114 for (
int i = 0; i < 4; i++) {
115 uint64_t memcap = memcaps[i].
GetFunc();
118 float p = (float)((
double)memuse / (double)memcap);
121 percent =
MAX(p, percent);
127 #ifdef BUILD_UNIX_SOCKET
129 static int RunModeUnixSocketMaster(
void);
130 static int unix_manager_pcap_task_running = 0;
131 static int unix_manager_pcap_task_failed = 0;
132 static int unix_manager_pcap_task_interrupted = 0;
133 static struct timespec unix_manager_pcap_last_processed;
134 static SCCtrlMutex unix_manager_pcap_last_processed_mutex;
141 static TmEcode UnixSocketPcapFilesList(json_t *cmd, json_t* answer,
void *data)
149 jdata = json_object();
151 json_object_set_new(answer,
"message",
152 json_string(
"internal error at json object creation"));
155 jarray = json_array();
156 if (jarray == NULL) {
158 json_object_set_new(answer,
"message",
159 json_string(
"internal error at json object creation"));
166 json_object_set_new(jdata,
"count", json_integer(i));
167 json_object_set_new(jdata,
"files", jarray);
168 json_object_set_new(answer,
"message", jdata);
172 static TmEcode UnixSocketPcapFilesNumber(json_t *cmd, json_t* answer,
void *data)
181 json_object_set_new(answer,
"message", json_integer(i));
185 static TmEcode UnixSocketPcapCurrent(json_t *cmd, json_t* answer,
void *data)
189 if (this->current_file != NULL && this->current_file->filename != NULL) {
190 json_object_set_new(answer,
"message",
191 json_string(this->current_file->filename));
193 json_object_set_new(answer,
"message", json_string(
"None"));
198 static TmEcode UnixSocketPcapLastProcessed(json_t *cmd, json_t *answer,
void *data)
200 json_int_t epoch_millis;
205 json_object_set_new(answer,
"message",
206 json_integer(epoch_millis));
211 static TmEcode UnixSocketPcapInterrupt(json_t *cmd, json_t *answer,
void *data)
213 unix_manager_pcap_task_interrupted = 1;
215 json_object_set_new(answer,
"message", json_string(
"Interrupted"));
220 static void PcapFilesFree(
PcapFiles *cfile)
245 static TmEcode UnixListAddFile(
PcapCommand *
this,
const char *filename,
const char *output_dir,
246 uint32_t tenant_id,
bool continuous,
bool should_delete, time_t delay, time_t poll_interval)
249 if (filename == NULL ||
this == NULL)
277 cfile->
delay = delay;
292 static TmEcode UnixSocketAddPcapFileImpl(json_t *cmd, json_t* answer,
void *data,
296 const char *filename;
297 const char *output_dir;
298 uint32_t tenant_id = 0;
299 bool should_delete =
false;
301 time_t poll_interval = 5;
304 json_t *jarg = json_object_get(cmd,
"filename");
305 if (!json_is_string(jarg)) {
307 json_object_set_new(answer,
"message",
308 json_string(
"filename is not a string"));
311 filename = json_string_value(jarg);
313 json_object_set_new(answer,
"message",
314 json_string(
"filename does not exist"));
318 json_t *oarg = json_object_get(cmd,
"output-dir");
320 if (!json_is_string(oarg)) {
323 json_object_set_new(answer,
"message",
324 json_string(
"output-dir is not a string"));
327 output_dir = json_string_value(oarg);
331 json_object_set_new(answer,
"message",
332 json_string(
"output-dir param is mandatory"));
336 if (
SCStatFn(output_dir, &st) != 0) {
337 json_object_set_new(answer,
"message",
338 json_string(
"output-dir does not exist"));
342 json_t *targ = json_object_get(cmd,
"tenant");
344 if (!json_is_integer(targ)) {
345 json_object_set_new(answer,
"message",
346 json_string(
"tenant is not a number"));
349 tenant_id = json_number_value(targ);
352 json_t *delete_arg = json_object_get(cmd,
"delete-when-done");
353 if (delete_arg != NULL) {
354 should_delete = json_is_true(delete_arg);
357 json_t *delay_arg = json_object_get(cmd,
"delay");
358 if (delay_arg != NULL) {
359 if (!json_is_integer(delay_arg)) {
361 json_object_set_new(answer,
"message",
362 json_string(
"delay is not a integer"));
365 delay = json_integer_value(delay_arg);
368 json_t *interval_arg = json_object_get(cmd,
"poll-interval");
369 if (interval_arg != NULL) {
370 if (!json_is_integer(interval_arg)) {
373 json_object_set_new(answer,
"message",
374 json_string(
"poll-interval is not a integer"));
377 poll_interval = json_integer_value(interval_arg);
380 switch (UnixListAddFile(
this, filename, output_dir, tenant_id, continuous,
381 should_delete, delay, poll_interval)) {
384 json_object_set_new(answer,
"message",
385 json_string(
"Unable to add file to list"));
388 SCLogInfo(
"Added file '%s' to list", filename);
389 json_object_set_new(answer,
"message",
390 json_string(
"Successfully added file to list"));
403 static TmEcode UnixSocketAddPcapFile(json_t *cmd, json_t* answer,
void *data)
405 bool continuous =
false;
407 json_t *cont_arg = json_object_get(cmd,
"continuous");
408 if (cont_arg != NULL) {
409 continuous = json_is_true(cont_arg);
412 return UnixSocketAddPcapFileImpl(cmd, answer, data, continuous);
422 static TmEcode UnixSocketAddPcapFileContinuous(json_t *cmd, json_t* answer,
void *data)
424 return UnixSocketAddPcapFileImpl(cmd, answer, data,
true);
440 static TmEcode UnixSocketPcapFilesCheck(
void *data)
443 if (unix_manager_pcap_task_running == 1) {
446 if ((unix_manager_pcap_task_failed == 1) || (this->running == 1)) {
447 if (unix_manager_pcap_task_failed) {
448 SCLogInfo(
"Preceeding task failed, cleaning the running mode");
450 unix_manager_pcap_task_failed = 0;
456 if (this->current_file) {
457 PcapFilesFree(this->current_file);
459 this->current_file = NULL;
470 unix_manager_pcap_task_running = 1;
475 PcapFilesFree(cfile);
486 SCLogError(
"Can not set continuous mode for pcap processing");
487 PcapFilesFree(cfile);
496 SCLogError(
"Can not set delete mode for pcap processing");
497 PcapFilesFree(cfile);
501 if (cfile->
delay > 0) {
503 snprintf(tstr,
sizeof(tstr),
"%" PRIuMAX, (uintmax_t)cfile->
delay);
505 SCLogError(
"Can not set delay to '%s'", tstr);
506 PcapFilesFree(cfile);
513 snprintf(tstr,
sizeof(tstr),
"%" PRIuMAX, (uintmax_t)cfile->
poll_interval);
515 SCLogError(
"Can not set poll-interval to '%s'", tstr);
516 PcapFilesFree(cfile);
523 snprintf(tstr,
sizeof(tstr),
"%u", cfile->
tenant_id);
525 SCLogError(
"Can not set working tenant-id to '%s'", tstr);
526 PcapFilesFree(cfile);
530 SCLogInfo(
"pcap-file.tenant-id not set");
536 PcapFilesFree(cfile);
541 this->current_file = cfile;
543 SCLogInfo(
"Starting run for '%s'", this->current_file->filename);
560 #ifdef BUILD_UNIX_SOCKET
571 #ifdef BUILD_UNIX_SOCKET
574 unix_manager_pcap_last_processed.tv_sec = last_processed->tv_sec;
575 unix_manager_pcap_last_processed.tv_nsec = last_processed->tv_nsec;
580 SCLogInfo(
"Marking current task as done");
581 unix_manager_pcap_task_running = 0;
584 SCLogInfo(
"Marking current task as failed");
585 unix_manager_pcap_task_running = 0;
586 unix_manager_pcap_task_failed = 1;
590 if (unix_manager_pcap_task_interrupted == 1) {
591 SCLogInfo(
"Interrupting current run mode");
592 unix_manager_pcap_task_interrupted = 0;
602 #ifdef BUILD_UNIX_SOCKET
610 TmEcode UnixSocketDatasetAdd(json_t *cmd, json_t* answer,
void *data)
613 json_t *narg = json_object_get(cmd,
"setname");
614 if (!json_is_string(narg)) {
615 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
618 const char *set_name = json_string_value(narg);
621 json_t *targ = json_object_get(cmd,
"settype");
622 if (!json_is_string(targ)) {
623 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
626 const char *
type = json_string_value(targ);
629 json_t *varg = json_object_get(cmd,
"datavalue");
630 if (!json_is_string(varg)) {
631 json_object_set_new(answer,
"message", json_string(
"datavalue is not string"));
634 const char *value = json_string_value(varg);
636 SCLogDebug(
"dataset-add: %s type %s value %s", set_name,
type, value);
640 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
646 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
652 json_object_set_new(answer,
"message", json_string(
"data added"));
655 json_object_set_new(answer,
"message", json_string(
"data already in set"));
658 json_object_set_new(answer,
"message", json_string(
"failed to add data"));
663 TmEcode UnixSocketDatasetRemove(json_t *cmd, json_t* answer,
void *data)
666 json_t *narg = json_object_get(cmd,
"setname");
667 if (!json_is_string(narg)) {
668 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
671 const char *set_name = json_string_value(narg);
674 json_t *targ = json_object_get(cmd,
"settype");
675 if (!json_is_string(targ)) {
676 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
679 const char *
type = json_string_value(targ);
682 json_t *varg = json_object_get(cmd,
"datavalue");
683 if (!json_is_string(varg)) {
684 json_object_set_new(answer,
"message", json_string(
"datavalue is not string"));
687 const char *value = json_string_value(varg);
689 SCLogDebug(
"dataset-remove: %s type %s value %s", set_name,
type, value);
693 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
699 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
705 json_object_set_new(answer,
"message", json_string(
"data removed"));
708 json_object_set_new(answer,
"message", json_string(
"data is busy, try again"));
711 json_object_set_new(answer,
"message", json_string(
"failed to remove data"));
716 TmEcode UnixSocketDatasetDump(json_t *cmd, json_t *answer,
void *data)
721 json_object_set_new(answer,
"message", json_string(
"datasets dump done"));
725 TmEcode UnixSocketDatasetClear(json_t *cmd, json_t *answer,
void *data)
728 json_t *narg = json_object_get(cmd,
"setname");
729 if (!json_is_string(narg)) {
730 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
733 const char *set_name = json_string_value(narg);
736 json_t *targ = json_object_get(cmd,
"settype");
737 if (!json_is_string(targ)) {
738 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
741 const char *
type = json_string_value(targ);
745 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
751 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
757 json_object_set_new(answer,
"message", json_string(
"dataset cleared"));
761 TmEcode UnixSocketDatasetLookup(json_t *cmd, json_t *answer,
void *data)
764 json_t *narg = json_object_get(cmd,
"setname");
765 if (!json_is_string(narg)) {
766 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
769 const char *set_name = json_string_value(narg);
772 json_t *targ = json_object_get(cmd,
"settype");
773 if (!json_is_string(targ)) {
774 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
777 const char *
type = json_string_value(targ);
780 json_t *varg = json_object_get(cmd,
"datavalue");
781 if (!json_is_string(varg)) {
782 json_object_set_new(answer,
"message", json_string(
"datavalue is not string"));
785 const char *value = json_string_value(varg);
787 SCLogDebug(
"dataset-exist: %s type %s value %s", set_name,
type, value);
791 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
797 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
802 json_object_set_new(answer,
"message", json_string(
"item found in set"));
805 json_object_set_new(answer,
"message", json_string(
"item not found in set"));
817 TmEcode UnixSocketDatajsonAdd(json_t *cmd, json_t *answer,
void *data)
820 json_t *narg = json_object_get(cmd,
"setname");
821 if (!json_is_string(narg)) {
822 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
825 const char *set_name = json_string_value(narg);
828 json_t *targ = json_object_get(cmd,
"settype");
829 if (!json_is_string(targ)) {
830 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
833 const char *
type = json_string_value(targ);
836 json_t *varg = json_object_get(cmd,
"datavalue");
837 if (!json_is_string(varg)) {
838 json_object_set_new(answer,
"message", json_string(
"datavalue is not string"));
841 const char *value = json_string_value(varg);
844 json_t *jarg = json_object_get(cmd,
"datajson");
845 if (!json_is_string(varg)) {
846 json_object_set_new(answer,
"message", json_string(
"datajson is not string"));
849 const char *json = json_string_value(jarg);
851 SCLogDebug(
"datajson-add: %s type %s value %s json %s", set_name,
type, value, json);
855 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
861 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
867 json_object_set_new(answer,
"message", json_string(
"data added"));
870 json_object_set_new(answer,
"message", json_string(
"data already in set"));
873 json_object_set_new(answer,
"message", json_string(
"failed to add data"));
878 static bool JsonU32Value(json_t *jarg, uint32_t *ret)
880 int64_t r = json_integer_value(jarg);
881 if (r < 0 || r > UINT32_MAX) {
895 TmEcode UnixSocketRegisterTenantHandler(json_t *cmd, json_t* answer,
void *data)
898 json_int_t traffic_id = -1;
901 SCLogInfo(
"error: multi-tenant support not enabled");
902 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
907 json_t *jarg = json_object_get(cmd,
"id");
908 if (!json_is_integer(jarg)) {
909 SCLogInfo(
"error: command is not a string");
910 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
914 if (!JsonU32Value(jarg, &tenant_id)) {
916 json_object_set_new(answer,
"message", json_string(
"tenant_id is not a uint32"));
921 jarg = json_object_get(cmd,
"htype");
922 if (!json_is_string(jarg)) {
923 SCLogInfo(
"error: command is not a string");
924 json_object_set_new(answer,
"message", json_string(
"command is not a string"));
927 htype = json_string_value(jarg);
929 SCLogDebug(
"add-tenant-handler: %d %s", tenant_id, htype);
932 json_t *hargs = json_object_get(cmd,
"hargs");
934 if (!json_is_integer(hargs)) {
936 json_object_set_new(answer,
"message", json_string(
"hargs not a number"));
939 traffic_id = json_integer_value(hargs);
944 if (strcmp(htype,
"pcap") == 0) {
946 }
else if (strcmp(htype,
"vlan") == 0) {
947 if (traffic_id < 0) {
948 json_object_set_new(answer,
"message", json_string(
"vlan requires argument"));
951 if (traffic_id > USHRT_MAX) {
952 json_object_set_new(answer,
"message", json_string(
"vlan argument out of range"));
956 SCLogInfo(
"VLAN handler: id %u maps to tenant %u", (uint32_t)traffic_id, tenant_id);
960 json_object_set_new(answer,
"message", json_string(
"handler setup failure"));
965 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
970 json_object_set_new(answer,
"message", json_string(
"handler added"));
981 TmEcode UnixSocketUnregisterTenantHandler(json_t *cmd, json_t* answer,
void *data)
984 json_int_t traffic_id = -1;
987 SCLogInfo(
"error: multi-tenant support not enabled");
988 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
993 json_t *jarg = json_object_get(cmd,
"id");
994 if (!json_is_integer(jarg)) {
995 SCLogInfo(
"error: command is not a string");
996 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
1000 if (!JsonU32Value(jarg, &tenant_id)) {
1002 json_object_set_new(answer,
"message", json_string(
"tenant_id is not a uint32"));
1007 jarg = json_object_get(cmd,
"htype");
1008 if (!json_is_string(jarg)) {
1009 SCLogInfo(
"error: command is not a string");
1010 json_object_set_new(answer,
"message", json_string(
"command is not a string"));
1013 htype = json_string_value(jarg);
1015 SCLogDebug(
"add-tenant-handler: %d %s", tenant_id, htype);
1018 json_t *hargs = json_object_get(cmd,
"hargs");
1019 if (hargs != NULL) {
1020 if (!json_is_integer(hargs)) {
1022 json_object_set_new(answer,
"message", json_string(
"hargs not a number"));
1025 traffic_id = json_integer_value(hargs);
1030 if (strcmp(htype,
"pcap") == 0) {
1032 }
else if (strcmp(htype,
"vlan") == 0) {
1033 if (traffic_id < 0) {
1034 json_object_set_new(answer,
"message", json_string(
"vlan requires argument"));
1037 if (traffic_id > USHRT_MAX) {
1038 json_object_set_new(answer,
"message", json_string(
"vlan argument out of range"));
1042 SCLogInfo(
"VLAN handler: removing mapping of %u to tenant %u", (uint32_t)traffic_id, tenant_id);
1046 json_object_set_new(answer,
"message", json_string(
"handler unregister failure"));
1052 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1057 json_object_set_new(answer,
"message", json_string(
"handler removed"));
1068 TmEcode UnixSocketRegisterTenant(json_t *cmd, json_t* answer,
void *data)
1070 const char *filename;
1074 SCLogInfo(
"error: multi-tenant support not enabled");
1075 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
1080 json_t *jarg = json_object_get(cmd,
"id");
1081 if (!json_is_integer(jarg)) {
1082 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
1086 if (!JsonU32Value(jarg, &tenant_id)) {
1088 json_object_set_new(answer,
"message", json_string(
"tenant_id is not a uint32"));
1093 jarg = json_object_get(cmd,
"filename");
1094 if (!json_is_string(jarg)) {
1095 json_object_set_new(answer,
"message", json_string(
"command is not a string"));
1098 filename = json_string_value(jarg);
1099 if (
SCStatFn(filename, &st) != 0) {
1100 json_object_set_new(answer,
"message", json_string(
"file does not exist"));
1104 SCLogDebug(
"add-tenant: %d %s", tenant_id, filename);
1109 snprintf(prefix,
sizeof(prefix),
"multi-detect.%u", tenant_id);
1111 SCLogError(
"failed to load yaml %s", filename);
1112 json_object_set_new(answer,
"message", json_string(
"failed to load yaml"));
1118 json_object_set_new(answer,
"message", json_string(
"adding tenant failed"));
1124 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1129 json_object_set_new(answer,
"message", json_string(
"adding tenant succeeded"));
1133 static int reload_cnt = 1;
1141 TmEcode UnixSocketReloadTenant(json_t *cmd, json_t* answer,
void *data)
1143 const char *filename = NULL;
1147 SCLogInfo(
"error: multi-tenant support not enabled");
1148 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
1153 json_t *jarg = json_object_get(cmd,
"id");
1154 if (!json_is_integer(jarg)) {
1155 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
1159 if (!JsonU32Value(jarg, &tenant_id)) {
1161 json_object_set_new(answer,
"message", json_string(
"tenant_id is not a uint32"));
1166 jarg = json_object_get(cmd,
"filename");
1168 if (!json_is_string(jarg)) {
1169 json_object_set_new(answer,
"message", json_string(
"command is not a string"));
1172 filename = json_string_value(jarg);
1173 if (
SCStatFn(filename, &st) != 0) {
1174 json_object_set_new(answer,
"message", json_string(
"file does not exist"));
1179 SCLogDebug(
"reload-tenant: %d %s", tenant_id, filename);
1183 json_object_set_new(answer,
"message", json_string(
"reload tenant failed"));
1191 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1196 json_object_set_new(answer,
"message", json_string(
"reloading tenant succeeded"));
1207 TmEcode UnixSocketReloadTenants(json_t *cmd, json_t *answer,
void *data)
1210 SCLogInfo(
"error: multi-tenant support not enabled");
1211 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
1216 json_object_set_new(answer,
"message", json_string(
"reload tenants failed"));
1224 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1231 json_object_set_new(answer,
"message", json_string(
"reloading tenants succeeded"));
1242 TmEcode UnixSocketUnregisterTenant(json_t *cmd, json_t* answer,
void *data)
1245 SCLogInfo(
"error: multi-tenant support not enabled");
1246 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
1251 json_t *jarg = json_object_get(cmd,
"id");
1252 if (!json_is_integer(jarg)) {
1253 SCLogInfo(
"error: command is not a string");
1254 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
1258 if (!JsonU32Value(jarg, &tenant_id)) {
1260 json_object_set_new(answer,
"message", json_string(
"tenant_id is not a uint32"));
1264 SCLogInfo(
"remove-tenant: removing tenant %d", tenant_id);
1268 snprintf(prefix,
sizeof(prefix),
"multi-detect.%u", tenant_id);
1272 json_object_set_new(answer,
"message", json_string(
"tenant detect engine not found"));
1282 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1290 json_object_set_new(answer,
"message", json_string(
"removing tenant succeeded"));
1300 TmEcode UnixSocketHostbitAdd(json_t *cmd, json_t* answer,
void *data_usused)
1303 json_t *jarg = json_object_get(cmd,
"ipaddress");
1304 if (!json_is_string(jarg)) {
1305 json_object_set_new(answer,
"message", json_string(
"ipaddress is not an string"));
1308 const char *ipaddress = json_string_value(jarg);
1312 memset(&in, 0,
sizeof(in));
1313 if (inet_pton(AF_INET, ipaddress, &in) != 1) {
1315 memset(&in6, 0,
sizeof(in6));
1316 if (inet_pton(AF_INET6, ipaddress, &in) != 1) {
1317 json_object_set_new(answer,
"message", json_string(
"invalid address string"));
1321 a.addr_data32[0] = in6[0];
1322 a.addr_data32[1] = in6[1];
1323 a.addr_data32[2] = in6[2];
1324 a.addr_data32[3] = in6[3];
1328 a.addr_data32[0] = in.s_addr;
1329 a.addr_data32[1] = 0;
1330 a.addr_data32[2] = 0;
1331 a.addr_data32[3] = 0;
1335 jarg = json_object_get(cmd,
"hostbit");
1336 if (!json_is_string(jarg)) {
1337 json_object_set_new(answer,
"message", json_string(
"hostbit is not a string"));
1340 const char *hostbit = json_string_value(jarg);
1343 json_object_set_new(answer,
"message", json_string(
"hostbit not found"));
1348 jarg = json_object_get(cmd,
"expire");
1349 if (!json_is_integer(jarg)) {
1350 json_object_set_new(answer,
"message", json_string(
"expire is not an integer"));
1354 if (!JsonU32Value(jarg, &expire)) {
1356 json_object_set_new(answer,
"message", json_string(
"expire is not a uint32"));
1360 SCLogInfo(
"add-hostbit: ip %s hostbit %s expire %us", ipaddress, hostbit, expire);
1365 if (
SCTIME_SECS(current_time) + expire > UINT32_MAX) {
1366 json_object_set_new(answer,
"message", json_string(
"couldn't set host expire"));
1373 json_object_set_new(answer,
"message", json_string(
"hostbit added"));
1376 json_object_set_new(answer,
"message", json_string(
"couldn't create host"));
1387 TmEcode UnixSocketHostbitRemove(json_t *cmd, json_t* answer,
void *data_unused)
1390 json_t *jarg = json_object_get(cmd,
"ipaddress");
1391 if (!json_is_string(jarg)) {
1392 json_object_set_new(answer,
"message", json_string(
"ipaddress is not an string"));
1395 const char *ipaddress = json_string_value(jarg);
1399 memset(&in, 0,
sizeof(in));
1400 if (inet_pton(AF_INET, ipaddress, &in) != 1) {
1402 memset(&in6, 0,
sizeof(in6));
1403 if (inet_pton(AF_INET6, ipaddress, &in) != 1) {
1404 json_object_set_new(answer,
"message", json_string(
"invalid address string"));
1408 a.addr_data32[0] = in6[0];
1409 a.addr_data32[1] = in6[1];
1410 a.addr_data32[2] = in6[2];
1411 a.addr_data32[3] = in6[3];
1415 a.addr_data32[0] = in.s_addr;
1416 a.addr_data32[1] = 0;
1417 a.addr_data32[2] = 0;
1418 a.addr_data32[3] = 0;
1422 jarg = json_object_get(cmd,
"hostbit");
1423 if (!json_is_string(jarg)) {
1424 json_object_set_new(answer,
"message", json_string(
"hostbit is not a string"));
1428 const char *hostbit = json_string_value(jarg);
1431 json_object_set_new(answer,
"message", json_string(
"hostbit not found"));
1435 SCLogInfo(
"remove-hostbit: %s %s", ipaddress, hostbit);
1441 json_object_set_new(answer,
"message", json_string(
"hostbit removed"));
1444 json_object_set_new(answer,
"message", json_string(
"host not found"));
1460 TmEcode UnixSocketHostbitList(json_t *cmd, json_t* answer,
void *data_unused)
1463 json_t *jarg = json_object_get(cmd,
"ipaddress");
1464 if (!json_is_string(jarg)) {
1465 json_object_set_new(answer,
"message", json_string(
"ipaddress is not an string"));
1468 const char *ipaddress = json_string_value(jarg);
1472 memset(&in, 0,
sizeof(in));
1473 if (inet_pton(AF_INET, ipaddress, &in) != 1) {
1475 memset(&in6, 0,
sizeof(in6));
1476 if (inet_pton(AF_INET6, ipaddress, &in) != 1) {
1477 json_object_set_new(answer,
"message", json_string(
"invalid address string"));
1481 a.addr_data32[0] = in6[0];
1482 a.addr_data32[1] = in6[1];
1483 a.addr_data32[2] = in6[2];
1484 a.addr_data32[3] = in6[3];
1488 a.addr_data32[0] = in.s_addr;
1489 a.addr_data32[1] = 0;
1490 a.addr_data32[2] = 0;
1491 a.addr_data32[3] = 0;
1494 SCLogInfo(
"list-hostbit: %s", ipaddress);
1502 memset(&bits, 0,
sizeof(bits));
1507 json_object_set_new(answer,
"message", json_string(
"host not found"));
1512 while (use < 256 &&
HostBitList(host, &iter) == 1) {
1513 bits[use].id = iter->
idx;
1514 bits[use].expire = iter->
expire;
1519 json_t *jdata = json_object();
1520 json_t *jarray = json_array();
1521 if (jarray == NULL || jdata == NULL) {
1525 json_decref(jarray);
1526 json_object_set_new(answer,
"message",
1527 json_string(
"internal error at json object creation"));
1531 for (i = 0; i < use; i++) {
1532 json_t *bitobject = json_object();
1533 if (bitobject == NULL)
1535 uint64_t expire = 0;
1542 json_object_set_new(bitobject,
"name", json_string(
name));
1544 json_object_set_new(bitobject,
"expire", json_integer(expire));
1545 json_array_append_new(jarray, bitobject);
1548 json_object_set_new(jdata,
"count", json_integer(i));
1549 json_object_set_new(jdata,
"hostbits", jarray);
1550 json_object_set_new(answer,
"message", jdata);
1554 static void MemcapBuildValue(uint64_t val,
char *
str, uint32_t str_len)
1556 if ((val / (1024 * 1024 * 1024)) != 0) {
1557 snprintf(
str, str_len,
"%"PRIu64
"gb", val / (1024*1024*1024));
1558 }
else if ((val / (1024 * 1024)) != 0) {
1559 snprintf(
str, str_len,
"%"PRIu64
"mb", val / (1024*1024));
1561 snprintf(
str, str_len,
"%"PRIu64
"kb", val / (1024));
1565 TmEcode UnixSocketSetMemcap(json_t *cmd, json_t* answer,
void *data)
1567 char *memcap = NULL;
1568 char *value_str = NULL;
1571 json_t *jarg = json_object_get(cmd,
"config");
1572 if (!json_is_string(jarg)) {
1573 json_object_set_new(answer,
"message", json_string(
"memcap key is not a string"));
1576 memcap = (
char *)json_string_value(jarg);
1578 jarg = json_object_get(cmd,
"memcap");
1579 if (!json_is_string(jarg)) {
1580 json_object_set_new(answer,
"message", json_string(
"memcap value is not a string"));
1583 value_str = (
char *)json_string_value(jarg);
1587 "memcap from unix socket: %s",
1589 json_object_set_new(answer,
"message",
1590 json_string(
"error parsing memcap specified, "
1591 "value not changed"));
1595 for (
size_t i = 0; i <
ARRAY_SIZE(memcaps); i++) {
1596 if (strcmp(memcaps[i].
name, memcap) == 0 && memcaps[i].
SetFunc) {
1597 int updated = memcaps[i].
SetFunc(value);
1601 snprintf(message,
sizeof(message),
1602 "memcap value for '%s' updated: %"PRIu64
" %s",
1603 memcaps[i].
name, value,
1604 (value == 0) ?
"(unlimited)" :
"");
1605 json_object_set_new(answer,
"message", json_string(message));
1609 snprintf(message,
sizeof(message),
1610 "Unlimited value is not allowed for '%s'", memcaps[i].
name);
1612 if (memcaps[i].GetMemuseFunc()) {
1614 MemcapBuildValue(memcaps[i].GetMemuseFunc(), memuse,
sizeof(memuse));
1615 snprintf(message,
sizeof(message),
1616 "memcap value specified for '%s' is less than the memory in use: %s",
1617 memcaps[i].
name, memuse);
1619 snprintf(message,
sizeof(message),
1620 "memcap value specified for '%s' is less than the memory in use",
1624 json_object_set_new(answer,
"message", json_string(message));
1630 json_object_set_new(answer,
"message",
1631 json_string(
"Memcap value not found. Use 'memcap-list' to show all"));
1635 TmEcode UnixSocketShowMemcap(json_t *cmd, json_t *answer,
void *data)
1637 char *memcap = NULL;
1639 json_t *jarg = json_object_get(cmd,
"config");
1640 if (!json_is_string(jarg)) {
1641 json_object_set_new(answer,
"message", json_string(
"memcap name is not a string"));
1644 memcap = (
char *)json_string_value(jarg);
1646 for (
size_t i = 0; i <
ARRAY_SIZE(memcaps); i++) {
1647 if (strcmp(memcaps[i].
name, memcap) == 0 && memcaps[i].
GetFunc) {
1649 uint64_t val = memcaps[i].
GetFunc();
1650 json_t *jobj = json_object();
1652 json_object_set_new(answer,
"message",
1653 json_string(
"internal error at json object creation"));
1660 MemcapBuildValue(val,
str,
sizeof(
str));
1663 json_object_set_new(jobj,
"value", json_string(
str));
1664 json_object_set_new(answer,
"message", jobj);
1669 json_object_set_new(answer,
"message",
1670 json_string(
"Memcap value not found. Use 'memcap-list' to show all"));
1674 TmEcode UnixSocketShowAllMemcap(json_t *cmd, json_t *answer,
void *data)
1676 json_t *jmemcaps = json_array();
1678 if (jmemcaps == NULL) {
1679 json_object_set_new(answer,
"message",
1680 json_string(
"internal error at json array creation"));
1684 for (
size_t i = 0; i <
ARRAY_SIZE(memcaps); i++) {
1685 json_t *jobj = json_object();
1687 json_decref(jmemcaps);
1688 json_object_set_new(answer,
"message",
1689 json_string(
"internal error at json object creation"));
1693 uint64_t val = memcaps[i].
GetFunc();
1698 MemcapBuildValue(val,
str,
sizeof(
str));
1701 json_object_set_new(jobj,
"name", json_string(memcaps[i].
name));
1702 json_object_set_new(jobj,
"value", json_string(
str));
1703 json_array_append_new(jmemcaps, jobj);
1706 json_object_set_new(answer,
"message", jmemcaps);
1710 TmEcode UnixSocketGetFlowStatsById(json_t *cmd, json_t *answer,
void *data)
1713 json_t *jarg = json_object_get(cmd,
"flow_id");
1714 if (!json_is_integer(jarg)) {
1715 SCLogInfo(
"error: command is not a string");
1716 json_object_set_new(answer,
"message", json_string(
"flow_id is not an integer"));
1719 int64_t flow_id = json_integer_value(jarg);
1723 json_object_set_new(answer,
"message", json_string(
"Not found"));
1733 json_t *flow_info = json_object();
1734 if (flow_info == NULL) {
1737 json_object_set_new(flow_info,
"pkts_toclient", json_integer(tosrcpktcnt));
1738 json_object_set_new(flow_info,
"pkts_toserver", json_integer(todstpktcnt));
1739 json_object_set_new(flow_info,
"bytes_toclient", json_integer(tosrcbytecnt));
1740 json_object_set_new(flow_info,
"bytes_toserver", json_integer(todstbytecnt));
1741 json_object_set_new(flow_info,
"age", json_integer(age));
1742 json_object_set_new(answer,
"message", flow_info);
1747 #ifdef BUILD_UNIX_SOCKET
1751 static int RunModeUnixSocketMaster(
void)
1762 pcapcmd->running = 0;
1763 pcapcmd->current_file = NULL;
1765 memset(&unix_manager_pcap_last_processed, 0,
sizeof(
struct timespec));
1769 UnixManagerRegisterCommand(
"pcap-file", UnixSocketAddPcapFile, pcapcmd,
UNIX_CMD_TAKE_ARGS);
1770 UnixManagerRegisterCommand(
"pcap-file-continuous", UnixSocketAddPcapFileContinuous, pcapcmd,
UNIX_CMD_TAKE_ARGS);
1771 UnixManagerRegisterCommand(
"pcap-file-number", UnixSocketPcapFilesNumber, pcapcmd, 0);
1772 UnixManagerRegisterCommand(
"pcap-file-list", UnixSocketPcapFilesList, pcapcmd, 0);
1773 UnixManagerRegisterCommand(
"pcap-last-processed", UnixSocketPcapLastProcessed, pcapcmd, 0);
1774 UnixManagerRegisterCommand(
"pcap-interrupt", UnixSocketPcapInterrupt, pcapcmd, 0);
1775 UnixManagerRegisterCommand(
"pcap-current", UnixSocketPcapCurrent, pcapcmd, 0);
1777 UnixManagerRegisterBackgroundTask(UnixSocketPcapFilesCheck, pcapcmd);