suricata
output-flow.c
Go to the documentation of this file.
1 /* Copyright (C) 2007-2013 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Victor Julien <victor@inliniac.net>
22  *
23  * Flow Logger Output registration functions
24  */
25 
26 #include "suricata-common.h"
27 #include "tm-modules.h"
28 #include "output-flow.h"
29 #include "util-profiling.h"
30 
31 typedef struct OutputLoggerThreadStore_ {
32  void *thread_data;
33  struct OutputLoggerThreadStore_ *next;
34 } OutputLoggerThreadStore;
35 
36 /** per thread data for this module, contains a list of per thread
37  * data for the packet loggers. */
38 typedef struct OutputLoggerThreadData_ {
39  OutputLoggerThreadStore *store;
40 } OutputLoggerThreadData;
41 
42 /* logger instance, a module + a output ctx,
43  * it's perfectly valid that have multiple instances of the same
44  * log module (e.g. http.log) with different output ctx'. */
45 typedef struct OutputFlowLogger_ {
46  FlowLogger LogFunc;
47  OutputCtx *output_ctx;
48  struct OutputFlowLogger_ *next;
49  const char *name;
50  TmEcode (*ThreadInit)(ThreadVars *, const void *, void **);
51  TmEcode (*ThreadDeinit)(ThreadVars *, void *);
52  void (*ThreadExitPrintStats)(ThreadVars *, void *);
53 } OutputFlowLogger;
54 
55 static OutputFlowLogger *list = NULL;
56 
57 int OutputRegisterFlowLogger(const char *name, FlowLogger LogFunc,
58  OutputCtx *output_ctx, ThreadInitFunc ThreadInit,
59  ThreadDeinitFunc ThreadDeinit,
60  ThreadExitPrintStatsFunc ThreadExitPrintStats)
61 {
62  OutputFlowLogger *op = SCMalloc(sizeof(*op));
63  if (op == NULL)
64  return -1;
65  memset(op, 0x00, sizeof(*op));
66 
67  op->LogFunc = LogFunc;
68  op->output_ctx = output_ctx;
69  op->name = name;
70  op->ThreadInit = ThreadInit;
71  op->ThreadDeinit = ThreadDeinit;
72  op->ThreadExitPrintStats = ThreadExitPrintStats;
73 
74  if (list == NULL)
75  list = op;
76  else {
77  OutputFlowLogger *t = list;
78  while (t->next)
79  t = t->next;
80  t->next = op;
81  }
82 
83  SCLogDebug("OutputRegisterFlowLogger happy");
84  return 0;
85 }
86 
87 /** \brief Run flow logger(s)
88  * \note flow is already write locked
89  */
90 TmEcode OutputFlowLog(ThreadVars *tv, void *thread_data, Flow *f)
91 {
92  BUG_ON(thread_data == NULL);
93 
94  if (list == NULL)
95  return TM_ECODE_OK;
96 
97  OutputLoggerThreadData *op_thread_data = (OutputLoggerThreadData *)thread_data;
98  OutputFlowLogger *logger = list;
99  OutputLoggerThreadStore *store = op_thread_data->store;
100 
101  BUG_ON(logger == NULL && store != NULL);
102  BUG_ON(logger != NULL && store == NULL);
103  BUG_ON(logger == NULL && store == NULL);
104 
105  logger = list;
106  store = op_thread_data->store;
107  while (logger && store) {
108  BUG_ON(logger->LogFunc == NULL);
109 
110  SCLogDebug("logger %p", logger);
111  //PACKET_PROFILING_LOGGER_START(p, logger->module_id);
112  logger->LogFunc(tv, store->thread_data, f);
113  //PACKET_PROFILING_LOGGER_END(p, logger->module_id);
114 
115  logger = logger->next;
116  store = store->next;
117 
118  BUG_ON(logger == NULL && store != NULL);
119  BUG_ON(logger != NULL && store == NULL);
120  }
121 
122  return TM_ECODE_OK;
123 }
124 
125 /** \brief thread init for the flow logger
126  * This will run the thread init functions for the individual registered
127  * loggers */
128 TmEcode OutputFlowLogThreadInit(ThreadVars *tv, void *initdata, void **data)
129 {
130  OutputLoggerThreadData *td = SCMalloc(sizeof(*td));
131  if (td == NULL)
132  return TM_ECODE_FAILED;
133  memset(td, 0x00, sizeof(*td));
134 
135  *data = (void *)td;
136 
137  SCLogDebug("OutputFlowLogThreadInit happy (*data %p)", *data);
138 
139  OutputFlowLogger *logger = list;
140  while (logger) {
141  if (logger->ThreadInit) {
142  void *retptr = NULL;
143  if (logger->ThreadInit(tv, (void *)logger->output_ctx, &retptr) == TM_ECODE_OK) {
144  OutputLoggerThreadStore *ts = SCMalloc(sizeof(*ts));
145 /* todo */ BUG_ON(ts == NULL);
146  memset(ts, 0x00, sizeof(*ts));
147 
148  /* store thread handle */
149  ts->thread_data = retptr;
150 
151  if (td->store == NULL) {
152  td->store = ts;
153  } else {
154  OutputLoggerThreadStore *tmp = td->store;
155  while (tmp->next != NULL)
156  tmp = tmp->next;
157  tmp->next = ts;
158  }
159 
160  SCLogDebug("%s is now set up", logger->name);
161  }
162  }
163 
164  logger = logger->next;
165  }
166 
167  return TM_ECODE_OK;
168 }
169 
170 TmEcode OutputFlowLogThreadDeinit(ThreadVars *tv, void *thread_data)
171 {
172  OutputLoggerThreadData *op_thread_data = (OutputLoggerThreadData *)thread_data;
173  OutputLoggerThreadStore *store = op_thread_data->store;
174  OutputFlowLogger *logger = list;
175 
176  while (logger && store) {
177  if (logger->ThreadDeinit) {
178  logger->ThreadDeinit(tv, store->thread_data);
179  }
180 
181  OutputLoggerThreadStore *next_store = store->next;
182  SCFree(store);
183  store = next_store;
184  logger = logger->next;
185  }
186 
187  SCFree(op_thread_data);
188  return TM_ECODE_OK;
189 }
190 
191 void OutputFlowLogExitPrintStats(ThreadVars *tv, void *thread_data)
192 {
193  OutputLoggerThreadData *op_thread_data = (OutputLoggerThreadData *)thread_data;
194  OutputLoggerThreadStore *store = op_thread_data->store;
195  OutputFlowLogger *logger = list;
196 
197  while (logger && store) {
198  if (logger->ThreadExitPrintStats) {
199  logger->ThreadExitPrintStats(tv, store->thread_data);
200  }
201 
202  logger = logger->next;
203  store = store->next;
204  }
205 }
206 
207 void OutputFlowShutdown(void)
208 {
209  OutputFlowLogger *logger = list;
210  while (logger) {
211  OutputFlowLogger *next_logger = logger->next;
212  SCFree(logger);
213  logger = next_logger;
214  }
215  list = NULL;
216 }
SCLogDebug
#define SCLogDebug(...)
Definition: util-debug.h:335
OutputLoggerThreadData_
Definition: output-file.c:43
OutputCtx_
Definition: tm-modules.h:78
BUG_ON
#define BUG_ON(x)
Definition: suricata-common.h:267
ThreadExitPrintStatsFunc
void(* ThreadExitPrintStatsFunc)(ThreadVars *, void *)
Definition: tm-modules.h:41
OutputFlowLogger_
Definition: output-flow.c:45
OutputLoggerThreadData_::store
OutputLoggerThreadStore * store
Definition: output-file.c:44
OutputFlowLogger_::next
struct OutputFlowLogger_ * next
Definition: output-flow.c:48
ThreadDeinitFunc
TmEcode(* ThreadDeinitFunc)(ThreadVars *, void *)
Definition: tm-modules.h:40
OutputFlowLogger_::ThreadInit
TmEcode(* ThreadInit)(ThreadVars *, const void *, void **)
Definition: output-flow.c:50
FlowLogger
int(* FlowLogger)(ThreadVars *, void *thread_data, Flow *f)
Definition: output-flow.h:32
OutputLoggerThreadStore_::next
struct OutputLoggerThreadStore_ * next
Definition: output-file.c:38
OutputFlowLogger_::LogFunc
FlowLogger LogFunc
Definition: output-flow.c:46
OutputFlowLog
TmEcode OutputFlowLog(ThreadVars *tv, void *thread_data, Flow *f)
Run flow logger(s)
Definition: output-flow.c:90
OutputFlowLogger_::output_ctx
OutputCtx * output_ctx
Definition: output-flow.c:47
OutputFlowLogger_::ThreadDeinit
TmEcode(* ThreadDeinit)(ThreadVars *, void *)
Definition: output-flow.c:51
OutputFlowLogger
struct OutputFlowLogger_ OutputFlowLogger
OutputFlowLogThreadInit
TmEcode OutputFlowLogThreadInit(ThreadVars *tv, void *initdata, void **data)
thread init for the flow logger This will run the thread init functions for the individual registered...
Definition: output-flow.c:128
OutputLoggerThreadStore_::thread_data
void * thread_data
Definition: output-file.c:37
SCMalloc
#define SCMalloc(a)
Definition: util-mem.h:166
SCFree
#define SCFree(a)
Definition: util-mem.h:228
OutputLoggerThreadStore_
Definition: output-file.c:36
ts
uint64_t ts
Definition: source-erf-file.c:30
OutputLoggerThreadStore
struct OutputLoggerThreadStore_ OutputLoggerThreadStore
OutputFlowLogThreadDeinit
TmEcode OutputFlowLogThreadDeinit(ThreadVars *tv, void *thread_data)
Definition: output-flow.c:170
OutputFlowLogExitPrintStats
void OutputFlowLogExitPrintStats(ThreadVars *tv, void *thread_data)
Definition: output-flow.c:191
OutputRegisterFlowLogger
int OutputRegisterFlowLogger(const char *name, FlowLogger LogFunc, OutputCtx *output_ctx, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit, ThreadExitPrintStatsFunc ThreadExitPrintStats)
Definition: output-flow.c:57
OutputFlowShutdown
void OutputFlowShutdown(void)
Definition: output-flow.c:207
ThreadVars_
Per thread variable structure.
Definition: threadvars.h:57
ThreadInitFunc
TmEcode(* ThreadInitFunc)(ThreadVars *, const void *, void **)
Definition: tm-modules.h:39
OutputFlowLogger_::ThreadExitPrintStats
void(* ThreadExitPrintStats)(ThreadVars *, void *)
Definition: output-flow.c:52
Flow_
Flow data structure.
Definition: flow.h:324
OutputFlowLogger_::name
const char * name
Definition: output-flow.c:49
OutputLoggerThreadData
struct OutputLoggerThreadData_ OutputLoggerThreadData