af-packet: auto mode support

src/runmode-af-packet.c

@@ -209,10 +209,7 @@ void *ParseAFPConfig(const char *iface)
         SCLogError(SC_ERR_INVALID_ARGUMENT, "Could not get checksum-checks from config");
     } else {
         if (strcmp(tmpctype, "auto") == 0) {
-            SCLogError(SC_ERR_INVALID_ARGUMENT,"'auto' mode is currently not supported");
-            /*
             aconf->checksum_mode = CHECKSUM_VALIDATION_AUTO;
-            */
         } else if (strcmp(tmpctype, "yes") == 0) {
             aconf->checksum_mode = CHECKSUM_VALIDATION_ENABLE;
         } else if (strcmp(tmpctype, "no") == 0) {

src/source-af-packet.c

@@ -58,9 +58,11 @@
 #include "tm-threads-common.h"
 #include "conf.h"
 #include "util-debug.h"
+#include "util-device.h"
 #include "util-error.h"
 #include "util-privs.h"
 #include "util-optimize.h"
+#include "util-checksum.h"
 #include "tmqh-packetpool.h"
 #include "source-af-packet.h"
 
@@ -157,6 +159,8 @@ typedef struct AFPThreadVars_
     int datalen; /** Length of per function and thread data */
 
     char iface[AFP_IFACE_NAME_LENGTH];
+    LiveDevice *livedev;
+
     /* socket buffer size */
     int buffer_size;
     int promisc;
@@ -272,6 +276,8 @@ int AFPRead(AFPThreadVars *ptv)
 
     ptv->pkts++;
     ptv->bytes += caplen + offset;
+    SC_ATOMIC_ADD(ptv->livedev->pkts, 1);
+    p->livedev = ptv->livedev;
 
     /* add forged header */
     if (ptv->cooked) {
@@ -291,7 +297,16 @@ int AFPRead(AFPThreadVars *ptv)
 
     /* We only check for checksum disable */
     if (ptv->checksum_mode == CHECKSUM_VALIDATION_DISABLE) {
+        p->flags |= PKT_IGNORE_CHECKSUM;
+    } else if (ptv->checksum_mode == CHECKSUM_VALIDATION_AUTO) {
+        if (ptv->livedev->ignore_checksum) {
+            p->flags |= PKT_IGNORE_CHECKSUM;
+        } else if (ChecksumAutoModeSwitch(ptv->pkts,
+                                          SC_ATOMIC_GET(ptv->livedev->pkts),
+                                          SC_ATOMIC_GET(ptv->livedev->invalid_checksums))) {
+            ptv->livedev->ignore_checksum = 1;
             p->flags |= PKT_IGNORE_CHECKSUM;
+        }
     } else {
         /* List is NULL if we don't have activated auxiliary data */
         for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) {
@@ -311,7 +326,6 @@ int AFPRead(AFPThreadVars *ptv)
         }
     }
 
-
     if (TmThreadsSlotProcessPkt(ptv->tv, ptv->slot, p) != TM_ECODE_OK) {
         TmqhOutputPacketpool(ptv->tv, p);
         SCReturnInt(AFP_FAILURE);
@@ -531,7 +545,7 @@ static int AFPCreateSocket(AFPThreadVars *ptv, char *devname, int verbose)
     }
 
     if (ptv->checksum_mode == CHECKSUM_VALIDATION_KERNEL) {
-        int    val = 1;
+        int val = 1;
         if (setsockopt(ptv->socket, SOL_PACKET, PACKET_AUXDATA, &val,
                     sizeof(val)) == -1 && errno != ENOPROTOOPT) {
             SCLogError(SC_ERR_AFP_CREATE,
@@ -617,6 +631,12 @@ TmEcode ReceiveAFPThreadInit(ThreadVars *tv, void *initdata, void **data) {
     strlcpy(ptv->iface, afpconfig->iface, AFP_IFACE_NAME_LENGTH);
     ptv->iface[AFP_IFACE_NAME_LENGTH - 1]= '\0';
 
+    ptv->livedev = LiveGetDevice(ptv->iface);
+    if (ptv->livedev == NULL) {
+        SCLogError(SC_ERR_INVALID_VALUE, "Unable to find Live device");
+        SCReturnInt(TM_ECODE_FAILED);
+    }
+
     ptv->buffer_size = afpconfig->buffer_size;
 
     ptv->promisc = afpconfig->promisc;