Issue: 5172
This commit forces the current stream to be closed when a hard error
occurs.
Without this commit, a hard error will force a 2nd connection
the stream that raised the error.
With this commit, the stream with the hard error is closed before
opening another connection to the stream.
Verified with the Python snippet in the redmine issue.
Initialize both seconds and useconds of packet timestamp from napatech
timestamp format.
This commit uses updated macro definitions from util-utime.h to avoid
zero seconds value.
Issue: 6372
When thread affinity is set, the NUMA configuration specified in
the napatech.ini configuration could be incorrect and then fail.
This fails before the recommended configuration is printed, which
is pretty unhelpful.
Previous implementation hardcoded up to 4 NUMA nodes.
We support arbitrary number of NUMA nodes now.
Note that this commit also removes the old SCLog logging
calls. But since the logic has changed, these have been replaced
directly with new code.
Since f8474344cd, there is an extra
argument to SCLog which indicates the module and subsystem
identifier. The Napatech vendor code is missing this argument,
which is fixed here.
Use a fixed type of max_pending_packets instead of intmax_t which can
differ based on the platform/standard library.
Should also prevent lints about possible arithmetic overflow.
Issue: 5718
This commit switches the majority of time handling to a new type --
SCTime_t -- which is a 64 bit container for time:
- 44 bits -- seconds
- 20 bits -- useconds
Each module (thread) updates its status to indicate running.
Main thread awaits for all threads to be in a running state
before continuing the initialisation process
Implements feature 5384
(https://redmine.openinfosecfoundation.org/issues/5384)
Update DROP action handling in tunnel packets. DROP/REJECT action is set
to outer (root) and inner packet.
Check action flags both against outer (root) and inner packet.
Remove PACKET_SET_ACTION macro. Replace with RESET for the one reset usecase.
The reason to remove is to make the logic easier to understand.
Reduce scope of RESET macros.
Rename PacketTestAction to PacketCheckAction except in unittests. Keep
PacketTestAction as a wrapper around PacketCheckAction. This makes it
easier to trace the action handling in the real code.
Fix rate_filter setting actions directly.
General code cleanups.
Bug: #5571.
Work towards making `suricata-common.h` only introduce system headers
and other things that are independent of complex internal Suricata
data structures.
Update files to compile after this.
Remove special DPDK handling for strlcpy and strlcat, as this caused
many compilation failures w/o including DPDK headers for all files.
Remove packet macros from decode.h and move them into their own file,
turn them into functions and rename them to match our function naming
policy.
As Suricata is not supporting pcap-ng we have to stick with one single
datalink type for the capture if ever we want to do pcap logging.
Assuming this, this patch introduces a function to set the link
type globally. This will be used with pcap conditional logging
to get the logging of TCP segments with the correct link type.
This addresses readmine issue #4018. There was the potential for a packet
buffer to be released twice in response to an error condition. This
addresses this by only calling NT_NetRxRelease() when the p->ReleasePacket
is called.
Replaces all patterns of SCLogError() followed by exit() with
FatalError(). Cocci script to do this:
@@
constant C;
constant char[] msg;
@@
- SCLogError(C,
+ FatalError(SC_ERR_FATAL,
msg);
- exit(EXIT_FAILURE);
Closes redmine ticket 3188.
Previously a single handle to the FlowStream (which is used to program
flows to the card) was shared between the threads. This resulted
in contention between the threads where sometimes programming the flow would
silently fail.
This commit fixes the conversion of timestamps. Without the extra
parens, the resulting timestamp value for usecs will be 1 or 0 due to
the operator precedence order (+ takes precedence over ?:)
The end-of-processing has been restructured so that Packet and Hostbuffer
data structures are now released within the NapatechReleasePacket() callback
function.
Previously each 'TmSlot' had it's own packet queue that was passed
to the registered SlotFunc as an argument. This was used mostly for
tunnel packets by the decoders and by defrag.
This patch removes that in favor of a single queue in the ThreadVars:
decode_pq. This is the non-locked version of the queue as this is
only a temporary store for handling packets within a thread.
This patch removes the PacketQueue pointer argument from the API.
The new queue can be accessed directly through the ThreadVars
pointer.
When TmThreadsSlotProcessPkt fails it will return the packet that was
passed to it to the packetpool.
Some of the packet sources were doing this manually as well. This patch
fixes those sources.
- There is now an option to automatically create streams on the
correct NUMA node when using cpu affinity.
- When not using cpu affinity the user can specify streams to be
created in the suricata.yaml file. It is no longer required to
use NTPL to create streams before running suricata.
- The legacy usage model of running NTPL to create streams is still
available. This can be used for legacy configurations and complex
configurations that cannot be satisfied by the auto-config option.
added util-napatech module which contains implementation threads
for processing statistics. And modified source-napatech and
runmode-napatech to instantiate the threads.
napatech: Implementation of packet counters
napatech: implementation of statistics counters
napatech: Implementation of packet counters.
napatech: added util-napatech module
napatech: added utils-napatech module.
added include declaration and napatech specific structure when HAVE_NAPATECH
is defined.
Added util-napatech module to project.
Set flags by default:
-Wmissing-prototypes
-Wmissing-declarations
-Wstrict-prototypes
-Wwrite-strings
-Wcast-align
-Wbad-function-cast
-Wformat-security
-Wno-format-nonliteral
-Wmissing-format-attribute
-funsigned-char
Fix minor compiler warnings for these new flags on gcc and clang.
This patch adds a new callback PktAcqBreakLoop() in TmModule to let
packet acquisition modules define "break-loop" functions to terminate
the capture loop. This is useful in case of blocking functions that
need special actions to take place in order to stop the execution.
Implement this for PF_RING
Victor Julien
Jeff Lucovsky
Ilya Bakhtin
Ralph Eastwood
Jason Ish
Jeff Lucovsky
Richard McConnell
Eric Leblond
Victor Julien
Phil Young
Jeff Lucovsky
Shivani Bhardwaj
cardigliano