gboolean qfTraceMain(qfContext_t *ctx)
{
gboolean ok = TRUE;
qfTraceSource_t *lts = ctx->ictx.pktsrc;
yfPBuf_t *pbuf;
libtrace_err_t terr;
int i, trv;
/* process input until we're done */
while (!yaf_quit) {
i = 0;
while (i < TRACE_PACKET_GROUP && !yaf_quit) {
/* get next spot in ring buffer */
pbuf = (yfPBuf_t *)rgaNextHead(ctx->pbufring);
g_assert(pbuf);
/* and try to parse packets into it until we get one */
do {
trv = trace_read_packet(lts->trace, lts->packet);
if (trv <= 0) goto TRACE_END;
} while (!qfTraceHandlePacket(lts, pbuf, ctx));
i++;
}
TRACE_END:
/* Check for error */
if (trace_is_err(lts->trace)) {
terr = trace_get_err(lts->trace);
g_warning("libtrace error: %s", terr.problem);
ok = FALSE;
break;
}
/* Check for quit or EOF */
if (yaf_quit || trv == 0) break;
/* Process the packet buffer */
if (ok && !yfProcessPBufRing(ctx, &(ctx->err))) {
ok = FALSE;
break;
}
/* Do periodic export as necessary */
qfTracePeriodicExport(ctx, yfFlowTabCurrentTime(ctx->flowtab));
}
return yfFinalFlush(ctx, ok, &(ctx->err));
}
gboolean yfProcessPBufRing(
yfContext_t *ctx,
GError **err)
{
AirLock *lock = NULL;
yfPBuf_t *pbuf = NULL;
gboolean ok = TRUE;
uint64_t cur_time;
/* point to lock buffer if we need it */
if (ctx->cfg->lockmode) {
lock = &ctx->lockbuf;
}
/* Open output if we need to */
if (!ctx->fbuf) {
if (!(ctx->fbuf = yfOutputOpen(ctx->cfg, lock, err))) {
ok = FALSE;
goto end;
}
}
/* Dump statistics if requested */
yfStatDumpLoop();
/* process packets from the ring buffer */
while ((pbuf = (yfPBuf_t *)rgaNextTail(ctx->pbufring))) {
/* Skip time zero packets (these are marked invalid) */
if (!pbuf->ptime) {
continue;
}
/* Add the packet to the flow table */
yfFlowPBuf(ctx->flowtab, ctx->pbuflen, pbuf);
}
/* Flush the flow table */
if (!yfFlowTabFlush(ctx, FALSE, err)) {
ok = FALSE;
goto end;
}
/* Close output file for rotation if necessary */
if (ctx->cfg->rotate_ms) {
cur_time = yfFlowTabCurrentTime(ctx->flowtab);
if (ctx->last_rotate_ms) {
if (cur_time - ctx->last_rotate_ms > ctx->cfg->rotate_ms) {
yfOutputClose(ctx->fbuf, lock, TRUE);
ctx->fbuf = NULL;
ctx->last_rotate_ms = cur_time;
if (!(ctx->fbuf = yfOutputOpen(ctx->cfg, lock, err))) {
ok = FALSE;
goto end;
}
}
} else {
ctx->last_rotate_ms = cur_time;
}
}
end:
return ok;
}
gboolean yfTimeOutFlush(
yfContext_t *ctx,
uint32_t pcap_drop,
uint32_t *total_stats,
GTimer *timer, /* yaf process timer */
GTimer *stats_timer, /* yaf stats output timer */
GError **err)
{
AirLock *lock = NULL;
uint64_t cur_time;
/* point to lock buffer if we need it */
if (ctx->cfg->lockmode) {
lock = &ctx->lockbuf;
}
/* Open output if we need to */
if (!ctx->fbuf) {
if (!(ctx->fbuf = yfOutputOpen(ctx->cfg, lock, err))) {
return FALSE;
}
}
/* Dump statistics if requested */
yfStatDumpLoop();
/* Flush the flow table */
if (!yfFlowTabFlush(ctx, FALSE, err)) {
return FALSE;
}
if (!ctx->cfg->nostats) {
if (!stats_timer) {
stats_timer = g_timer_new();
}
if (g_timer_elapsed(stats_timer, NULL) > ctx->cfg->stats) {
if (!yfWriteStatsFlow(ctx, pcap_drop, timer, err)) {
return FALSE;
}
g_timer_start(stats_timer);
*total_stats += 1;
}
}
if (!fBufEmit(ctx->fbuf, err)) {
return FALSE;
}
/* Close output file for rotation if necessary */
if (ctx->cfg->rotate_ms) {
cur_time = yfFlowTabCurrentTime(ctx->flowtab);
if (ctx->last_rotate_ms) {
if (cur_time - ctx->last_rotate_ms > ctx->cfg->rotate_ms) {
yfOutputClose(ctx->fbuf, lock, TRUE);
ctx->fbuf = NULL;
ctx->last_rotate_ms = cur_time;
}
} else {
ctx->last_rotate_ms = cur_time;
}
}
return TRUE;
}
