110 "applayer-proto-http",
138 for (
int i = 0; i < 4; i++) {
139 uint64_t memcap = memcaps[i].
GetFunc();
142 float p = (float)((
double)memuse / (double)memcap);
145 percent =
MAX(p, percent);
151 #ifdef BUILD_UNIX_SOCKET
153 static int RunModeUnixSocketMaster(
void);
154 static int unix_manager_pcap_task_running = 0;
155 static int unix_manager_pcap_task_failed = 0;
156 static int unix_manager_pcap_task_interrupted = 0;
157 static struct timespec unix_manager_pcap_last_processed;
158 static SCCtrlMutex unix_manager_pcap_last_processed_mutex;
165 static TmEcode UnixSocketPcapFilesList(json_t *cmd, json_t* answer,
void *data)
173 jdata = json_object();
175 json_object_set_new(answer,
"message",
176 json_string(
"internal error at json object creation"));
179 jarray = json_array();
180 if (jarray == NULL) {
182 json_object_set_new(answer,
"message",
183 json_string(
"internal error at json object creation"));
190 json_object_set_new(jdata,
"count", json_integer(i));
191 json_object_set_new(jdata,
"files", jarray);
192 json_object_set_new(answer,
"message", jdata);
196 static TmEcode UnixSocketPcapFilesNumber(json_t *cmd, json_t* answer,
void *data)
205 json_object_set_new(answer,
"message", json_integer(i));
209 static TmEcode UnixSocketPcapCurrent(json_t *cmd, json_t* answer,
void *data)
213 if (this->current_file != NULL && this->current_file->filename != NULL) {
214 json_object_set_new(answer,
"message",
215 json_string(this->current_file->filename));
217 json_object_set_new(answer,
"message", json_string(
"None"));
222 static TmEcode UnixSocketPcapLastProcessed(json_t *cmd, json_t *answer,
void *data)
224 json_int_t epoch_millis;
229 json_object_set_new(answer,
"message",
230 json_integer(epoch_millis));
235 static TmEcode UnixSocketPcapInterrupt(json_t *cmd, json_t *answer,
void *data)
237 unix_manager_pcap_task_interrupted = 1;
239 json_object_set_new(answer,
"message", json_string(
"Interrupted"));
244 static void PcapFilesFree(
PcapFiles *cfile)
269 static TmEcode UnixListAddFile(
PcapCommand *
this,
const char *filename,
const char *output_dir,
270 uint32_t tenant_id,
bool continuous,
bool should_delete, time_t delay, time_t poll_interval)
273 if (filename == NULL ||
this == NULL)
301 cfile->
delay = delay;
316 static TmEcode UnixSocketAddPcapFileImpl(json_t *cmd, json_t* answer,
void *data,
320 const char *filename;
321 const char *output_dir;
322 uint32_t tenant_id = 0;
323 bool should_delete =
false;
325 time_t poll_interval = 5;
328 json_t *jarg = json_object_get(cmd,
"filename");
329 if (!json_is_string(jarg)) {
331 json_object_set_new(answer,
"message",
332 json_string(
"filename is not a string"));
335 filename = json_string_value(jarg);
337 json_object_set_new(answer,
"message",
338 json_string(
"filename does not exist"));
342 json_t *oarg = json_object_get(cmd,
"output-dir");
344 if (!json_is_string(oarg)) {
347 json_object_set_new(answer,
"message",
348 json_string(
"output-dir is not a string"));
351 output_dir = json_string_value(oarg);
355 json_object_set_new(answer,
"message",
356 json_string(
"output-dir param is mandatory"));
360 if (
SCStatFn(output_dir, &st) != 0) {
361 json_object_set_new(answer,
"message",
362 json_string(
"output-dir does not exist"));
366 json_t *targ = json_object_get(cmd,
"tenant");
368 if (!json_is_integer(targ)) {
369 json_object_set_new(answer,
"message",
370 json_string(
"tenant is not a number"));
373 tenant_id = json_number_value(targ);
376 json_t *delete_arg = json_object_get(cmd,
"delete-when-done");
377 if (delete_arg != NULL) {
378 should_delete = json_is_true(delete_arg);
381 json_t *delay_arg = json_object_get(cmd,
"delay");
382 if (delay_arg != NULL) {
383 if (!json_is_integer(delay_arg)) {
385 json_object_set_new(answer,
"message",
386 json_string(
"delay is not a integer"));
389 delay = json_integer_value(delay_arg);
392 json_t *interval_arg = json_object_get(cmd,
"poll-interval");
393 if (interval_arg != NULL) {
394 if (!json_is_integer(interval_arg)) {
397 json_object_set_new(answer,
"message",
398 json_string(
"poll-interval is not a integer"));
401 poll_interval = json_integer_value(interval_arg);
404 switch (UnixListAddFile(
this, filename, output_dir, tenant_id, continuous,
405 should_delete, delay, poll_interval)) {
408 json_object_set_new(answer,
"message",
409 json_string(
"Unable to add file to list"));
412 SCLogInfo(
"Added file '%s' to list", filename);
413 json_object_set_new(answer,
"message",
414 json_string(
"Successfully added file to list"));
427 static TmEcode UnixSocketAddPcapFile(json_t *cmd, json_t* answer,
void *data)
429 bool continuous =
false;
431 json_t *cont_arg = json_object_get(cmd,
"continuous");
432 if (cont_arg != NULL) {
433 continuous = json_is_true(cont_arg);
436 return UnixSocketAddPcapFileImpl(cmd, answer, data, continuous);
446 static TmEcode UnixSocketAddPcapFileContinuous(json_t *cmd, json_t* answer,
void *data)
448 return UnixSocketAddPcapFileImpl(cmd, answer, data,
true);
464 static TmEcode UnixSocketPcapFilesCheck(
void *data)
467 if (unix_manager_pcap_task_running == 1) {
470 if ((unix_manager_pcap_task_failed == 1) || (this->running == 1)) {
471 if (unix_manager_pcap_task_failed) {
472 SCLogInfo(
"Preceeding task failed, cleaning the running mode");
474 unix_manager_pcap_task_failed = 0;
480 if (this->current_file) {
481 PcapFilesFree(this->current_file);
483 this->current_file = NULL;
494 unix_manager_pcap_task_running = 1;
499 PcapFilesFree(cfile);
507 set_res =
ConfSetFinal(
"pcap-file.continuous",
"false");
510 SCLogError(
"Can not set continuous mode for pcap processing");
511 PcapFilesFree(cfile);
515 set_res =
ConfSetFinal(
"pcap-file.delete-when-done",
"true");
517 set_res =
ConfSetFinal(
"pcap-file.delete-when-done",
"false");
520 SCLogError(
"Can not set delete mode for pcap processing");
521 PcapFilesFree(cfile);
525 if (cfile->
delay > 0) {
527 snprintf(tstr,
sizeof(tstr),
"%" PRIuMAX, (uintmax_t)cfile->
delay);
529 SCLogError(
"Can not set delay to '%s'", tstr);
530 PcapFilesFree(cfile);
537 snprintf(tstr,
sizeof(tstr),
"%" PRIuMAX, (uintmax_t)cfile->
poll_interval);
538 if (
ConfSetFinal(
"pcap-file.poll-interval", tstr) != 1) {
539 SCLogError(
"Can not set poll-interval to '%s'", tstr);
540 PcapFilesFree(cfile);
547 snprintf(tstr,
sizeof(tstr),
"%u", cfile->
tenant_id);
549 SCLogError(
"Can not set working tenant-id to '%s'", tstr);
550 PcapFilesFree(cfile);
554 SCLogInfo(
"pcap-file.tenant-id not set");
560 PcapFilesFree(cfile);
565 this->current_file = cfile;
567 SCLogInfo(
"Starting run for '%s'", this->current_file->filename);
584 #ifdef BUILD_UNIX_SOCKET
595 #ifdef BUILD_UNIX_SOCKET
598 unix_manager_pcap_last_processed.tv_sec = last_processed->tv_sec;
599 unix_manager_pcap_last_processed.tv_nsec = last_processed->tv_nsec;
604 SCLogInfo(
"Marking current task as done");
605 unix_manager_pcap_task_running = 0;
608 SCLogInfo(
"Marking current task as failed");
609 unix_manager_pcap_task_running = 0;
610 unix_manager_pcap_task_failed = 1;
614 if (unix_manager_pcap_task_interrupted == 1) {
615 SCLogInfo(
"Interrupting current run mode");
616 unix_manager_pcap_task_interrupted = 0;
626 #ifdef BUILD_UNIX_SOCKET
634 TmEcode UnixSocketDatasetAdd(json_t *cmd, json_t* answer,
void *data)
637 json_t *narg = json_object_get(cmd,
"setname");
638 if (!json_is_string(narg)) {
639 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
642 const char *set_name = json_string_value(narg);
645 json_t *targ = json_object_get(cmd,
"settype");
646 if (!json_is_string(targ)) {
647 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
650 const char *
type = json_string_value(targ);
653 json_t *varg = json_object_get(cmd,
"datavalue");
654 if (!json_is_string(varg)) {
655 json_object_set_new(answer,
"message", json_string(
"datavalue is not string"));
658 const char *value = json_string_value(varg);
660 SCLogDebug(
"dataset-add: %s type %s value %s", set_name,
type, value);
664 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
670 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
676 json_object_set_new(answer,
"message", json_string(
"data added"));
679 json_object_set_new(answer,
"message", json_string(
"data already in set"));
682 json_object_set_new(answer,
"message", json_string(
"failed to add data"));
687 TmEcode UnixSocketDatasetRemove(json_t *cmd, json_t* answer,
void *data)
690 json_t *narg = json_object_get(cmd,
"setname");
691 if (!json_is_string(narg)) {
692 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
695 const char *set_name = json_string_value(narg);
698 json_t *targ = json_object_get(cmd,
"settype");
699 if (!json_is_string(targ)) {
700 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
703 const char *
type = json_string_value(targ);
706 json_t *varg = json_object_get(cmd,
"datavalue");
707 if (!json_is_string(varg)) {
708 json_object_set_new(answer,
"message", json_string(
"datavalue is not string"));
711 const char *value = json_string_value(varg);
713 SCLogDebug(
"dataset-remove: %s type %s value %s", set_name,
type, value);
717 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
723 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
729 json_object_set_new(answer,
"message", json_string(
"data removed"));
732 json_object_set_new(answer,
"message", json_string(
"data is busy, try again"));
735 json_object_set_new(answer,
"message", json_string(
"failed to remove data"));
740 TmEcode UnixSocketDatasetDump(json_t *cmd, json_t *answer,
void *data)
745 json_object_set_new(answer,
"message", json_string(
"datasets dump done"));
749 TmEcode UnixSocketDatasetClear(json_t *cmd, json_t *answer,
void *data)
752 json_t *narg = json_object_get(cmd,
"setname");
753 if (!json_is_string(narg)) {
754 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
757 const char *set_name = json_string_value(narg);
760 json_t *targ = json_object_get(cmd,
"settype");
761 if (!json_is_string(targ)) {
762 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
765 const char *
type = json_string_value(targ);
769 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
775 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
781 json_object_set_new(answer,
"message", json_string(
"dataset cleared"));
785 TmEcode UnixSocketDatasetLookup(json_t *cmd, json_t *answer,
void *data)
788 json_t *narg = json_object_get(cmd,
"setname");
789 if (!json_is_string(narg)) {
790 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
793 const char *set_name = json_string_value(narg);
796 json_t *targ = json_object_get(cmd,
"settype");
797 if (!json_is_string(targ)) {
798 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
801 const char *
type = json_string_value(targ);
804 json_t *varg = json_object_get(cmd,
"datavalue");
805 if (!json_is_string(varg)) {
806 json_object_set_new(answer,
"message", json_string(
"datavalue is not string"));
809 const char *value = json_string_value(varg);
811 SCLogDebug(
"dataset-exist: %s type %s value %s", set_name,
type, value);
815 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
821 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
826 json_object_set_new(answer,
"message", json_string(
"item found in set"));
829 json_object_set_new(answer,
"message", json_string(
"item not found in set"));
841 TmEcode UnixSocketRegisterTenantHandler(json_t *cmd, json_t* answer,
void *data)
844 json_int_t traffic_id = -1;
847 SCLogInfo(
"error: multi-tenant support not enabled");
848 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
853 json_t *jarg = json_object_get(cmd,
"id");
854 if (!json_is_integer(jarg)) {
855 SCLogInfo(
"error: command is not a string");
856 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
859 uint32_t tenant_id = json_integer_value(jarg);
862 jarg = json_object_get(cmd,
"htype");
863 if (!json_is_string(jarg)) {
864 SCLogInfo(
"error: command is not a string");
865 json_object_set_new(answer,
"message", json_string(
"command is not a string"));
868 htype = json_string_value(jarg);
870 SCLogDebug(
"add-tenant-handler: %d %s", tenant_id, htype);
873 json_t *hargs = json_object_get(cmd,
"hargs");
875 if (!json_is_integer(hargs)) {
877 json_object_set_new(answer,
"message", json_string(
"hargs not a number"));
880 traffic_id = json_integer_value(hargs);
885 if (strcmp(htype,
"pcap") == 0) {
887 }
else if (strcmp(htype,
"vlan") == 0) {
888 if (traffic_id < 0) {
889 json_object_set_new(answer,
"message", json_string(
"vlan requires argument"));
892 if (traffic_id > USHRT_MAX) {
893 json_object_set_new(answer,
"message", json_string(
"vlan argument out of range"));
897 SCLogInfo(
"VLAN handler: id %u maps to tenant %u", (uint32_t)traffic_id, tenant_id);
901 json_object_set_new(answer,
"message", json_string(
"handler setup failure"));
906 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
911 json_object_set_new(answer,
"message", json_string(
"handler added"));
922 TmEcode UnixSocketUnregisterTenantHandler(json_t *cmd, json_t* answer,
void *data)
925 json_int_t traffic_id = -1;
928 SCLogInfo(
"error: multi-tenant support not enabled");
929 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
934 json_t *jarg = json_object_get(cmd,
"id");
935 if (!json_is_integer(jarg)) {
936 SCLogInfo(
"error: command is not a string");
937 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
940 uint32_t tenant_id = json_integer_value(jarg);
943 jarg = json_object_get(cmd,
"htype");
944 if (!json_is_string(jarg)) {
945 SCLogInfo(
"error: command is not a string");
946 json_object_set_new(answer,
"message", json_string(
"command is not a string"));
949 htype = json_string_value(jarg);
951 SCLogDebug(
"add-tenant-handler: %d %s", tenant_id, htype);
954 json_t *hargs = json_object_get(cmd,
"hargs");
956 if (!json_is_integer(hargs)) {
958 json_object_set_new(answer,
"message", json_string(
"hargs not a number"));
961 traffic_id = json_integer_value(hargs);
966 if (strcmp(htype,
"pcap") == 0) {
968 }
else if (strcmp(htype,
"vlan") == 0) {
969 if (traffic_id < 0) {
970 json_object_set_new(answer,
"message", json_string(
"vlan requires argument"));
973 if (traffic_id > USHRT_MAX) {
974 json_object_set_new(answer,
"message", json_string(
"vlan argument out of range"));
978 SCLogInfo(
"VLAN handler: removing mapping of %u to tenant %u", (uint32_t)traffic_id, tenant_id);
982 json_object_set_new(answer,
"message", json_string(
"handler unregister failure"));
988 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
993 json_object_set_new(answer,
"message", json_string(
"handler removed"));
1004 TmEcode UnixSocketRegisterTenant(json_t *cmd, json_t* answer,
void *data)
1006 const char *filename;
1010 SCLogInfo(
"error: multi-tenant support not enabled");
1011 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
1016 json_t *jarg = json_object_get(cmd,
"id");
1017 if (!json_is_integer(jarg)) {
1018 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
1021 uint32_t tenant_id = json_integer_value(jarg);
1024 jarg = json_object_get(cmd,
"filename");
1025 if (!json_is_string(jarg)) {
1026 json_object_set_new(answer,
"message", json_string(
"command is not a string"));
1029 filename = json_string_value(jarg);
1030 if (
SCStatFn(filename, &st) != 0) {
1031 json_object_set_new(answer,
"message", json_string(
"file does not exist"));
1035 SCLogDebug(
"add-tenant: %d %s", tenant_id, filename);
1040 snprintf(prefix,
sizeof(prefix),
"multi-detect.%u", tenant_id);
1042 SCLogError(
"failed to load yaml %s", filename);
1043 json_object_set_new(answer,
"message", json_string(
"failed to load yaml"));
1049 json_object_set_new(answer,
"message", json_string(
"adding tenant failed"));
1055 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1060 json_object_set_new(answer,
"message", json_string(
"adding tenant succeeded"));
1064 static int reload_cnt = 1;
1072 TmEcode UnixSocketReloadTenant(json_t *cmd, json_t* answer,
void *data)
1074 const char *filename = NULL;
1078 SCLogInfo(
"error: multi-tenant support not enabled");
1079 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
1084 json_t *jarg = json_object_get(cmd,
"id");
1085 if (!json_is_integer(jarg)) {
1086 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
1089 uint32_t tenant_id = json_integer_value(jarg);
1092 jarg = json_object_get(cmd,
"filename");
1094 if (!json_is_string(jarg)) {
1095 json_object_set_new(answer,
"message", json_string(
"command is not a string"));
1098 filename = json_string_value(jarg);
1099 if (
SCStatFn(filename, &st) != 0) {
1100 json_object_set_new(answer,
"message", json_string(
"file does not exist"));
1105 SCLogDebug(
"reload-tenant: %d %s", tenant_id, filename);
1109 json_object_set_new(answer,
"message", json_string(
"reload tenant failed"));
1117 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1122 json_object_set_new(answer,
"message", json_string(
"reloading tenant succeeded"));
1133 TmEcode UnixSocketReloadTenants(json_t *cmd, json_t *answer,
void *data)
1136 SCLogInfo(
"error: multi-tenant support not enabled");
1137 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
1142 json_object_set_new(answer,
"message", json_string(
"reload tenants failed"));
1150 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1157 json_object_set_new(answer,
"message", json_string(
"reloading tenants succeeded"));
1168 TmEcode UnixSocketUnregisterTenant(json_t *cmd, json_t* answer,
void *data)
1171 SCLogInfo(
"error: multi-tenant support not enabled");
1172 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
1177 json_t *jarg = json_object_get(cmd,
"id");
1178 if (!json_is_integer(jarg)) {
1179 SCLogInfo(
"error: command is not a string");
1180 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
1183 uint32_t tenant_id = json_integer_value(jarg);
1185 SCLogInfo(
"remove-tenant: removing tenant %d", tenant_id);
1189 snprintf(prefix,
sizeof(prefix),
"multi-detect.%u", tenant_id);
1193 json_object_set_new(answer,
"message", json_string(
"tenant detect engine not found"));
1203 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1211 json_object_set_new(answer,
"message", json_string(
"removing tenant succeeded"));
1221 TmEcode UnixSocketHostbitAdd(json_t *cmd, json_t* answer,
void *data_usused)
1224 json_t *jarg = json_object_get(cmd,
"ipaddress");
1225 if (!json_is_string(jarg)) {
1226 json_object_set_new(answer,
"message", json_string(
"ipaddress is not an string"));
1229 const char *ipaddress = json_string_value(jarg);
1233 memset(&in, 0,
sizeof(in));
1234 if (inet_pton(AF_INET, ipaddress, &in) != 1) {
1236 memset(&in6, 0,
sizeof(in6));
1237 if (inet_pton(AF_INET6, ipaddress, &in) != 1) {
1238 json_object_set_new(answer,
"message", json_string(
"invalid address string"));
1242 a.addr_data32[0] = in6[0];
1243 a.addr_data32[1] = in6[1];
1244 a.addr_data32[2] = in6[2];
1245 a.addr_data32[3] = in6[3];
1249 a.addr_data32[0] = in.s_addr;
1250 a.addr_data32[1] = 0;
1251 a.addr_data32[2] = 0;
1252 a.addr_data32[3] = 0;
1256 jarg = json_object_get(cmd,
"hostbit");
1257 if (!json_is_string(jarg)) {
1258 json_object_set_new(answer,
"message", json_string(
"hostbit is not a string"));
1261 const char *hostbit = json_string_value(jarg);
1264 json_object_set_new(answer,
"message", json_string(
"hostbit not found"));
1269 jarg = json_object_get(cmd,
"expire");
1270 if (!json_is_integer(jarg)) {
1271 json_object_set_new(answer,
"message", json_string(
"expire is not an integer"));
1274 uint32_t expire = json_integer_value(jarg);
1276 SCLogInfo(
"add-hostbit: ip %s hostbit %s expire %us", ipaddress, hostbit, expire);
1284 json_object_set_new(answer,
"message", json_string(
"hostbit added"));
1287 json_object_set_new(answer,
"message", json_string(
"couldn't create host"));
1298 TmEcode UnixSocketHostbitRemove(json_t *cmd, json_t* answer,
void *data_unused)
1301 json_t *jarg = json_object_get(cmd,
"ipaddress");
1302 if (!json_is_string(jarg)) {
1303 json_object_set_new(answer,
"message", json_string(
"ipaddress is not an string"));
1306 const char *ipaddress = json_string_value(jarg);
1310 memset(&in, 0,
sizeof(in));
1311 if (inet_pton(AF_INET, ipaddress, &in) != 1) {
1313 memset(&in6, 0,
sizeof(in6));
1314 if (inet_pton(AF_INET6, ipaddress, &in) != 1) {
1315 json_object_set_new(answer,
"message", json_string(
"invalid address string"));
1319 a.addr_data32[0] = in6[0];
1320 a.addr_data32[1] = in6[1];
1321 a.addr_data32[2] = in6[2];
1322 a.addr_data32[3] = in6[3];
1326 a.addr_data32[0] = in.s_addr;
1327 a.addr_data32[1] = 0;
1328 a.addr_data32[2] = 0;
1329 a.addr_data32[3] = 0;
1333 jarg = json_object_get(cmd,
"hostbit");
1334 if (!json_is_string(jarg)) {
1335 json_object_set_new(answer,
"message", json_string(
"hostbit is not a string"));
1339 const char *hostbit = json_string_value(jarg);
1342 json_object_set_new(answer,
"message", json_string(
"hostbit not found"));
1346 SCLogInfo(
"remove-hostbit: %s %s", ipaddress, hostbit);
1352 json_object_set_new(answer,
"message", json_string(
"hostbit removed"));
1355 json_object_set_new(answer,
"message", json_string(
"host not found"));
1371 TmEcode UnixSocketHostbitList(json_t *cmd, json_t* answer,
void *data_unused)
1374 json_t *jarg = json_object_get(cmd,
"ipaddress");
1375 if (!json_is_string(jarg)) {
1376 json_object_set_new(answer,
"message", json_string(
"ipaddress is not an string"));
1379 const char *ipaddress = json_string_value(jarg);
1383 memset(&in, 0,
sizeof(in));
1384 if (inet_pton(AF_INET, ipaddress, &in) != 1) {
1386 memset(&in6, 0,
sizeof(in6));
1387 if (inet_pton(AF_INET6, ipaddress, &in) != 1) {
1388 json_object_set_new(answer,
"message", json_string(
"invalid address string"));
1392 a.addr_data32[0] = in6[0];
1393 a.addr_data32[1] = in6[1];
1394 a.addr_data32[2] = in6[2];
1395 a.addr_data32[3] = in6[3];
1399 a.addr_data32[0] = in.s_addr;
1400 a.addr_data32[1] = 0;
1401 a.addr_data32[2] = 0;
1402 a.addr_data32[3] = 0;
1405 SCLogInfo(
"list-hostbit: %s", ipaddress);
1413 memset(&bits, 0,
sizeof(bits));
1418 json_object_set_new(answer,
"message", json_string(
"host not found"));
1423 while (use < 256 &&
HostBitList(host, &iter) == 1) {
1424 bits[use].id = iter->
idx;
1425 bits[use].expire = iter->
expire;
1430 json_t *jdata = json_object();
1431 json_t *jarray = json_array();
1432 if (jarray == NULL || jdata == NULL) {
1436 json_decref(jarray);
1437 json_object_set_new(answer,
"message",
1438 json_string(
"internal error at json object creation"));
1442 for (i = 0; i < use; i++) {
1443 json_t *bitobject = json_object();
1444 if (bitobject == NULL)
1446 uint32_t expire = 0;
1453 json_object_set_new(bitobject,
"name", json_string(name));
1454 SCLogDebug(
"xbit %s expire %u", name, expire);
1455 json_object_set_new(bitobject,
"expire", json_integer(expire));
1456 json_array_append_new(jarray, bitobject);
1459 json_object_set_new(jdata,
"count", json_integer(i));
1460 json_object_set_new(jdata,
"hostbits", jarray);
1461 json_object_set_new(answer,
"message", jdata);
1465 static void MemcapBuildValue(uint64_t val,
char *
str, uint32_t str_len)
1467 if ((val / (1024 * 1024 * 1024)) != 0) {
1468 snprintf(
str, str_len,
"%"PRIu64
"gb", val / (1024*1024*1024));
1469 }
else if ((val / (1024 * 1024)) != 0) {
1470 snprintf(
str, str_len,
"%"PRIu64
"mb", val / (1024*1024));
1472 snprintf(
str, str_len,
"%"PRIu64
"kb", val / (1024));
1476 TmEcode UnixSocketSetMemcap(json_t *cmd, json_t* answer,
void *data)
1478 char *memcap = NULL;
1479 char *value_str = NULL;
1483 json_t *jarg = json_object_get(cmd,
"config");
1484 if (!json_is_string(jarg)) {
1485 json_object_set_new(answer,
"message", json_string(
"memcap key is not a string"));
1488 memcap = (
char *)json_string_value(jarg);
1490 jarg = json_object_get(cmd,
"memcap");
1491 if (!json_is_string(jarg)) {
1492 json_object_set_new(answer,
"message", json_string(
"memcap value is not a string"));
1495 value_str = (
char *)json_string_value(jarg);
1499 "memcap from unix socket: %s",
1501 json_object_set_new(answer,
"message",
1502 json_string(
"error parsing memcap specified, "
1503 "value not changed"));
1508 if (strcmp(memcaps[i].name, memcap) == 0 && memcaps[i].SetFunc) {
1509 int updated = memcaps[i].
SetFunc(value);
1513 snprintf(message,
sizeof(message),
1514 "memcap value for '%s' updated: %"PRIu64
" %s",
1515 memcaps[i].name, value,
1516 (value == 0) ?
"(unlimited)" :
"");
1517 json_object_set_new(answer,
"message", json_string(message));
1521 snprintf(message,
sizeof(message),
1522 "Unlimited value is not allowed for '%s'", memcaps[i].name);
1524 if (memcaps[i].GetMemuseFunc()) {
1526 MemcapBuildValue(memcaps[i].GetMemuseFunc(), memuse,
sizeof(memuse));
1527 snprintf(message,
sizeof(message),
1528 "memcap value specified for '%s' is less than the memory in use: %s",
1529 memcaps[i].name, memuse);
1531 snprintf(message,
sizeof(message),
1532 "memcap value specified for '%s' is less than the memory in use",
1536 json_object_set_new(answer,
"message", json_string(message));
1542 json_object_set_new(answer,
"message",
1543 json_string(
"Memcap value not found. Use 'memcap-list' to show all"));
1547 TmEcode UnixSocketShowMemcap(json_t *cmd, json_t *answer,
void *data)
1549 char *memcap = NULL;
1552 json_t *jarg = json_object_get(cmd,
"config");
1553 if (!json_is_string(jarg)) {
1554 json_object_set_new(answer,
"message", json_string(
"memcap name is not a string"));
1557 memcap = (
char *)json_string_value(jarg);
1560 if (strcmp(memcaps[i].name, memcap) == 0 && memcaps[i].
GetFunc) {
1562 uint64_t val = memcaps[i].
GetFunc();
1563 json_t *jobj = json_object();
1565 json_object_set_new(answer,
"message",
1566 json_string(
"internal error at json object creation"));
1573 MemcapBuildValue(val,
str,
sizeof(
str));
1576 json_object_set_new(jobj,
"value", json_string(
str));
1577 json_object_set_new(answer,
"message", jobj);
1582 json_object_set_new(answer,
"message",
1583 json_string(
"Memcap value not found. Use 'memcap-list' to show all"));
1587 TmEcode UnixSocketShowAllMemcap(json_t *cmd, json_t *answer,
void *data)
1589 json_t *jmemcaps = json_array();
1592 if (jmemcaps == NULL) {
1593 json_object_set_new(answer,
"message",
1594 json_string(
"internal error at json array creation"));
1599 json_t *jobj = json_object();
1601 json_decref(jmemcaps);
1602 json_object_set_new(answer,
"message",
1603 json_string(
"internal error at json object creation"));
1607 uint64_t val = memcaps[i].
GetFunc();
1612 MemcapBuildValue(val,
str,
sizeof(
str));
1615 json_object_set_new(jobj,
"name", json_string(memcaps[i].name));
1616 json_object_set_new(jobj,
"value", json_string(
str));
1617 json_array_append_new(jmemcaps, jobj);
1620 json_object_set_new(answer,
"message", jmemcaps);
1624 TmEcode UnixSocketGetFlowStatsById(json_t *cmd, json_t *answer,
void *data)
1627 json_t *jarg = json_object_get(cmd,
"flow_id");
1628 if (!json_is_integer(jarg)) {
1629 SCLogInfo(
"error: command is not a string");
1630 json_object_set_new(answer,
"message", json_string(
"flow_id is not an integer"));
1633 int64_t flow_id = json_integer_value(jarg);
1637 json_object_set_new(answer,
"message", json_string(
"Not found"));
1647 json_t *flow_info = json_object();
1648 if (flow_info == NULL) {
1651 json_object_set_new(flow_info,
"pkts_toclient", json_integer(tosrcpktcnt));
1652 json_object_set_new(flow_info,
"pkts_toserver", json_integer(todstpktcnt));
1653 json_object_set_new(flow_info,
"bytes_toclient", json_integer(tosrcbytecnt));
1654 json_object_set_new(flow_info,
"bytes_toserver", json_integer(todstbytecnt));
1655 json_object_set_new(flow_info,
"age", json_integer(age));
1656 json_object_set_new(answer,
"message", flow_info);
1661 #ifdef BUILD_UNIX_SOCKET
1665 static int RunModeUnixSocketMaster(
void)
1676 pcapcmd->running = 0;
1677 pcapcmd->current_file = NULL;
1679 memset(&unix_manager_pcap_last_processed, 0,
sizeof(
struct timespec));
1683 UnixManagerRegisterCommand(
"pcap-file", UnixSocketAddPcapFile, pcapcmd,
UNIX_CMD_TAKE_ARGS);
1684 UnixManagerRegisterCommand(
"pcap-file-continuous", UnixSocketAddPcapFileContinuous, pcapcmd,
UNIX_CMD_TAKE_ARGS);
1685 UnixManagerRegisterCommand(
"pcap-file-number", UnixSocketPcapFilesNumber, pcapcmd, 0);
1686 UnixManagerRegisterCommand(
"pcap-file-list", UnixSocketPcapFilesList, pcapcmd, 0);
1687 UnixManagerRegisterCommand(
"pcap-last-processed", UnixSocketPcapLastProcessed, pcapcmd, 0);
1688 UnixManagerRegisterCommand(
"pcap-interrupt", UnixSocketPcapInterrupt, pcapcmd, 0);
1689 UnixManagerRegisterCommand(
"pcap-current", UnixSocketPcapCurrent, pcapcmd, 0);
1691 UnixManagerRegisterBackgroundTask(UnixSocketPcapFilesCheck, pcapcmd);