suricata
output-flow.c
Go to the documentation of this file.
1 /* Copyright (C) 2007-2013 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Victor Julien <victor@inliniac.net>
22  *
23  * Flow Logger Output registration functions
24  */
25 
26 #include "suricata-common.h"
27 #include "tm-modules.h"
28 #include "output-flow.h"
29 #include "util-profiling.h"
30 #include "util-validate.h"
31 
32 typedef struct OutputLoggerThreadStore_ {
33  void *thread_data;
34  struct OutputLoggerThreadStore_ *next;
35 } OutputLoggerThreadStore;
36 
37 /** per thread data for this module, contains a list of per thread
38  * data for the packet loggers. */
39 typedef struct OutputLoggerThreadData_ {
40  OutputLoggerThreadStore *store;
41 } OutputLoggerThreadData;
42 
43 /* logger instance, a module + a output ctx,
44  * it's perfectly valid that have multiple instances of the same
45  * log module (e.g. http.log) with different output ctx'. */
46 typedef struct OutputFlowLogger_ {
47  FlowLogger LogFunc;
48  OutputCtx *output_ctx;
49  struct OutputFlowLogger_ *next;
50  const char *name;
51  TmEcode (*ThreadInit)(ThreadVars *, const void *, void **);
52  TmEcode (*ThreadDeinit)(ThreadVars *, void *);
53  void (*ThreadExitPrintStats)(ThreadVars *, void *);
54 } OutputFlowLogger;
55 
56 static OutputFlowLogger *list = NULL;
57 
58 int OutputRegisterFlowLogger(const char *name, FlowLogger LogFunc,
59  OutputCtx *output_ctx, ThreadInitFunc ThreadInit,
60  ThreadDeinitFunc ThreadDeinit,
61  ThreadExitPrintStatsFunc ThreadExitPrintStats)
62 {
63  OutputFlowLogger *op = SCMalloc(sizeof(*op));
64  if (op == NULL)
65  return -1;
66  memset(op, 0x00, sizeof(*op));
67 
68  op->LogFunc = LogFunc;
69  op->output_ctx = output_ctx;
70  op->name = name;
71  op->ThreadInit = ThreadInit;
72  op->ThreadDeinit = ThreadDeinit;
73  op->ThreadExitPrintStats = ThreadExitPrintStats;
74 
75  if (list == NULL)
76  list = op;
77  else {
78  OutputFlowLogger *t = list;
79  while (t->next)
80  t = t->next;
81  t->next = op;
82  }
83 
84  SCLogDebug("OutputRegisterFlowLogger happy");
85  return 0;
86 }
87 
88 /** \brief Run flow logger(s)
89  * \note flow is already write locked
90  */
91 TmEcode OutputFlowLog(ThreadVars *tv, void *thread_data, Flow *f)
92 {
93  DEBUG_VALIDATE_BUG_ON(thread_data == NULL);
94 
95  if (list == NULL)
96  return TM_ECODE_OK;
97 
98  FlowSetEndFlags(f);
99 
100  OutputLoggerThreadData *op_thread_data = (OutputLoggerThreadData *)thread_data;
101  OutputFlowLogger *logger = list;
102  OutputLoggerThreadStore *store = op_thread_data->store;
103 
104  DEBUG_VALIDATE_BUG_ON(logger == NULL && store != NULL);
105  DEBUG_VALIDATE_BUG_ON(logger != NULL && store == NULL);
106  DEBUG_VALIDATE_BUG_ON(logger == NULL && store == NULL);
107 
108  logger = list;
109  store = op_thread_data->store;
110  while (logger && store) {
111  DEBUG_VALIDATE_BUG_ON(logger->LogFunc == NULL);
112 
113  SCLogDebug("logger %p", logger);
114  //PACKET_PROFILING_LOGGER_START(p, logger->module_id);
115  logger->LogFunc(tv, store->thread_data, f);
116  //PACKET_PROFILING_LOGGER_END(p, logger->module_id);
117 
118  logger = logger->next;
119  store = store->next;
120 
121  DEBUG_VALIDATE_BUG_ON(logger == NULL && store != NULL);
122  DEBUG_VALIDATE_BUG_ON(logger != NULL && store == NULL);
123  }
124 
125  return TM_ECODE_OK;
126 }
127 
128 /** \brief thread init for the flow logger
129  * This will run the thread init functions for the individual registered
130  * loggers */
131 TmEcode OutputFlowLogThreadInit(ThreadVars *tv, void *initdata, void **data)
132 {
133  OutputLoggerThreadData *td = SCMalloc(sizeof(*td));
134  if (td == NULL)
135  return TM_ECODE_FAILED;
136  memset(td, 0x00, sizeof(*td));
137 
138  *data = (void *)td;
139 
140  SCLogDebug("OutputFlowLogThreadInit happy (*data %p)", *data);
141 
142  OutputFlowLogger *logger = list;
143  while (logger) {
144  if (logger->ThreadInit) {
145  void *retptr = NULL;
146  if (logger->ThreadInit(tv, (void *)logger->output_ctx, &retptr) == TM_ECODE_OK) {
147  OutputLoggerThreadStore *ts = SCMalloc(sizeof(*ts));
148 /* todo */ BUG_ON(ts == NULL);
149  memset(ts, 0x00, sizeof(*ts));
150 
151  /* store thread handle */
152  ts->thread_data = retptr;
153 
154  if (td->store == NULL) {
155  td->store = ts;
156  } else {
157  OutputLoggerThreadStore *tmp = td->store;
158  while (tmp->next != NULL)
159  tmp = tmp->next;
160  tmp->next = ts;
161  }
162 
163  SCLogDebug("%s is now set up", logger->name);
164  }
165  }
166 
167  logger = logger->next;
168  }
169 
170  return TM_ECODE_OK;
171 }
172 
173 TmEcode OutputFlowLogThreadDeinit(ThreadVars *tv, void *thread_data)
174 {
175  OutputLoggerThreadData *op_thread_data = (OutputLoggerThreadData *)thread_data;
176  if (op_thread_data == NULL)
177  return TM_ECODE_OK;
178 
179  OutputLoggerThreadStore *store = op_thread_data->store;
180  OutputFlowLogger *logger = list;
181 
182  while (logger && store) {
183  if (logger->ThreadDeinit) {
184  logger->ThreadDeinit(tv, store->thread_data);
185  }
186 
187  OutputLoggerThreadStore *next_store = store->next;
188  SCFree(store);
189  store = next_store;
190  logger = logger->next;
191  }
192 
193  SCFree(op_thread_data);
194  return TM_ECODE_OK;
195 }
196 
197 void OutputFlowLogExitPrintStats(ThreadVars *tv, void *thread_data)
198 {
199  OutputLoggerThreadData *op_thread_data = (OutputLoggerThreadData *)thread_data;
200  OutputLoggerThreadStore *store = op_thread_data->store;
201  OutputFlowLogger *logger = list;
202 
203  while (logger && store) {
204  if (logger->ThreadExitPrintStats) {
205  logger->ThreadExitPrintStats(tv, store->thread_data);
206  }
207 
208  logger = logger->next;
209  store = store->next;
210  }
211 }
212 
213 void OutputFlowShutdown(void)
214 {
215  OutputFlowLogger *logger = list;
216  while (logger) {
217  OutputFlowLogger *next_logger = logger->next;
218  SCFree(logger);
219  logger = next_logger;
220  }
221  list = NULL;
222 }
OutputFlowLog
TmEcode OutputFlowLog(ThreadVars *tv, void *thread_data, Flow *f)
Run flow logger(s)
Definition: output-flow.c:91
ts
uint64_t ts
Definition: source-erf-file.c:54
OutputLoggerThreadStore_
Definition: output-file.c:37
OutputLoggerThreadStore_::next
struct OutputLoggerThreadStore_ * next
Definition: output-file.c:39
SCLogDebug
#define SCLogDebug(...)
Definition: util-debug.h:298
OutputFlowLogger_
Definition: output-flow.c:46
Flow_
Flow data structure.
Definition: flow.h:350
tm-modules.h
FlowLogger
int(* FlowLogger)(ThreadVars *, void *thread_data, Flow *f)
Definition: output-flow.h:32
OutputFlowLogger_::next
struct OutputFlowLogger_ * next
Definition: output-flow.c:49
TM_ECODE_FAILED
@ TM_ECODE_FAILED
Definition: tm-threads-common.h:81
OutputFlowLogger
struct OutputFlowLogger_ OutputFlowLogger
TM_ECODE_OK
@ TM_ECODE_OK
Definition: tm-threads-common.h:80
OutputFlowLogger_::ThreadExitPrintStats
void(* ThreadExitPrintStats)(ThreadVars *, void *)
Definition: output-flow.c:53
OutputLoggerThreadStore_::thread_data
void * thread_data
Definition: output-file.c:38
OutputCtx_
Definition: tm-modules.h:78
OutputRegisterFlowLogger
int OutputRegisterFlowLogger(const char *name, FlowLogger LogFunc, OutputCtx *output_ctx, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit, ThreadExitPrintStatsFunc ThreadExitPrintStats)
Definition: output-flow.c:58
OutputLoggerThreadData_
Definition: output-file.c:44
OutputLoggerThreadStore
struct OutputLoggerThreadStore_ OutputLoggerThreadStore
OutputFlowLogThreadInit
TmEcode OutputFlowLogThreadInit(ThreadVars *tv, void *initdata, void **data)
thread init for the flow logger This will run the thread init functions for the individual registered...
Definition: output-flow.c:131
OutputFlowLogger_::output_ctx
OutputCtx * output_ctx
Definition: output-flow.c:48
ThreadVars_
Per thread variable structure.
Definition: threadvars.h:58
ThreadInitFunc
TmEcode(* ThreadInitFunc)(ThreadVars *, const void *, void **)
Definition: tm-modules.h:39
BUG_ON
#define BUG_ON(x)
Definition: suricata-common.h:277
util-profiling.h
OutputLoggerThreadData_::store
OutputLoggerThreadStore * store
Definition: output-file.c:45
OutputFlowLogger_::ThreadInit
TmEcode(* ThreadInit)(ThreadVars *, const void *, void **)
Definition: output-flow.c:51
TmEcode
TmEcode
Definition: tm-threads-common.h:79
output-flow.h
OutputFlowLogger_::name
const char * name
Definition: output-flow.c:50
OutputFlowLogger_::LogFunc
FlowLogger LogFunc
Definition: output-flow.c:47
suricata-common.h
ThreadExitPrintStatsFunc
void(* ThreadExitPrintStatsFunc)(ThreadVars *, void *)
Definition: tm-modules.h:41
tv
ThreadVars * tv
Definition: fuzz_decodepcapfile.c:29
util-validate.h
SCMalloc
#define SCMalloc(sz)
Definition: util-mem.h:47
OutputFlowLogExitPrintStats
void OutputFlowLogExitPrintStats(ThreadVars *tv, void *thread_data)
Definition: output-flow.c:197
OutputFlowLogThreadDeinit
TmEcode OutputFlowLogThreadDeinit(ThreadVars *tv, void *thread_data)
Definition: output-flow.c:173
SCFree
#define SCFree(p)
Definition: util-mem.h:61
OutputLoggerThreadData
struct OutputLoggerThreadData_ OutputLoggerThreadData
OutputFlowShutdown
void OutputFlowShutdown(void)
Definition: output-flow.c:213
DEBUG_VALIDATE_BUG_ON
#define DEBUG_VALIDATE_BUG_ON(exp)
Definition: util-validate.h:111
OutputFlowLogger_::ThreadDeinit
TmEcode(* ThreadDeinit)(ThreadVars *, void *)
Definition: output-flow.c:52
ThreadDeinitFunc
TmEcode(* ThreadDeinitFunc)(ThreadVars *, void *)
Definition: tm-modules.h:40