/**
* \brief Single thread version of the Pcap file processing.
*/
int RunModeFilePcapSingle(DetectEngineCtx *de_ctx)
{
char *file = NULL;
if (ConfGet("pcap-file.file", &file) == 0) {
SCLogError(SC_ERR_RUNMODE, "Failed retrieving pcap-file from Conf");
exit(EXIT_FAILURE);
}
RunModeInitialize();
TimeModeSetOffline();
/* create the threads */
ThreadVars *tv = TmThreadCreatePacketHandler("PcapFile",
"packetpool", "packetpool",
"packetpool", "packetpool",
"pktacqloop");
if (tv == NULL) {
printf("ERROR: TmThreadsCreate failed\n");
exit(EXIT_FAILURE);
}
TmModule *tm_module = TmModuleGetByName("ReceivePcapFile");
if (tm_module == NULL) {
printf("ERROR: TmModuleGetByName failed for ReceivePcap\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv, tm_module, file);
tm_module = TmModuleGetByName("DecodePcapFile");
if (tm_module == NULL) {
printf("ERROR: TmModuleGetByName DecodePcap failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv, tm_module, NULL);
tm_module = TmModuleGetByName("StreamTcp");
if (tm_module == NULL) {
printf("ERROR: TmModuleGetByName StreamTcp failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv, tm_module, NULL);
tm_module = TmModuleGetByName("Detect");
if (tm_module == NULL) {
printf("ERROR: TmModuleGetByName Detect failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv, tm_module, (void *)de_ctx);
SetupOutputs(tv);
TmThreadSetCPU(tv, DETECT_CPU_SET);
if (TmThreadSpawn(tv) != TM_ECODE_OK) {
printf("ERROR: TmThreadSpawn failed\n");
exit(EXIT_FAILURE);
}
return 0;
}
uint32_t UtRunTests(char *regex_arg) {
UtTest *ut;
uint32_t good = 0, bad = 0, matchcnt = 0;
int ret = 0, rcomp = 0;
int ov[MAX_SUBSTRINGS];
int failure_fatal;
if (ConfGetBool("unittests.failure-fatal", &failure_fatal) != 1) {
SCLogDebug("ConfGetBool could not load the value.");
failure_fatal = 0;
}
rcomp = UtRegex(regex_arg);
if(rcomp == 1){
for (ut = ut_list; ut != NULL; ut = ut->next) {
ret = pcre_exec(parse_regex, parse_regex_study, ut->name, strlen(ut->name), 0, 0, ov, MAX_SUBSTRINGS);
if( ret >= 1 ) {
printf("Test %-60.60s : ", ut->name);
matchcnt++;
fflush(stdout); /* flush so in case of a segv we see the testname */
/* reset the time */
TimeModeSetOffline();
TimeSetToCurrentTime();
ret = ut->TestFn();
printf("%s\n", (ret == ut->evalue) ? "pass" : "FAILED");
if (ret != ut->evalue) {
if (failure_fatal == 1) {
fprintf(stderr, "ERROR: unittest failed.\n");
exit(EXIT_FAILURE);
}
bad++;
} else {
good++;
}
}
}
if(matchcnt > 0){
printf("==== TEST RESULTS ====\n");
printf("PASSED: %" PRIu32 "\n", good);
printf("FAILED: %" PRIu32 "\n", bad);
printf("======================\n");
} else {
SCLogInfo("UtRunTests: regex provided regex_arg: %s did not match any tests",regex_arg);
}
} else {
SCLogInfo("UtRunTests: pcre compilation failed");
}
return bad;
}
/**
* \brief Single thread version of the Pcap file processing.
*/
int RunModeFilePcapSingle(void)
{
const char *file = NULL;
char tname[TM_THREAD_NAME_MAX];
if (ConfGet("pcap-file.file", &file) == 0) {
SCLogError(SC_ERR_RUNMODE, "Failed retrieving pcap-file from Conf");
exit(EXIT_FAILURE);
}
RunModeInitialize();
TimeModeSetOffline();
PcapFileGlobalInit();
snprintf(tname, sizeof(tname), "%s#01", thread_name_single);
/* create the threads */
ThreadVars *tv = TmThreadCreatePacketHandler(tname,
"packetpool", "packetpool",
"packetpool", "packetpool",
"pktacqloop");
if (tv == NULL) {
SCLogError(SC_ERR_RUNMODE, "threading setup failed");
exit(EXIT_FAILURE);
}
TmModule *tm_module = TmModuleGetByName("ReceivePcapFile");
if (tm_module == NULL) {
SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName failed for ReceivePcap");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv, tm_module, file);
tm_module = TmModuleGetByName("DecodePcapFile");
if (tm_module == NULL) {
SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName DecodePcap failed");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv, tm_module, NULL);
tm_module = TmModuleGetByName("FlowWorker");
if (tm_module == NULL) {
SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName for FlowWorker failed");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv, tm_module, NULL);
TmThreadSetCPU(tv, WORKER_CPU_SET);
#ifndef AFLFUZZ_PCAP_RUNMODE
if (TmThreadSpawn(tv) != TM_ECODE_OK) {
SCLogError(SC_ERR_RUNMODE, "TmThreadSpawn failed");
exit(EXIT_FAILURE);
}
#else
/* in afl mode we don't spawn a new thread, but run the pipeline
* in the main thread */
tv->tm_func(tv);
int afl_runmode_exit_immediately = 0;
(void)ConfGetBool("afl.exit_after_pcap", &afl_runmode_exit_immediately);
if (afl_runmode_exit_immediately) {
SCLogNotice("exit because of afl-runmode-exit-after-pcap commandline option");
exit(EXIT_SUCCESS);
}
#endif
return 0;
}
/**
* \brief RunModeFilePcapAutoFp set up the following thread packet handlers:
* - Receive thread (from pcap file)
* - Decode thread
* - Stream thread
* - Detect: If we have only 1 cpu, it will setup one Detect thread
* If we have more than one, it will setup num_cpus - 1
* starting from the second cpu available.
* - Outputs thread
* By default the threads will use the first cpu available
* except the Detection threads if we have more than one cpu.
*
* \retval 0 If all goes well. (If any problem is detected the engine will
* exit()).
*/
int RunModeFilePcapAutoFp(void)
{
SCEnter();
char tname[TM_THREAD_NAME_MAX];
char qname[TM_QUEUE_NAME_MAX];
uint16_t cpu = 0;
char *queues = NULL;
uint16_t thread;
RunModeInitialize();
const char *file = NULL;
if (ConfGet("pcap-file.file", &file) == 0) {
SCLogError(SC_ERR_RUNMODE, "Failed retrieving pcap-file from Conf");
exit(EXIT_FAILURE);
}
SCLogDebug("file %s", file);
TimeModeSetOffline();
PcapFileGlobalInit();
/* Available cpus */
uint16_t ncpus = UtilCpuGetNumProcessorsOnline();
/* start with cpu 1 so that if we're creating an odd number of detect
* threads we're not creating the most on CPU0. */
if (ncpus > 0)
cpu = 1;
/* always create at least one thread */
int thread_max = TmThreadGetNbThreads(WORKER_CPU_SET);
if (thread_max == 0)
thread_max = ncpus * threading_detect_ratio;
if (thread_max < 1)
thread_max = 1;
if (thread_max > 1024)
thread_max = 1024;
queues = RunmodeAutoFpCreatePickupQueuesString(thread_max);
if (queues == NULL) {
SCLogError(SC_ERR_RUNMODE, "RunmodeAutoFpCreatePickupQueuesString failed");
exit(EXIT_FAILURE);
}
snprintf(tname, sizeof(tname), "%s#01", thread_name_autofp);
/* create the threads */
ThreadVars *tv_receivepcap =
TmThreadCreatePacketHandler(tname,
"packetpool", "packetpool",
queues, "flow",
"pktacqloop");
SCFree(queues);
if (tv_receivepcap == NULL) {
SCLogError(SC_ERR_FATAL, "threading setup failed");
exit(EXIT_FAILURE);
}
TmModule *tm_module = TmModuleGetByName("ReceivePcapFile");
if (tm_module == NULL) {
SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName failed for ReceivePcap");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_receivepcap, tm_module, file);
tm_module = TmModuleGetByName("DecodePcapFile");
if (tm_module == NULL) {
SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName DecodePcap failed");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_receivepcap, tm_module, NULL);
TmThreadSetCPU(tv_receivepcap, RECEIVE_CPU_SET);
if (TmThreadSpawn(tv_receivepcap) != TM_ECODE_OK) {
SCLogError(SC_ERR_RUNMODE, "TmThreadSpawn failed");
exit(EXIT_FAILURE);
}
for (thread = 0; thread < (uint16_t)thread_max; thread++) {
snprintf(tname, sizeof(tname), "%s#%02u", thread_name_workers, thread+1);
snprintf(qname, sizeof(qname), "pickup%u", thread+1);
SCLogDebug("tname %s, qname %s", tname, qname);
SCLogDebug("Assigning %s affinity to cpu %u", tname, cpu);
ThreadVars *tv_detect_ncpu =
TmThreadCreatePacketHandler(tname,
qname, "flow",
"packetpool", "packetpool",
"varslot");
if (tv_detect_ncpu == NULL) {
SCLogError(SC_ERR_RUNMODE, "TmThreadsCreate failed");
exit(EXIT_FAILURE);
}
tm_module = TmModuleGetByName("FlowWorker");
if (tm_module == NULL) {
SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName for FlowWorker failed");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_detect_ncpu, tm_module, NULL);
TmThreadSetGroupName(tv_detect_ncpu, "Detect");
TmThreadSetCPU(tv_detect_ncpu, WORKER_CPU_SET);
if (TmThreadSpawn(tv_detect_ncpu) != TM_ECODE_OK) {
SCLogError(SC_ERR_RUNMODE, "TmThreadSpawn failed");
exit(EXIT_FAILURE);
}
if ((cpu + 1) == ncpus)
cpu = 0;
else
cpu++;
}
return 0;
}
/**
* \brief RunModeFilePcapAutoFp set up the following thread packet handlers:
* - Receive thread (from pcap file)
* - Decode thread
* - Stream thread
* - Detect: If we have only 1 cpu, it will setup one Detect thread
* If we have more than one, it will setup num_cpus - 1
* starting from the second cpu available.
* - Outputs thread
* By default the threads will use the first cpu available
* except the Detection threads if we have more than one cpu.
*
* \param de_ctx Pointer to the Detection Engine
*
* \retval 0 If all goes well. (If any problem is detected the engine will
* exit()).
*/
int RunModeFilePcapAutoFp(DetectEngineCtx *de_ctx)
{
SCEnter();
char tname[TM_THREAD_NAME_MAX];
char qname[TM_QUEUE_NAME_MAX];
uint16_t cpu = 0;
char *queues = NULL;
int thread;
RunModeInitialize();
char *file = NULL;
if (ConfGet("pcap-file.file", &file) == 0) {
SCLogError(SC_ERR_RUNMODE, "Failed retrieving pcap-file from Conf");
exit(EXIT_FAILURE);
}
SCLogDebug("file %s", file);
TimeModeSetOffline();
PcapFileGlobalInit();
/* Available cpus */
uint16_t ncpus = UtilCpuGetNumProcessorsOnline();
/* start with cpu 1 so that if we're creating an odd number of detect
* threads we're not creating the most on CPU0. */
if (ncpus > 0)
cpu = 1;
/* always create at least one thread */
int thread_max = TmThreadGetNbThreads(DETECT_CPU_SET);
if (thread_max == 0)
thread_max = ncpus * threading_detect_ratio;
if (thread_max < 1)
thread_max = 1;
queues = RunmodeAutoFpCreatePickupQueuesString(thread_max);
if (queues == NULL) {
SCLogError(SC_ERR_RUNMODE, "RunmodeAutoFpCreatePickupQueuesString failed");
exit(EXIT_FAILURE);
}
/* create the threads */
ThreadVars *tv_receivepcap =
TmThreadCreatePacketHandler("ReceivePcapFile",
"packetpool", "packetpool",
queues, "flow",
"pktacqloop");
SCFree(queues);
if (tv_receivepcap == NULL) {
SCLogError(SC_ERR_FATAL, "threading setup failed");
exit(EXIT_FAILURE);
}
TmModule *tm_module = TmModuleGetByName("ReceivePcapFile");
if (tm_module == NULL) {
SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName failed for ReceivePcap");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_receivepcap, tm_module, file);
tm_module = TmModuleGetByName("DecodePcapFile");
if (tm_module == NULL) {
SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName DecodePcap failed");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_receivepcap, tm_module, NULL);
TmThreadSetCPU(tv_receivepcap, RECEIVE_CPU_SET);
if (TmThreadSpawn(tv_receivepcap) != TM_ECODE_OK) {
SCLogError(SC_ERR_RUNMODE, "TmThreadSpawn failed");
exit(EXIT_FAILURE);
}
for (thread = 0; thread < thread_max; thread++) {
snprintf(tname, sizeof(tname), "Detect%"PRIu16, thread+1);
snprintf(qname, sizeof(qname), "pickup%"PRIu16, thread+1);
SCLogDebug("tname %s, qname %s", tname, qname);
char *thread_name = SCStrdup(tname);
if (unlikely(thread_name == NULL)) {
SCLogError(SC_ERR_RUNMODE, "failed to strdup thread name");
exit(EXIT_FAILURE);
}
SCLogDebug("Assigning %s affinity to cpu %u", thread_name, cpu);
ThreadVars *tv_detect_ncpu =
TmThreadCreatePacketHandler(thread_name,
qname, "flow",
"packetpool", "packetpool",
"varslot");
if (tv_detect_ncpu == NULL) {
SCLogError(SC_ERR_RUNMODE, "TmThreadsCreate failed");
exit(EXIT_FAILURE);
}
tm_module = TmModuleGetByName("StreamTcp");
if (tm_module == NULL) {
SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName StreamTcp failed");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_detect_ncpu, tm_module, NULL);
if (de_ctx) {
tm_module = TmModuleGetByName("Detect");
if (tm_module == NULL) {
SCLogError(SC_ERR_RUNMODE, "TmModuleGetByName Detect failed");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_detect_ncpu, tm_module, (void *)de_ctx);
}
char *thread_group_name = SCStrdup("Detect");
if (unlikely(thread_group_name == NULL)) {
SCLogError(SC_ERR_RUNMODE, "error allocating memory");
exit(EXIT_FAILURE);
}
tv_detect_ncpu->thread_group_name = thread_group_name;
/* add outputs as well */
SetupOutputs(tv_detect_ncpu);
TmThreadSetCPU(tv_detect_ncpu, DETECT_CPU_SET);
if (TmThreadSpawn(tv_detect_ncpu) != TM_ECODE_OK) {
SCLogError(SC_ERR_RUNMODE, "TmThreadSpawn failed");
exit(EXIT_FAILURE);
}
if ((cpu + 1) == ncpus)
cpu = 0;
else
cpu++;
}
return 0;
}
/*
* \brief RunModeFilePcapAuto set up the following thread packet handlers:
* - Receive thread (from pcap file)
* - Decode thread
* - Stream thread
* - Detect: If we have only 1 cpu, it will setup one Detect thread
* If we have more than one, it will setup num_cpus - 1
* starting from the second cpu available.
* - Outputs thread
* By default the threads will use the first cpu available
* except the Detection threads if we have more than one cpu.
*
* \param de_ctx Pointer to the Detection Engine.
*
* \retval 0 If all goes well. (If any problem is detected the engine will
* exit()).
*/
int RunModeFilePcapAuto(DetectEngineCtx *de_ctx)
{
SCEnter();
char tname[16];
uint16_t cpu = 0;
TmModule *tm_module;
RunModeInitialize();
/* Available cpus */
uint16_t ncpus = UtilCpuGetNumProcessorsOnline();
char *file = NULL;
if (ConfGet("pcap-file.file", &file) == 0) {
SCLogError(SC_ERR_RUNMODE, "Failed retrieving pcap-file from Conf");
exit(EXIT_FAILURE);
}
SCLogDebug("file %s", file);
TimeModeSetOffline();
/* create the threads */
ThreadVars *tv_receivepcap =
TmThreadCreatePacketHandler("ReceivePcapFile",
"packetpool", "packetpool",
"detect-queue1", "simple",
"pktacqloop");
if (tv_receivepcap == NULL) {
printf("ERROR: TmThreadsCreate failed\n");
exit(EXIT_FAILURE);
}
tm_module = TmModuleGetByName("ReceivePcapFile");
if (tm_module == NULL) {
printf("ERROR: TmModuleGetByName failed for ReceivePcap\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_receivepcap, tm_module, file);
tm_module = TmModuleGetByName("DecodePcapFile");
if (tm_module == NULL) {
printf("ERROR: TmModuleGetByName DecodePcap failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_receivepcap, tm_module, NULL);
tm_module = TmModuleGetByName("StreamTcp");
if (tm_module == NULL) {
printf("ERROR: TmModuleGetByName StreamTcp failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_receivepcap, tm_module, (void *)de_ctx);
TmThreadSetCPU(tv_receivepcap, RECEIVE_CPU_SET);
if (TmThreadSpawn(tv_receivepcap) != TM_ECODE_OK) {
printf("ERROR: TmThreadSpawn failed\n");
exit(EXIT_FAILURE);
}
/* start with cpu 1 so that if we're creating an odd number of detect
* threads we're not creating the most on CPU0. */
if (ncpus > 0)
cpu = 1;
/* always create at least one thread */
int thread_max = TmThreadGetNbThreads(DETECT_CPU_SET);
if (thread_max == 0)
thread_max = ncpus * threading_detect_ratio;
if (thread_max < 1)
thread_max = 1;
int thread;
for (thread = 0; thread < thread_max; thread++) {
snprintf(tname, sizeof(tname), "Detect%"PRIu16, thread+1);
char *thread_name = SCStrdup(tname);
if (unlikely(thread_name == NULL)) {
printf("ERROR: Can not strdup thread name\n");
exit(EXIT_FAILURE);
}
SCLogDebug("Assigning %s affinity to cpu %u", thread_name, cpu);
ThreadVars *tv_detect_ncpu =
TmThreadCreatePacketHandler(thread_name,
"detect-queue1", "simple",
"alert-queue1", "simple",
"1slot");
if (tv_detect_ncpu == NULL) {
printf("ERROR: TmThreadsCreate failed\n");
exit(EXIT_FAILURE);
}
tm_module = TmModuleGetByName("Detect");
if (tm_module == NULL) {
printf("ERROR: TmModuleGetByName Detect failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_detect_ncpu, tm_module, (void *)de_ctx);
char *thread_group_name = SCStrdup("Detect");
if (unlikely(thread_group_name == NULL)) {
printf("Error allocating memory\n");
exit(EXIT_FAILURE);
}
tv_detect_ncpu->thread_group_name = thread_group_name;
TmThreadSetCPU(tv_detect_ncpu, DETECT_CPU_SET);
if (TmThreadSpawn(tv_detect_ncpu) != TM_ECODE_OK) {
printf("ERROR: TmThreadSpawn failed\n");
exit(EXIT_FAILURE);
}
if ((cpu + 1) == ncpus)
cpu = 0;
else
cpu++;
}
ThreadVars *tv_outputs =
TmThreadCreatePacketHandler("Outputs",
"alert-queue1", "simple",
"packetpool", "packetpool",
"varslot");
if (tv_outputs == NULL) {
printf("ERROR: TmThreadCreatePacketHandler for Outputs failed\n");
exit(EXIT_FAILURE);
}
SetupOutputs(tv_outputs);
TmThreadSetCPU(tv_outputs, OUTPUT_CPU_SET);
if (TmThreadSpawn(tv_outputs) != TM_ECODE_OK) {
printf("ERROR: TmThreadSpawn failed\n");
exit(EXIT_FAILURE);
}
return 0;
}
int RunModeErfFileSingle(DetectEngineCtx *de_ctx)
{
char *file;
SCEnter();
if (ConfGet("erf-file.file", &file) == 0) {
SCLogError(SC_ERR_RUNMODE, "Failed to get erf-file.file from config.");
exit(EXIT_FAILURE);
}
RunModeInitialize();
TimeModeSetOffline();
/* Basically the same setup as PCAP files. */
ThreadVars *tv = TmThreadCreatePacketHandler("ErfFile",
"packetpool", "packetpool",
"packetpool", "packetpool",
"pktacqloop");
if (tv == NULL) {
printf("ERROR: TmThreadsCreate failed\n");
exit(EXIT_FAILURE);
}
TmModule *tm_module = TmModuleGetByName("ReceiveErfFile");
if (tm_module == NULL) {
printf("ERROR: TmModuleGetByName failed for ReceiveErfFile\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv, tm_module, file);
tm_module = TmModuleGetByName("DecodeErfFile");
if (tm_module == NULL) {
printf("ERROR: TmModuleGetByName DecodeErfFile failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv, tm_module, NULL);
tm_module = TmModuleGetByName("StreamTcp");
if (tm_module == NULL) {
printf("ERROR: TmModuleGetByName StreamTcp failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv, tm_module, NULL);
tm_module = TmModuleGetByName("Detect");
if (tm_module == NULL) {
printf("ERROR: TmModuleGetByName Detect failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv, tm_module, (void *)de_ctx);
SetupOutputs(tv);
if (TmThreadSpawn(tv) != TM_ECODE_OK) {
printf("ERROR: TmThreadSpawn failed\n");
exit(EXIT_FAILURE);
}
SCLogInfo("RunModeErfFileSingle initialised");
SCReturnInt(0);
}
int RunModeErfFileAutoFp(DetectEngineCtx *de_ctx)
{
SCEnter();
char tname[TM_THREAD_NAME_MAX];
char qname[TM_QUEUE_NAME_MAX];
uint16_t cpu = 0;
char *queues = NULL;
int thread;
RunModeInitialize();
char *file = NULL;
if (ConfGet("erf-file.file", &file) == 0) {
SCLogError(SC_ERR_RUNMODE,
"Failed retrieving erf-file.file from config");
exit(EXIT_FAILURE);
}
TimeModeSetOffline();
/* Available cpus */
uint16_t ncpus = UtilCpuGetNumProcessorsOnline();
/* start with cpu 1 so that if we're creating an odd number of detect
* threads we're not creating the most on CPU0. */
if (ncpus > 0)
cpu = 1;
/* always create at least one thread */
int thread_max = TmThreadGetNbThreads(DETECT_CPU_SET);
if (thread_max == 0)
thread_max = ncpus * threading_detect_ratio;
if (thread_max < 1)
thread_max = 1;
queues = RunmodeAutoFpCreatePickupQueuesString(thread_max);
if (queues == NULL) {
SCLogError(SC_ERR_RUNMODE, "RunmodeAutoFpCreatePickupQueuesString failed");
exit(EXIT_FAILURE);
}
/* create the threads */
ThreadVars *tv =
TmThreadCreatePacketHandler("ReceiveErfFile",
"packetpool", "packetpool",
queues, "flow",
"pktacqloop");
SCFree(queues);
if (tv == NULL) {
printf("ERROR: TmThreadsCreate failed\n");
exit(EXIT_FAILURE);
}
TmModule *tm_module = TmModuleGetByName("ReceiveErfFile");
if (tm_module == NULL) {
printf("ERROR: TmModuleGetByName failed for ReceiveErfFile\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv, tm_module, file);
tm_module = TmModuleGetByName("DecodeErfFile");
if (tm_module == NULL) {
printf("ERROR: TmModuleGetByName DecodeErfFile failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv, tm_module, NULL);
if (threading_set_cpu_affinity) {
TmThreadSetCPUAffinity(tv, 0);
if (ncpus > 1)
TmThreadSetThreadPriority(tv, PRIO_MEDIUM);
}
if (TmThreadSpawn(tv) != TM_ECODE_OK) {
printf("ERROR: TmThreadSpawn failed\n");
exit(EXIT_FAILURE);
}
for (thread = 0; thread < thread_max; thread++) {
snprintf(tname, sizeof(tname), "Detect%"PRIu16, thread+1);
snprintf(qname, sizeof(qname), "pickup%"PRIu16, thread+1);
SCLogDebug("tname %s, qname %s", tname, qname);
char *thread_name = SCStrdup(tname);
if (unlikely(thread_name == NULL)) {
printf("ERROR: Can't allocate thread name\n");
exit(EXIT_FAILURE);
}
SCLogDebug("Assigning %s affinity to cpu %u", thread_name, cpu);
ThreadVars *tv_detect_ncpu =
TmThreadCreatePacketHandler(thread_name,
qname, "flow",
"packetpool", "packetpool",
"varslot");
if (tv_detect_ncpu == NULL) {
printf("ERROR: TmThreadsCreate failed\n");
exit(EXIT_FAILURE);
}
tm_module = TmModuleGetByName("StreamTcp");
if (tm_module == NULL) {
printf("ERROR: TmModuleGetByName StreamTcp failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_detect_ncpu, tm_module, NULL);
tm_module = TmModuleGetByName("Detect");
if (tm_module == NULL) {
printf("ERROR: TmModuleGetByName Detect failed\n");
exit(EXIT_FAILURE);
}
TmSlotSetFuncAppend(tv_detect_ncpu, tm_module, (void *)de_ctx);
if (threading_set_cpu_affinity) {
TmThreadSetCPUAffinity(tv_detect_ncpu, (int)cpu);
/* If we have more than one core/cpu, the first Detect thread
* (at cpu 0) will have less priority (higher 'nice' value)
* In this case we will set the thread priority to +10 (default is 0)
*/
if (cpu == 0 && ncpus > 1) {
TmThreadSetThreadPriority(tv_detect_ncpu, PRIO_LOW);
} else if (ncpus > 1) {
TmThreadSetThreadPriority(tv_detect_ncpu, PRIO_MEDIUM);
}
}
char *thread_group_name = SCStrdup("Detect");
if (unlikely(thread_group_name == NULL)) {
printf("Error allocating memory\n");
exit(EXIT_FAILURE);
}
tv_detect_ncpu->thread_group_name = thread_group_name;
/* add outputs as well */
SetupOutputs(tv_detect_ncpu);
if (TmThreadSpawn(tv_detect_ncpu) != TM_ECODE_OK) {
printf("ERROR: TmThreadSpawn failed\n");
exit(EXIT_FAILURE);
}
if ((cpu + 1) == ncpus)
cpu = 0;
else
cpu++;
}
SCLogInfo("RunModeErfFileAutoFp initialised");
SCReturnInt(0);
}
