configurable outputs for nfq and pcap file.

src/runmodes.c

@@ -616,7 +616,7 @@ int RunModeIdsPcap3(DetectEngineCtx *de_ctx, char *iface) {
     return 0;
 }
 
-int RunModeIpsNFQ(DetectEngineCtx *de_ctx, LogFileCtx *af_logfile_ctx, LogFileCtx *ad_logfile_ctx, LogFileCtx *lh_logfile_ctx, LogFileCtx *aul_logfile_ctx, LogFileCtx *aua_logfile_ctx, LogFileCtx *au2a_logfile_ctx) {
+int RunModeIpsNFQ(DetectEngineCtx *de_ctx) {
     TimeModeSetLive();
 
     /* create the threads */
@@ -739,85 +739,10 @@ int RunModeIpsNFQ(DetectEngineCtx *de_ctx, LogFileCtx *af_logfile_ctx, LogFileCt
         exit(EXIT_FAILURE);
     }
 
-    ThreadVars *tv_alert = TmThreadCreatePacketHandler("AlertFastlog&Httplog","alert-queue1","simple","alert-queue2","simple","varslot");
-    if (tv_alert == NULL) {
-        printf("ERROR: TmThreadsCreate failed\n");
-        exit(EXIT_FAILURE);
-    }
-    tm_module = TmModuleGetByName("AlertFastlog");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName for AlertFastlog failed\n");
-        exit(EXIT_FAILURE);
-    }
-    TmVarSlotSetFuncAppend(tv_alert, tm_module, af_logfile_ctx);
-
-    tm_module = TmModuleGetByName("LogHttplog");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName failed\n");
-        exit(EXIT_FAILURE);
-    }
-    TmVarSlotSetFuncAppend(tv_alert, tm_module, lh_logfile_ctx);
-
-    if (TmThreadSpawn(tv_alert) != TM_ECODE_OK) {
-        printf("ERROR: TmThreadSpawn failed\n");
-        exit(EXIT_FAILURE);
-    }
-
-    ThreadVars *tv_unified = TmThreadCreatePacketHandler("AlertUnifiedLog","alert-queue2","simple","alert-queue3","simple","varslot");
-    if (tv_unified == NULL) {
-        printf("ERROR: TmThreadsCreate failed\n");
-        exit(EXIT_FAILURE);
-    }
-
-    tm_module = TmModuleGetByName("AlertUnifiedLog");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName for AlertUnifiedLog failed\n");
-        exit(EXIT_FAILURE);
-    }
-    TmVarSlotSetFuncAppend(tv_unified, tm_module, aul_logfile_ctx);
-
-    tm_module = TmModuleGetByName("AlertUnifiedAlert");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName for AlertUnifiedAlert failed\n");
-        exit(EXIT_FAILURE);
-    }
-    TmVarSlotSetFuncAppend(tv_unified, tm_module, aua_logfile_ctx);
-
-    if (TmThreadSpawn(tv_unified) != TM_ECODE_OK) {
-        printf("ERROR: TmThreadSpawn failed\n");
-        exit(EXIT_FAILURE);
-    }
-
-   ThreadVars *tv_unified2 = TmThreadCreatePacketHandler("Unified2Alert","alert-queue3","simple","alert-queue4","simple","1slot");
-    if (tv_unified2 == NULL) {
-        printf("ERROR: TmThreadsCreate failed\n");
-        exit(EXIT_FAILURE);
-    }
-    tm_module = TmModuleGetByName("Unified2Alert");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName failed\n");
-        exit(EXIT_FAILURE);
-    }
-    Tm1SlotSetFunc(tv_unified2,tm_module,au2a_logfile_ctx);
-
-    if (TmThreadSpawn(tv_unified2) != TM_ECODE_OK) {
-        printf("ERROR: TmThreadSpawn failed\n");
-        exit(EXIT_FAILURE);
-    }
-
-    ThreadVars *tv_debugalert = TmThreadCreatePacketHandler("AlertDebuglog","alert-queue4","simple","packetpool","packetpool","1slot");
-    if (tv_debugalert == NULL) {
-        printf("ERROR: TmThreadsCreate failed\n");
-        exit(EXIT_FAILURE);
-    }
-    tm_module = TmModuleGetByName("AlertDebuglog");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName failed\n");
-        exit(EXIT_FAILURE);
-    }
-    Tm1SlotSetFunc(tv_debugalert,tm_module, ad_logfile_ctx);
-
-    if (TmThreadSpawn(tv_debugalert) != TM_ECODE_OK) {
+    ThreadVars *tv_outputs = TmThreadCreatePacketHandler("Outputs",
+        "alert-queue1", "simple", "packetpool", "packetpool", "varslot");
+    SetupOutputs(tv_outputs);
+    if (TmThreadSpawn(tv_outputs) != TM_ECODE_OK) {
         printf("ERROR: TmThreadSpawn failed\n");
         exit(EXIT_FAILURE);
     }
@@ -825,7 +750,7 @@ int RunModeIpsNFQ(DetectEngineCtx *de_ctx, LogFileCtx *af_logfile_ctx, LogFileCt
     return 0;
 }
 
-int RunModeFilePcap(DetectEngineCtx *de_ctx, char *file, LogFileCtx *af_logfile_ctx, LogFileCtx *ad_logfile_ctx, LogFileCtx *lh_logfile_ctx, LogFileCtx *aul_logfile_ctx, LogFileCtx *aua_logfile_ctx, LogFileCtx *au2a_logfile_ctx) {
+int RunModeFilePcap(DetectEngineCtx *de_ctx, char *file) {
     printf("RunModeFilePcap: file %s\n", file);
     TimeModeSetOffline();
 
@@ -917,96 +842,21 @@ int RunModeFilePcap(DetectEngineCtx *de_ctx, char *file, LogFileCtx *af_logfile_
         exit(EXIT_FAILURE);
     }
 
-    ThreadVars *tv_alert = TmThreadCreatePacketHandler("AlertFastlog&Httplog","alert-queue1","simple","alert-queue2","simple","varslot");
-    if (tv_alert == NULL) {
-        printf("ERROR: TmThreadsCreate failed\n");
-        exit(EXIT_FAILURE);
-    }
-    tm_module = TmModuleGetByName("AlertFastlog");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName for AlertFastlog failed\n");
-        exit(EXIT_FAILURE);
-    }
-    TmVarSlotSetFuncAppend(tv_alert,tm_module,af_logfile_ctx);
-
-    tm_module = TmModuleGetByName("LogHttplog");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName failed\n");
-        exit(EXIT_FAILURE);
-    }
-    TmVarSlotSetFuncAppend(tv_alert,tm_module, lh_logfile_ctx);
-
-    if (TmThreadSpawn(tv_alert) != TM_ECODE_OK) {
-        printf("ERROR: TmThreadSpawn failed\n");
-        exit(EXIT_FAILURE);
-    }
-
-    ThreadVars *tv_unified = TmThreadCreatePacketHandler("AlertUnifiedLog","alert-queue2","simple","alert-queue3","simple","varslot");
-    if (tv_unified == NULL) {
-        printf("ERROR: TmThreadsCreate failed\n");
-        exit(EXIT_FAILURE);
-    }
-
-    tm_module = TmModuleGetByName("AlertUnifiedLog");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName for AlertUnifiedLog failed\n");
-        exit(EXIT_FAILURE);
-    }
-    TmVarSlotSetFuncAppend(tv_unified,tm_module,aul_logfile_ctx);
-
-    tm_module = TmModuleGetByName("AlertUnifiedAlert");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName for AlertUnifiedAlert failed\n");
-        exit(EXIT_FAILURE);
-    }
-    TmVarSlotSetFuncAppend(tv_unified,tm_module,aua_logfile_ctx);
-
-    if (TmThreadSpawn(tv_unified) != TM_ECODE_OK) {
-        printf("ERROR: TmThreadSpawn failed\n");
-        exit(EXIT_FAILURE);
-    }
-
-    ThreadVars *tv_unified2 = TmThreadCreatePacketHandler("Unified2Alert","alert-queue3","simple","alert-queue4","simple","1slot");
-    if (tv_unified2 == NULL) {
-        printf("ERROR: TmThreadsCreate failed\n");
-        exit(EXIT_FAILURE);
-    }
-
-    tm_module = TmModuleGetByName("Unified2Alert");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName for Unified2Alert failed\n");
-        exit(EXIT_FAILURE);
-    }
-    Tm1SlotSetFunc(tv_unified2,tm_module,au2a_logfile_ctx);
-
-    if (TmThreadSpawn(tv_unified2) != TM_ECODE_OK) {
+    ThreadVars *tv_outputs = TmThreadCreatePacketHandler("Outputs",
+        "alert-queue1", "simple", "packetpool", "packetpool", "varslot");
+    SetupOutputs(tv_outputs);
+    if (TmThreadSpawn(tv_outputs) != TM_ECODE_OK) {
         printf("ERROR: TmThreadSpawn failed\n");
         exit(EXIT_FAILURE);
     }
 
-    ThreadVars *tv_debugalert = TmThreadCreatePacketHandler("AlertDebuglog","alert-queue4","simple","packetpool","packetpool","1slot");
-    if (tv_debugalert == NULL) {
-        printf("ERROR: TmThreadsCreate failed\n");
-        exit(EXIT_FAILURE);
-    }
-    tm_module = TmModuleGetByName("AlertDebuglog");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName failed\n");
-        exit(EXIT_FAILURE);
-    }
-    Tm1SlotSetFunc(tv_debugalert,tm_module, ad_logfile_ctx);
-
-    if (TmThreadSpawn(tv_debugalert) != TM_ECODE_OK) {
-        printf("ERROR: TmThreadSpawn failed\n");
-        exit(EXIT_FAILURE);
-    }
     return 0;
 }
 
 /**
  * \brief Single thread version of the Pcap file processing.
  */
-int RunModeFilePcap2(DetectEngineCtx *de_ctx, char *file, LogFileCtx *af_logfile_ctx, LogFileCtx *ad_logfile_ctx, LogFileCtx *lh_logfile_ctx, LogFileCtx *aul_logfile_ctx, LogFileCtx *aua_logfile_ctx, LogFileCtx *au2a_logfile_ctx) {
+int RunModeFilePcap2(DetectEngineCtx *de_ctx, char *file) {
     printf("RunModeFilePcap2: file %s\n", file);
     TimeModeSetOffline();
 
@@ -1045,46 +895,7 @@ int RunModeFilePcap2(DetectEngineCtx *de_ctx, char *file, LogFileCtx *af_logfile
     }
     TmVarSlotSetFuncAppend(tv,tm_module,(void *)de_ctx);
 
-    tm_module = TmModuleGetByName("AlertFastlog");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName for AlertFastlog failed\n");
-        exit(EXIT_FAILURE);
-    }
-    TmVarSlotSetFuncAppend(tv,tm_module,af_logfile_ctx);
-
-    tm_module = TmModuleGetByName("LogHttplog");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName failed\n");
-        exit(EXIT_FAILURE);
-    }
-    TmVarSlotSetFuncAppend(tv,tm_module, lh_logfile_ctx);
-
-    tm_module = TmModuleGetByName("AlertUnifiedLog");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName for AlertUnifiedLog failed\n");
-        exit(EXIT_FAILURE);
-    }
-    TmVarSlotSetFuncAppend(tv,tm_module,aul_logfile_ctx);
-
-    tm_module = TmModuleGetByName("AlertUnifiedAlert");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName for AlertUnifiedAlert failed\n");
-        exit(EXIT_FAILURE);
-    }
-    TmVarSlotSetFuncAppend(tv,tm_module,aua_logfile_ctx);
-
-    tm_module = TmModuleGetByName("Unified2Alert");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName for Unified2Alert failed\n");
-        exit(EXIT_FAILURE);
-    }
-    TmVarSlotSetFuncAppend(tv,tm_module,au2a_logfile_ctx);
-    tm_module = TmModuleGetByName("AlertDebuglog");
-    if (tm_module == NULL) {
-        printf("ERROR: TmModuleGetByName failed\n");
-        exit(EXIT_FAILURE);
-    }
-    TmVarSlotSetFuncAppend(tv,tm_module, ad_logfile_ctx);
+    SetupOutputs(tv);
 
     if (TmThreadSpawn(tv) != TM_ECODE_OK) {
         printf("ERROR: TmThreadSpawn failed\n");

src/runmodes.h

@@ -5,10 +5,10 @@ int RunModeIdsPcap(DetectEngineCtx *, char *);
 int RunModeIdsPcap2(DetectEngineCtx *, char *);
 int RunModeIdsPcap3(DetectEngineCtx *, char *);
 
-int RunModeIpsNFQ(DetectEngineCtx *, LogFileCtx *, LogFileCtx *, LogFileCtx *, LogFileCtx *, LogFileCtx *, LogFileCtx *);
+int RunModeIpsNFQ(DetectEngineCtx *);
 
-int RunModeFilePcap(DetectEngineCtx *, char *, LogFileCtx *, LogFileCtx *, LogFileCtx *, LogFileCtx *, LogFileCtx *, LogFileCtx *);
-int RunModeFilePcap2(DetectEngineCtx *, char *, LogFileCtx *, LogFileCtx *, LogFileCtx *, LogFileCtx *, LogFileCtx *, LogFileCtx *);
+int RunModeFilePcap(DetectEngineCtx *, char *);
+int RunModeFilePcap2(DetectEngineCtx *, char *);
 
 int RunModeIdsPfring(DetectEngineCtx *, char *);
 int RunModeIdsPfring2(DetectEngineCtx *, char *);

src/suricata.c

@@ -624,14 +624,6 @@ int main(int argc, char **argv)
 
     SCClassConfLoadClassficationConfigFile(de_ctx);
 
-    /* Logging/alerting contexts.  Eventually this won't be needed. */
-    LogFileCtx *af_logfile_ctx = NULL;    /* AlertFastlog */
-    LogFileCtx *ad_logfile_ctx = NULL;    /* AlertDebuglog */
-    LogFileCtx *lh_logfile_ctx = NULL;    /* LogHttplog */
-    LogFileCtx *aul_logfile_ctx = NULL;   /* AlertUnifiedLog */
-    LogFileCtx *aua_logfile_ctx = NULL;   /* AlertUnifiedAlert */
-    LogFileCtx *au2a_logfile_ctx = NULL;  /* Unified2Alert */
-
     if (SigLoadSignatures(de_ctx, sig_file) < 0) {
         if (sig_file == NULL) {
             SCLogError(SC_ERR_OPENING_FILE, "Signature file has not been provided");
@@ -652,14 +644,8 @@ int main(int argc, char **argv)
         //RunModeIdsPcap(de_ctx, pcap_dev);
     }
     else if (mode == MODE_PCAP_FILE) {
-        af_logfile_ctx = AlertFastlogInitCtx(NULL);
-        ad_logfile_ctx = AlertDebuglogInitCtx(NULL);
-        lh_logfile_ctx = LogHttplogInitCtx(NULL);
-        aul_logfile_ctx = AlertUnifiedLogInitCtx(NULL);
-        aua_logfile_ctx = AlertUnifiedAlertInitCtx(NULL);
-        au2a_logfile_ctx = Unified2AlertInitCtx(NULL);
-        RunModeFilePcap(de_ctx, pcap_file, af_logfile_ctx, ad_logfile_ctx, lh_logfile_ctx, aul_logfile_ctx, aua_logfile_ctx, au2a_logfile_ctx);
-        //RunModeFilePcap2(de_ctx, pcap_file, af_logfile_ctx, ad_logfile_ctx, lh_logfile_ctx, aul_logfile_ctx, aua_logfile_ctx, au2a_logfile_ctx);
+        RunModeFilePcap(de_ctx, pcap_file);
+        //RunModeFilePcap2(de_ctx, pcap_file);
     }
     else if (mode == MODE_PFRING) {
         //RunModeIdsPfring3(de_ctx, pfring_dev);
@@ -667,13 +653,7 @@ int main(int argc, char **argv)
         RunModeIdsPfring(de_ctx, pfring_dev);
     }
     else if (mode == MODE_NFQ) {
-        af_logfile_ctx = AlertFastlogInitCtx(NULL);
-        ad_logfile_ctx = AlertDebuglogInitCtx(NULL);
-        lh_logfile_ctx = LogHttplogInitCtx(NULL);
-        aul_logfile_ctx = AlertUnifiedLogInitCtx(NULL);
-        aua_logfile_ctx = AlertUnifiedAlertInitCtx(NULL);
-        au2a_logfile_ctx = Unified2AlertInitCtx(NULL);
-        RunModeIpsNFQ(de_ctx, af_logfile_ctx, ad_logfile_ctx, lh_logfile_ctx, aul_logfile_ctx, aua_logfile_ctx, au2a_logfile_ctx);
+        RunModeIpsNFQ(de_ctx);
     }
     else {
         printf("ERROR: Unknown runtime mode.\n");
@@ -767,14 +747,5 @@ int main(int argc, char **argv)
 
     RunModeShutDown();
 
-    /* Remove when all run modes use the configuration file for output
-     * configuration. LogFileFreeCtx accepts NULL. */
-    LogFileFreeCtx(af_logfile_ctx);
-    LogFileFreeCtx(lh_logfile_ctx);
-    LogFileFreeCtx(ad_logfile_ctx);
-    LogFileFreeCtx(aul_logfile_ctx);
-    LogFileFreeCtx(aua_logfile_ctx);
-    LogFileFreeCtx(au2a_logfile_ctx);
-
     exit(EXIT_SUCCESS);
 }