suricata
Functions
runmode-pcap.c File Reference
#include "suricata-common.h"
#include "runmode-pcap.h"
#include "runmodes.h"
#include "output.h"
#include "util-conf.h"
#include "util-debug.h"
#include "util-time.h"
#include "util-cpu.h"
#include "util-device.h"
#include "util-runmodes.h"
#include "util-misc.h"
#include "util-byte.h"
Include dependency graph for runmode-pcap.c:

Go to the source code of this file.

Functions

const char * RunModeIdsGetDefaultMode (void)
 
int RunModeIdsPcapWorkers (void)
 Workers version of the PCAP LIVE processing. More...
 
void RunModeIdsPcapRegister (void)
 
int RunModeIdsPcapSingle (void)
 Single thread version of the Pcap live processing. More...
 
int RunModeIdsPcapAutoFp (void)
 RunModIdsPcapAutoFp set up the following thread packet handlers: More...
 

Function Documentation

◆ RunModeIdsGetDefaultMode()

const char* RunModeIdsGetDefaultMode ( void  )

Definition at line 32 of file runmode-pcap.c.

◆ RunModeIdsPcapAutoFp()

int RunModeIdsPcapAutoFp ( void  )

RunModIdsPcapAutoFp set up the following thread packet handlers:

  • Receive thread (from pcap device)
  • Decode thread
  • Stream thread
  • Detect: If we have only 1 cpu, it will setup one Detect thread If we have more than one, it will setup num_cpus - 1 starting from the second cpu available.
  • Outputs thread By default the threads will use the first cpu available except the Detection threads if we have more than one cpu.
Return values
0If all goes well. (If any problem is detected the engine will exit()).

Definition at line 268 of file runmode-pcap.c.

References ConfGet(), RunModeSetLiveCaptureAutoFp(), SCEnter, and TimeModeSetLive().

Referenced by RunModeIdsPcapRegister().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ RunModeIdsPcapRegister()

void RunModeIdsPcapRegister ( void  )

Definition at line 39 of file runmode-pcap.c.

References RUNMODE_PCAP_DEV, RunModeIdsPcapAutoFp(), RunModeIdsPcapSingle(), RunModeIdsPcapWorkers(), and RunModeRegisterNewRunMode().

Here is the call graph for this function:

◆ RunModeIdsPcapSingle()

int RunModeIdsPcapSingle ( void  )

Single thread version of the Pcap live processing.

Definition at line 228 of file runmode-pcap.c.

References ConfGet(), RunModeSetLiveCaptureSingle(), SCEnter, and TimeModeSetLive().

Referenced by RunModeIdsPcapRegister().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ RunModeIdsPcapWorkers()

int RunModeIdsPcapWorkers ( void  )

Workers version of the PCAP LIVE processing.

Start N threads with each thread doing all the work.

Definition at line 295 of file runmode-pcap.c.

References ConfGet(), RunModeSetLiveCaptureWorkers(), SCEnter, and TimeModeSetLive().

Referenced by RunModeIdsPcapRegister().

Here is the call graph for this function:
Here is the caller graph for this function: