static void DNSUDPConfigure(void) { uint32_t request_flood = DNS_CONFIG_DEFAULT_REQUEST_FLOOD; uint32_t state_memcap = DNS_CONFIG_DEFAULT_STATE_MEMCAP; uint64_t global_memcap = DNS_CONFIG_DEFAULT_GLOBAL_MEMCAP; ConfNode *p = ConfGetNode("app-layer.protocols.dns.request-flood"); if (p != NULL) { uint32_t value; if (ParseSizeStringU32(p->val, &value) < 0) { SCLogError(SC_ERR_DNS_CONFIG, "invalid value for request-flood %s", p->val); } else { request_flood = value; } } SCLogInfo("DNS request flood protection level: %u", request_flood); DNSConfigSetRequestFlood(request_flood); p = ConfGetNode("app-layer.protocols.dns.state-memcap"); if (p != NULL) { uint32_t value; if (ParseSizeStringU32(p->val, &value) < 0) { SCLogError(SC_ERR_DNS_CONFIG, "invalid value for state-memcap %s", p->val); } else { state_memcap = value; } } SCLogInfo("DNS per flow memcap (state-memcap): %u", state_memcap); DNSConfigSetStateMemcap(state_memcap); p = ConfGetNode("app-layer.protocols.dns.global-memcap"); if (p != NULL) { uint64_t value; if (ParseSizeStringU64(p->val, &value) < 0) { SCLogError(SC_ERR_DNS_CONFIG, "invalid value for global-memcap %s", p->val); } else { global_memcap = value; } } SCLogInfo("DNS global memcap: %"PRIu64, global_memcap); DNSConfigSetGlobalMemcap(global_memcap); }
static void XffSetup(AlertJsonOutputCtx *json_output_ctx, ConfNode *conf) { HttpXFFCfg *xff_cfg = NULL; xff_cfg = SCMalloc(sizeof(HttpXFFCfg)); if (unlikely(xff_cfg == NULL)) { return; } memset(xff_cfg, 0, sizeof(HttpXFFCfg)); json_output_ctx->xff_cfg = xff_cfg; uint32_t payload_buffer_size = JSON_STREAM_BUFFER_SIZE; if (conf != NULL) { const char *payload = ConfNodeLookupChildValue(conf, "payload"); const char *payload_buffer_value = ConfNodeLookupChildValue(conf, "payload-buffer-size"); const char *packet = ConfNodeLookupChildValue(conf, "packet"); const char *payload_printable = ConfNodeLookupChildValue(conf, "payload-printable"); const char *http = ConfNodeLookupChildValue(conf, "http"); const char *tls = ConfNodeLookupChildValue(conf, "tls"); const char *ssh = ConfNodeLookupChildValue(conf, "ssh"); const char *smtp = ConfNodeLookupChildValue(conf, "smtp"); const char *tagged_packets = ConfNodeLookupChildValue(conf, "tagged-packets"); if (ssh != NULL) { if (ConfValIsTrue(ssh)) { json_output_ctx->flags |= LOG_JSON_SSH; } } if (tls != NULL) { if (ConfValIsTrue(tls)) { json_output_ctx->flags |= LOG_JSON_TLS; } } if (http != NULL) { if (ConfValIsTrue(http)) { json_output_ctx->flags |= LOG_JSON_HTTP; } } if (smtp != NULL) { if (ConfValIsTrue(smtp)) { json_output_ctx->flags |= LOG_JSON_SMTP; } } if (payload_printable != NULL) { if (ConfValIsTrue(payload_printable)) { json_output_ctx->flags |= LOG_JSON_PAYLOAD; } } if (payload != NULL) { if (ConfValIsTrue(payload)) { json_output_ctx->flags |= LOG_JSON_PAYLOAD_BASE64; } } if (payload_buffer_value != NULL) { uint32_t value; if (ParseSizeStringU32(payload_buffer_value, &value) < 0) { SCLogError(SC_ERR_ALERT_PAYLOAD_BUFFER, "Error parsing " "payload-buffer-size - %s. Killing engine", payload_buffer_value); exit(EXIT_FAILURE); } else { payload_buffer_size = value; } } if (packet != NULL) { if (ConfValIsTrue(packet)) { json_output_ctx->flags |= LOG_JSON_PACKET; } } if (tagged_packets != NULL) { if (ConfValIsTrue(tagged_packets)) { json_output_ctx->flags |= LOG_JSON_TAGGED_PACKETS; } } json_output_ctx->payload_buffer_size = payload_buffer_size; HttpXFFGetCfg(conf, xff_cfg); } }
static void *MpmCudaConfParse(ConfNode *node) { const char *value; MpmCudaConf *conf = SCMalloc(sizeof(MpmCudaConf)); if (unlikely(conf == NULL)) exit(EXIT_FAILURE); memset(conf, 0, sizeof(*conf)); if (node != NULL) value = ConfNodeLookupChildValue(node, "data-buffer-size-min-limit"); else value = NULL; if (value == NULL) { /* default */ conf->data_buffer_size_min_limit = UTIL_MPM_CUDA_DATA_BUFFER_SIZE_MIN_LIMIT_DEFAULT; } else if (ParseSizeStringU16(value, &conf->data_buffer_size_min_limit) < 0) { SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY, "Invalid entry for %s." "data-buffer-size-min-limit - \"%s\"", node->name, value); exit(EXIT_FAILURE); } if (node != NULL) value = ConfNodeLookupChildValue(node, "data-buffer-size-max-limit"); else value = NULL; if (value == NULL) { /* default */ conf->data_buffer_size_max_limit = UTIL_MPM_CUDA_DATA_BUFFER_SIZE_MAX_LIMIT_DEFAULT; } else if (ParseSizeStringU16(value, &conf->data_buffer_size_max_limit) < 0) { SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY, "Invalid entry for %s." "data-buffer-size-max-limit - \"%s\"", node->name, value); exit(EXIT_FAILURE); } if (node != NULL) value = ConfNodeLookupChildValue(node, "cudabuffer-buffer-size"); else value = NULL; if (value == NULL) { /* default */ conf->cb_buffer_size = UTIL_MPM_CUDA_CUDA_BUFFER_DBUFFER_SIZE_DEFAULT; } else if (ParseSizeStringU32(value, &conf->cb_buffer_size) < 0) { SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY, "Invalid entry for %s." "cb-buffer-size - \"%s\"", node->name, value); exit(EXIT_FAILURE); } if (node != NULL) value = ConfNodeLookupChildValue(node, "gpu-transfer-size"); else value = NULL; if (value == NULL) { /* default */ conf->gpu_transfer_size = UTIL_MPM_CUDA_GPU_TRANSFER_SIZE; } else if (ParseSizeStringU32(value, &conf->gpu_transfer_size) < 0) { SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY, "Invalid entry for %s." "gpu-transfer-size - \"%s\"", node->name, value); exit(EXIT_FAILURE); } if (node != NULL) value = ConfNodeLookupChildValue(node, "batching-timeout"); else value = NULL; if (value == NULL) { /* default */ conf->batching_timeout = UTIL_MPM_CUDA_BATCHING_TIMEOUT_DEFAULT; } else if ((conf->batching_timeout = atoi(value)) < 0) { SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY, "Invalid entry for %s." "batching-timeout - \"%s\"", node->name, value); exit(EXIT_FAILURE); } if (node != NULL) value = ConfNodeLookupChildValue(node, "device-id"); else value = NULL; if (value == NULL) { /* default */ conf->device_id = UTIL_MPM_CUDA_DEVICE_ID_DEFAULT; } else if ((conf->device_id = atoi(value)) < 0) { SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY, "Invalid entry for %s." "device-id - \"%s\"", node->name, value); exit(EXIT_FAILURE); } if (node != NULL) value = ConfNodeLookupChildValue(node, "cuda-streams"); else value = NULL; if (value == NULL) { /* default */ conf->cuda_streams = UTIL_MPM_CUDA_CUDA_STREAMS_DEFAULT; } else if ((conf->cuda_streams = atoi(value)) < 0) { SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY, "Invalid entry for %s." "cuda-streams - \"%s\"", node->name, value); exit(EXIT_FAILURE); } return conf; }
/** \brief Create a new http log LogFilestoreCtx. * \param conf Pointer to ConfNode containing this loggers configuration. * \return NULL if failure, LogFilestoreCtx* to the file_ctx if succesful * */ static OutputInitResult LogFilestoreLogInitCtx(ConfNode *conf) { OutputInitResult result = { NULL, false }; intmax_t version = 0; if (ConfGetChildValueInt(conf, "version", &version)) { if (version > 1) { result.ok = true; return result; } } if (RunModeOutputFiledataEnabled()) { SCLogWarning(SC_ERR_NOT_SUPPORTED, "A file data logger is already enabled. Filestore (v1) " "will not be enabled."); return result; } OutputCtx *output_ctx = SCCalloc(1, sizeof(OutputCtx)); if (unlikely(output_ctx == NULL)) return result; output_ctx->data = NULL; output_ctx->DeInit = LogFilestoreLogDeInitCtx; const char *s_default_log_dir = NULL; s_default_log_dir = ConfigGetLogDirectory(); const char *s_base_dir = NULL; s_base_dir = ConfNodeLookupChildValue(conf, "log-dir"); if (s_base_dir == NULL || strlen(s_base_dir) == 0) { strlcpy(g_logfile_base_dir, s_default_log_dir, sizeof(g_logfile_base_dir)); } else { if (PathIsAbsolute(s_base_dir)) { strlcpy(g_logfile_base_dir, s_base_dir, sizeof(g_logfile_base_dir)); } else { snprintf(g_logfile_base_dir, sizeof(g_logfile_base_dir), "%s/%s", s_default_log_dir, s_base_dir); } } const char *force_filestore = ConfNodeLookupChildValue(conf, "force-filestore"); if (force_filestore != NULL && ConfValIsTrue(force_filestore)) { FileForceFilestoreEnable(); SCLogInfo("forcing filestore of all files"); } const char *force_magic = ConfNodeLookupChildValue(conf, "force-magic"); if (force_magic != NULL && ConfValIsTrue(force_magic)) { FileForceMagicEnable(); SCLogInfo("forcing magic lookup for stored files"); } const char *write_meta = ConfNodeLookupChildValue(conf, "write-meta"); if (write_meta != NULL && !ConfValIsTrue(write_meta)) { FileWriteMetaDisable(); SCLogInfo("File-store output will not write meta files"); } FileForceHashParseCfg(conf); SCLogInfo("storing files in %s", g_logfile_base_dir); const char *stream_depth_str = ConfNodeLookupChildValue(conf, "stream-depth"); if (stream_depth_str != NULL && strcmp(stream_depth_str, "no")) { uint32_t stream_depth = 0; if (ParseSizeStringU32(stream_depth_str, &stream_depth) < 0) { SCLogError(SC_ERR_SIZE_PARSE, "Error parsing " "file-store.stream-depth " "from conf file - %s. Killing engine", stream_depth_str); exit(EXIT_FAILURE); } else { FileReassemblyDepthEnable(stream_depth); } } const char *file_count_str = ConfNodeLookupChildValue(conf, "max-open-files"); if (file_count_str != NULL) { uint32_t file_count = 0; if (ParseSizeStringU32(file_count_str, &file_count) < 0) { SCLogError(SC_ERR_SIZE_PARSE, "Error parsing " "file-store.max-open-files " "from conf file - %s. Killing engine", stream_depth_str); exit(EXIT_FAILURE); } else { if (file_count != 0) { FileSetMaxOpenFiles(file_count); SCLogInfo("file-store will keep a max of %d simultaneously" " open files", file_count); } } } const char *include_pid = ConfNodeLookupChildValue(conf, "include-pid"); if (include_pid != NULL && ConfValIsTrue(include_pid)) { FileIncludePidEnable(); SCLogInfo("enabling pid as a part of all file names"); } StatsRegisterGlobalCounter("file_store.open_files", LogFilestoreOpenFilesCounter); result.ctx = output_ctx; result.ok = true; SCReturnCT(result, "OutputInitResult"); }