/* Add another thread for file capture to disk or network * When settings are changed, snort must be restarted to get it applied */ void file_agent_init(FileInspectConf* conf) { /*Need to check configuration to decide whether to enable them*/ if (conf->file_type_enabled) { _dpd.fileAPI->enable_file_type(file_agent_type_callback); file_type_enabled = true; } if (conf->file_signature_enabled) { _dpd.fileAPI->enable_file_signature(file_agent_signature_callback); file_signature_enabled = true; } if (conf->file_capture_enabled) { _dpd.fileAPI->enable_file_capture(file_agent_signature_callback); file_capture_enabled = true; } if (conf->hostname) { file_agent_init_socket(conf->hostname, conf->portno); } file_list = cbuffer_init(conf->file_capture_queue_size); if(!file_list) { FILE_FATAL_ERROR("File capture: Unable to create file capture queue!"); } file_agent_thread_init(); #ifndef WIN32 /* In daemon mode we need to re-create cbuffer consumer thread */ pthread_atfork(file_agent_close,NULL,file_agent_thread_init); #endif }
/* Add another thread for file capture to disk or network * When settings are changed, snort must be restarted to get it applied */ void file_agent_init(FileInspectConf* conf) { int rval; const struct timespec thread_sleep = { 0, 100 }; sigset_t mask; /*Need to check configuration to decide whether to enable them*/ if (conf->file_type_enabled) { _dpd.fileAPI->enable_file_type(file_agent_type_callback); file_type_enabled = true; } if (conf->file_signature_enabled) { _dpd.fileAPI->enable_file_signature(file_agent_signature_callback); file_signature_enabled = true; } if (conf->file_capture_enabled) { _dpd.fileAPI->enable_file_capture(file_agent_signature_callback); file_capture_enabled = true; } if (conf->hostname) { file_agent_init_socket(conf->hostname, conf->portno); } /* Spin off the file capture handler thread. */ sigemptyset(&mask); sigaddset(&mask, SIGTERM); sigaddset(&mask, SIGQUIT); sigaddset(&mask, SIGPIPE); sigaddset(&mask, SIGINT); sigaddset(&mask, SIGHUP); sigaddset(&mask, SIGUSR1); sigaddset(&mask, SIGUSR2); sigaddset(&mask, SIGCHLD); sigaddset(&mask, SIGURG); sigaddset(&mask, SIGVTALRM); pthread_sigmask(SIG_SETMASK, &mask, NULL); file_list = cbuffer_init(conf->file_capture_queue_size); if(!file_list) { FILE_FATAL_ERROR("File capture: Unable to create file capture queue!"); } if ((rval = pthread_create(&capture_thread_tid, NULL, &FileCaptureThread, conf)) != 0) { sigemptyset(&mask); pthread_sigmask(SIG_SETMASK, &mask, NULL); FILE_FATAL_ERROR("File capture: Unable to create a " "processing thread: %s", strerror(rval)); } while (!capture_thread_running) nanosleep(&thread_sleep, NULL); sigemptyset(&mask); pthread_sigmask(SIG_SETMASK, &mask, NULL); _dpd.logMsg("File capture thread started tid=%p (pid=%u)\n", (void *) capture_thread_tid, capture_thread_pid); }