suricata
runmode-napatech.c
Go to the documentation of this file.
1 /* Copyright (C) 2012-2017 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author nPulse Technologies, LLC.
22  * \author Matt Keeler <mk@npulsetech.com>
23  */
24 
25 #include "suricata-common.h"
26 #include "tm-threads.h"
27 #include "conf.h"
28 #include "runmodes.h"
29 #include "output.h"
30 #include "util-debug.h"
31 #include "util-time.h"
32 #include "util-cpu.h"
33 #include "util-affinity.h"
34 #include "util-runmodes.h"
35 #include "util-device.h"
36 #include "util-napatech.h"
37 #include "runmode-napatech.h"
38 #include "source-napatech.h" // need NapatechStreamDevConf structure
39 
40 #define NT_RUNMODE_AUTOFP 1
41 #define NT_RUNMODE_WORKERS 2
42 
43 static const char *default_mode = NULL;
44 #ifdef HAVE_NAPATECH
45 
46 #define MAX_STREAMS 256
47 static uint16_t num_configured_streams = 0;
48 
49 uint16_t GetNumConfiguredStreams(void) {
50  return num_configured_streams;
51 }
52 
53 #endif
54 
55 const char *RunModeNapatechGetDefaultMode(void)
56 {
57  return default_mode;
58 }
59 
60 void RunModeNapatechRegister(void)
61 {
62 #ifdef HAVE_NAPATECH
63  default_mode = "autofp";
64  RunModeRegisterNewRunMode(RUNMODE_NAPATECH, "autofp",
65  "Multi threaded Napatech mode. Packets from "
66  "each flow are assigned to a single detect "
67  "thread instead of any detect thread",
68  RunModeNapatechAutoFp);
69  RunModeRegisterNewRunMode(RUNMODE_NAPATECH, "workers",
70  "Workers Napatech mode, each thread does all"
71  " tasks from acquisition to logging",
72  RunModeNapatechWorkers);
73  return;
74 #endif
75 }
76 
77 
78 #ifdef HAVE_NAPATECH
79 
80 
81 static int NapatechRegisterDeviceStreams(void)
82 {
83 
84  /* Display the configuration mode */
85  int use_all_streams;
86  if (ConfGetBool("napatech.use-all-streams", &use_all_streams) == 0) {
87  SCLogError(SC_ERR_RUNMODE, "Failed retrieving napatech.use-all-streams from Conf");
88  exit(EXIT_FAILURE);
89  }
90 
91  if (use_all_streams) {
92  SCLogInfo("Using All Napatech Streams");
93  } else {
94  SCLogInfo("Using Selected Napatech Streams");
95  }
96 
97  /* Get the stream ID's either from the conf or by querying Napatech */
98  NapatechStreamConfig stream_config[MAX_STREAMS];
99  uint16_t stream_cnt = NapatechGetStreamConfig(stream_config);
100  num_configured_streams = stream_cnt;
101  SCLogDebug("Configuring %d Napatech Streams...", stream_cnt);
102 
103  for (uint16_t inst = 0; inst < stream_cnt; ++inst) {
104  char *plive_dev_buf = SCCalloc(1, 9);
105  if (unlikely(plive_dev_buf == NULL)) {
106  SCLogError(SC_ERR_MEM_ALLOC, "Failed to allocate memory for NAPATECH stream counter.");
107  exit(EXIT_FAILURE);
108  }
109  snprintf(plive_dev_buf, 9, "nt%d", stream_config[inst].stream_id);
110  SCLogInfo("registering Napatech device: %s - active stream%sfound.",
111  plive_dev_buf, stream_config[inst].is_active ? " " : " NOT ");
112  LiveRegisterDevice(plive_dev_buf);
113  }
114 
115  /* Napatech stats come from a separate thread. This will surpress
116  * the counters when suricata exits.
117  */
118  LiveDeviceHasNoStats();
119  return 0;
120 }
121 
122 static void *NapatechConfigParser(const char *device)
123 {
124  /* Expect device to be of the form nt%d where %d is the stream id to use */
125  int dev_len = strlen(device);
126  if (dev_len < 3 || dev_len > 5) {
127  SCLogError(SC_ERR_NAPATECH_PARSE_CONFIG, "Could not parse config for device: %s - invalid length", device);
128  return NULL;
129  }
130 
131  struct NapatechStreamDevConf *conf = SCCalloc(1, sizeof (struct NapatechStreamDevConf));
132  if (unlikely(conf == NULL)) {
133  SCLogError(SC_ERR_MEM_ALLOC, "Failed to allocate memory for NAPATECH device name.");
134  return NULL;
135  }
136 
137  /* device+5 is a pointer to the beginning of the stream id after the constant nt portion */
138  conf->stream_id = atoi(device + 2);
139 
140  /* Set the host buffer allowance for this stream
141  * Right now we just look at the global default - there is no per-stream hba configuration
142  */
143  if (ConfGetInt("napatech.hba", &conf->hba) == 0) {
144  conf->hba = -1;
145  }
146  return (void *) conf;
147 }
148 
149 static int NapatechGetThreadsCount(void *conf __attribute__((unused)))
150 {
151  /* No matter which live device it is there is no reason to ever use more than 1 thread
152  2 or more thread would cause packet duplication */
153  return 1;
154 }
155 
156 static int NapatechInit(int runmode)
157 {
158  int ret;
159  char error_buf[100];
160 
161  RunModeInitialize();
162  TimeModeSetLive();
163 
164  /* Initialize the API and check version compatibility */
165  if ((ret = NT_Init(NTAPI_VERSION)) != NT_SUCCESS) {
166  NT_ExplainError(ret, error_buf, sizeof (error_buf));
167  SCLogError(SC_ERR_NAPATECH_INIT_FAILED, "NT_Init failed. Code 0x%X = %s", ret, error_buf);
168  exit(EXIT_FAILURE);
169  }
170 
171  ret = NapatechRegisterDeviceStreams();
172  if (ret < 0 || num_configured_streams <= 0) {
173  SCLogError(SC_ERR_NAPATECH_STREAMS_REGISTER_FAILED, "Unable to setup up Napatech Streams");
174  exit(EXIT_FAILURE);
175  }
176 
177  struct NapatechStreamDevConf *conf = SCCalloc(1, sizeof (struct NapatechStreamDevConf));
178  if (unlikely(conf == NULL)) {
179  SCLogError(SC_ERR_MEM_ALLOC, "Failed to allocate memory for NAPATECH device.");
180  exit(EXIT_FAILURE);
181  }
182 
183  if ( (ConfGetInt("napatech.hba", &conf->hba) != 0) && (conf->hba > 0)){
184  SCLogInfo("Host Buffer Allowance: %d", (int)conf->hba);
185  }
186 
187  /* Start a thread to process the statistics */
188  NapatechStartStats();
189 
190  switch (runmode) {
191  case NT_RUNMODE_AUTOFP:
192  ret = RunModeSetLiveCaptureAutoFp(NapatechConfigParser, NapatechGetThreadsCount,
193  "NapatechStream", "NapatechDecode",
194  thread_name_autofp, NULL);
195  break;
196  case NT_RUNMODE_WORKERS:
197  ret = RunModeSetLiveCaptureWorkers(NapatechConfigParser, NapatechGetThreadsCount,
198  "NapatechStream", "NapatechDecode",
199  thread_name_workers, NULL);
200  break;
201  default:
202  ret = -1;
203  }
204 
205  if (ret != 0) {
206  SCLogError(SC_ERR_RUNMODE, "Runmode start failed");
207  exit(EXIT_FAILURE);
208  }
209  return 0;
210 }
211 
212 int RunModeNapatechAutoFp(void)
213 {
214  return NapatechInit(NT_RUNMODE_AUTOFP);
215 }
216 
217 int RunModeNapatechWorkers(void)
218 {
219  return NapatechInit(NT_RUNMODE_WORKERS);
220 }
221 
222 #endif
NapatechGetStreamConfig
uint16_t NapatechGetStreamConfig(NapatechStreamConfig stream_config[])
Definition: util-napatech.c:346
SCLogDebug
#define SCLogDebug(...)
Definition: util-debug.h:335
LiveRegisterDevice
int LiveRegisterDevice(const char *dev)
Add a pcap device for monitoring and create structure.
Definition: util-device.c:111
RunModeInitialize
void RunModeInitialize(void)
Definition: runmodes.c:912
stream_config
TcpStreamCnf stream_config
Definition: stream-tcp.h:106
RunModeRegisterNewRunMode
void RunModeRegisterNewRunMode(int runmode, const char *name, const char *description, int(*RunModeFunc)(void))
Registers a new runmode.
Definition: runmodes.c:426
unlikely
#define unlikely(expr)
Definition: util-optimize.h:35
ConfGetBool
int ConfGetBool(const char *name, int *val)
Retrieve a configuration value as an boolen.
Definition: conf.c:517
TimeModeSetLive
void TimeModeSetLive(void)
Definition: util-time.c:82
__attribute__
typedef __attribute__
DNP3 application header.
Definition: alert-unified2-alert.c:376
RunModeNapatechGetDefaultMode
const char * RunModeNapatechGetDefaultMode(void)
Definition: runmode-napatech.c:55
SCCalloc
#define SCCalloc(nm, a)
Definition: util-mem.h:205
RunModeSetLiveCaptureAutoFp
int RunModeSetLiveCaptureAutoFp(ConfigIfaceParserFunc ConfigParser, ConfigIfaceThreadsCountFunc ModThreadsCount, const char *recv_mod_name, const char *decode_mod_name, const char *thread_name, const char *live_dev)
Definition: util-runmodes.c:89
SCLogError
#define SCLogError(err_code,...)
Macro used to log ERROR messages.
Definition: util-debug.h:294
RunModeNapatechWorkers
int RunModeNapatechWorkers(void)
Definition: runmode-napatech.c:217
NT_RUNMODE_WORKERS
#define NT_RUNMODE_WORKERS
Definition: runmode-napatech.c:41
GetNumConfiguredStreams
uint16_t GetNumConfiguredStreams(void)
Definition: runmode-napatech.c:49
SCLogInfo
#define SCLogInfo(...)
Macro used to log INFORMATIONAL messages.
Definition: util-debug.h:254
ConfGetInt
int ConfGetInt(const char *name, intmax_t *val)
Retrieve a configuration value as an integer.
Definition: conf.c:437
thread_name_autofp
const char * thread_name_autofp
Definition: runmodes.c:61
RunModeNapatechRegister
void RunModeNapatechRegister(void)
Definition: runmode-napatech.c:60
NapatechStartStats
void NapatechStartStats(void)
Definition: util-napatech.c:695
MAX_STREAMS
#define MAX_STREAMS
Definition: runmode-napatech.c:46
NapatechStreamConfig_
Definition: util-napatech.h:39
RunModeSetLiveCaptureWorkers
int RunModeSetLiveCaptureWorkers(ConfigIfaceParserFunc ConfigParser, ConfigIfaceThreadsCountFunc ModThreadsCount, const char *recv_mod_name, const char *decode_mod_name, const char *thread_name, const char *live_dev)
Definition: util-runmodes.c:371
NT_RUNMODE_AUTOFP
#define NT_RUNMODE_AUTOFP
Definition: runmode-napatech.c:40
RunModeNapatechAutoFp
int RunModeNapatechAutoFp(void)
Definition: runmode-napatech.c:212
LiveDeviceHasNoStats
void LiveDeviceHasNoStats()
Definition: util-device.c:312
thread_name_workers
const char * thread_name_workers
Definition: runmodes.c:63