detect failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_detect_ncpu,tm_module,(void *)de_ctx); - - TmThreadSetCPU(tv_detect_ncpu, DETECT_CPU_SET); - - char *thread_group_name = SCStrdup("Detect"); - if (thread_group_name == NULL) { - printf("Error allocating memory\n"); - exit(EXIT_FAILURE); - } - tv_detect_ncpu->thread_group_name = thread_group_name; - - if (TmThreadSpawn(tv_detect_ncpu) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - if ((cpu + 1) == ncpus) - cpu = 0; - else - cpu++; - } - - ThreadVars *tv_rreject = TmThreadCreatePacketHandler("RespondReject","verdict-queue","simple","alert-queue","simple","1slot"); - if (tv_rreject == NULL) { - printf("ERROR: TmThreadsCreate failed\n"); - exit(EXIT_FAILURE); - } - tm_module = TmModuleGetByName("RespondReject"); - if (tm_module == NULL) { - printf("ERROR: TmModuleGetByName for RespondReject failed\n"); - exit(EXIT_FAILURE); - } - Tm1SlotSetFunc(tv_rreject,tm_module,NULL); - - TmThreadSetCPU(tv_rreject, REJECT_CPU_SET); - - if (TmThreadSpawn(tv_rreject) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - ThreadVars *tv_outputs = TmThreadCreatePacketHandler("Outputs", - "alert-queue", "simple", "packetpool", "packetpool", "varslot"); - SetupOutputs(tv_outputs); - - TmThreadSetCPU(tv_outputs, OUTPUT_CPU_SET); - - if (TmThreadSpawn(tv_outputs) != TM_ECODE_OK) { - printf("ERROR: TmThreadSpawn failed\n"); - exit(EXIT_FAILURE); - } - - return 0; -} - /** * \brief RunModeFilePcapAuto set up the following thread packet handlers: * - Receive thread (from pcap file) diff --git a/src/runmodes.h b/src/runmodes.h index 4675fe1699..c89efff0e9 100644 --- a/src/runmodes.h +++ b/src/runmodes.h @@ -23,12 +23,11 @@ #ifndef __RUNMODES_H__ #define __RUNMODES_H__ +void RunModeInitialize(void); void RunModeInitializeOutputs(void); +void SetupOutputs(ThreadVars *); -int RunModeIdsPcap(DetectEngineCtx *, char *); -int RunModeIdsPcap2(DetectEngineCtx *, char *); -int RunModeIdsPcap3(DetectEngineCtx *, char *); -int RunModeIdsPcapAuto(DetectEngineCtx *, char *); +#include "runmode-pcap.h" int RunModeIpsNFQ(DetectEngineCtx *, char *); int RunModeIpsNFQAuto(DetectEngineCtx *, char *); @@ -57,5 +56,6 @@ int RunModeFilePcapAutoFp(DetectEngineCtx *de_ctx, char *file); int RunModeIdsPfringAutoFp(DetectEngineCtx *de_ctx, char *iface); int threading_set_cpu_affinity; +extern float threading_detect_ratio; #endif /* __RUNMODES_H__ */