aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

pfring: restore compatibility with v1.0 config

Browse Source 
Compatibility of pfring module with previous version was broken. This
patch restores backward compatibility.
remotes/origin/master-1.1.x
Eric Leblond 14 years ago
parent a64dcfeba2
commit d9d8286671
2 changed files with 134 additions and 10 deletions
Show Stats Download Patch File Download Diff File

137
src/runmode-pfring.c
Unescape Escape View File

@ -42,6 +42,10 @@
static const char *default_mode_auto = NULL;
static const char *default_mode_autofp = NULL;
#define PFRING_CONF_V1 1
#define PFRING_CONF_V2 2
const char *RunModeIdsPfringGetDefaultMode(void)
{
#ifdef HAVE_PFRING
@ -69,6 +73,81 @@ void RunModeIdsPfringRegister(void)
return;
}
/**
* \brief extract information from config file
*
* The returned structure will be freed by the thread init function.
* This is thus necessary to or copy the structure before giving it
* to thread or to reparse the file for each thread (and thus have
* new structure.
*
* If old config system is used, then return the smae parameters
* value for each interface.
*
* \return a PfringIfaceConfig corresponding to the interface name
*/
void *OldParsePfringConfig(const char *iface)
{
char *threadsstr = NULL;
PfringIfaceConfig *pfconf = SCMalloc(sizeof(*pfconf));
char *tmpclusterid;
#ifdef HAVE_PFRING_CLUSTER_TYPE
char *tmpctype = NULL;
char * default_ctype = strdup("cluster_round_robin");
#endif
if (iface == NULL) {
return NULL;
}
if (pfconf == NULL) {
return NULL;
}
strlcpy(pfconf->iface, iface, sizeof(pfconf->iface));
pfconf->threads = 1;
pfconf->cluster_id = 1;
#ifdef HAVE_PFRING_CLUSTER_TYPE
pfconf->ctype = (cluster_type)default_ctype;
#endif
/* Find initial node */
if (ConfGet("pfring.threads", &threadsstr) != 1) {
pfconf->threads = 1;
} else {
if (threadsstr != NULL) {
pfconf->threads = (uint8_t)atoi(threadsstr);
}
}
if (pfconf->threads == 0) {
pfconf->threads = 1;
}
if (ConfGet("pfring.cluster-id", &tmpclusterid) != 1) {
SCLogError(SC_ERR_INVALID_ARGUMENT,"Could not get cluster-id from config");
} else {
pfconf->cluster_id = (uint16_t)atoi(tmpclusterid);
SCLogDebug("Going to use cluster-id %" PRId32, pfconf->cluster_id);
}
#ifdef HAVE_PFRING_CLUSTER_TYPE
if (ConfGet("pfring.cluster-type", &tmpctype) != 1) {
SCLogError(SC_ERR_GET_CLUSTER_TYPE_FAILED,"Could not get cluster-type fron config");
} else if (strcmp(tmpctype, "cluster_round_robin") == 0) {
SCLogInfo("Using round-robin cluster mode for PF_RING (iface %s)",
pfconf->iface);
pfconf->ctype = (cluster_type)tmpctype;
} else if (strcmp(tmpctype, "cluster_flow") == 0) {
SCLogInfo("Using flow cluster mode for PF_RING (iface %s)",
pfconf->iface);
pfconf->ctype = (cluster_type)tmpctype;
} else {
SCLogError(SC_ERR_INVALID_CLUSTER_TYPE,"invalid cluster-type %s",tmpctype);
return NULL;
}
#endif
return pfconf;
}
/**
* \brief extract information from config file
*
@ -117,8 +196,11 @@ void *ParsePfringConfig(const char *iface)
if_root = ConfNodeLookupKeyValue(pf_ring_node, "interface", iface);
if (if_root == NULL) {
SCLogInfo("Unable to find af-packet config for "
"interface %s, using default value",
/* Switch to old mode */
if_root = pf_ring_node;
SCLogInfo("Unable to find pfring config for "
"interface %s, using default value or 1.0 "
"configuration system. ",
iface);
return pfconf;
}
@ -166,6 +248,19 @@ int PfringConfigGeThreadsCount(void *conf)
return pfp->threads;
}
int PfringConfLevel()
{
char *def_dev;
/* 1.0 config should return a string */
if (ConfGet("pfring.interface", &def_dev) != 1) {
return PFRING_CONF_V2;
} else {
SCLogInfo("Using 1.0 style configuration for pfring");
return PFRING_CONF_V1;
}
return PFRING_CONF_V2;
}
/**
* \brief RunModeIdsPfringAuto set up the following thread packet handlers:
* - Receive thread (from pfring)
@ -190,7 +285,8 @@ int RunModeIdsPfringAuto(DetectEngineCtx *de_ctx)
/* We include only if pfring is enabled */
#ifdef HAVE_PFRING
int ret;
char live_dev = NULL;
char *live_dev = NULL;
ConfigIfaceParserFunc tparser;
RunModeInitialize();
@ -198,7 +294,22 @@ int RunModeIdsPfringAuto(DetectEngineCtx *de_ctx)
ConfGet("pfring.live-interface", &live_dev);
ret = RunModeSetLiveCaptureAuto(de_ctx, ParsePfringConfig, "ReceivePfring", "DecodePfring",
/* determine which config type we have */
if (PfringConfLevel() > PFRING_CONF_V1) {
tparser = ParsePfringConfig;
} else {
tparser = OldParsePfringConfig;
/* In v1: try to get interface name from config */
if (live_dev == NULL) {
if (ConfGet("pfring.interface", &live_dev) == 1) {
SCLogInfo("Using interface %s", live_dev);
} else {
live_dev = NULL;
}
}
}
ret = RunModeSetLiveCaptureAuto(de_ctx, tparser, "ReceivePfring", "DecodePfring",
"RxPFR", live_dev);
if (ret != 0) {
printf("ERROR: TmThreadSpawn failed\n");
@ -216,6 +327,7 @@ int RunModeIdsPfringAutoFp(DetectEngineCtx *de_ctx)
#ifdef HAVE_PFRING
int ret;
char *live_dev = NULL;
ConfigIfaceParserFunc tparser;
RunModeInitialize();
@ -225,8 +337,23 @@ int RunModeIdsPfringAutoFp(DetectEngineCtx *de_ctx)
SCLogDebug("live_dev %s", live_dev);
/* determine which config type we have */
if (PfringConfLevel() > PFRING_CONF_V1) {
tparser = ParsePfringConfig;
} else {
tparser = OldParsePfringConfig;
/* In v1: try to get interface name from config */
if (live_dev == NULL) {
if (ConfGet("pfring.interface", &live_dev) == 1) {
SCLogInfo("Using interface %s", live_dev);
} else {
live_dev = NULL;
}
}
}
ret = RunModeSetLiveCaptureAutoFp(de_ctx,
ParsePfringConfig,
tparser,
PfringConfigGeThreadsCount,
"ReceivePfring",
"DecodePfring", "RxPFR",

7
src/suricata.c
Unescape Escape View File

@ -1442,11 +1442,8 @@ int main(int argc, char **argv)
exit(EXIT_FAILURE);
}
} else {
int ret = LiveBuildIfaceList("pfring");
if (ret == 0) {
fprintf(stderr, "ERROR: No interface found in config for pfring\n");
exit(EXIT_FAILURE);
}
/* not an error condition if we have a 1.0 config */
LiveBuildIfaceList("pfring");
}
#endif /* HAVE_PFRING */
} else if (run_mode == RUNMODE_AFP_DEV) {

Write Preview
Loading…
Cancel
Save