110 "applayer-proto-http",
138 for (
int i = 0; i < 4; i++) {
139 uint64_t memcap = memcaps[i].
GetFunc();
142 float p = (float)((
double)memuse / (double)memcap);
145 percent =
MAX(p, percent);
151 #ifdef BUILD_UNIX_SOCKET
153 static int RunModeUnixSocketMaster(
void);
154 static int unix_manager_pcap_task_running = 0;
155 static int unix_manager_pcap_task_failed = 0;
156 static int unix_manager_pcap_task_interrupted = 0;
157 static struct timespec unix_manager_pcap_last_processed;
158 static SCCtrlMutex unix_manager_pcap_last_processed_mutex;
165 static TmEcode UnixSocketPcapFilesList(json_t *cmd, json_t* answer,
void *data)
173 jdata = json_object();
175 json_object_set_new(answer,
"message",
176 json_string(
"internal error at json object creation"));
179 jarray = json_array();
180 if (jarray == NULL) {
182 json_object_set_new(answer,
"message",
183 json_string(
"internal error at json object creation"));
190 json_object_set_new(jdata,
"count", json_integer(i));
191 json_object_set_new(jdata,
"files", jarray);
192 json_object_set_new(answer,
"message", jdata);
196 static TmEcode UnixSocketPcapFilesNumber(json_t *cmd, json_t* answer,
void *data)
205 json_object_set_new(answer,
"message", json_integer(i));
209 static TmEcode UnixSocketPcapCurrent(json_t *cmd, json_t* answer,
void *data)
213 if (this->current_file != NULL && this->current_file->filename != NULL) {
214 json_object_set_new(answer,
"message",
215 json_string(this->current_file->filename));
217 json_object_set_new(answer,
"message", json_string(
"None"));
222 static TmEcode UnixSocketPcapLastProcessed(json_t *cmd, json_t *answer,
void *data)
224 json_int_t epoch_millis;
229 json_object_set_new(answer,
"message",
230 json_integer(epoch_millis));
235 static TmEcode UnixSocketPcapInterrupt(json_t *cmd, json_t *answer,
void *data)
237 unix_manager_pcap_task_interrupted = 1;
239 json_object_set_new(answer,
"message", json_string(
"Interrupted"));
244 static void PcapFilesFree(
PcapFiles *cfile)
269 static TmEcode UnixListAddFile(
PcapCommand *
this,
const char *filename,
const char *output_dir,
270 uint32_t tenant_id,
bool continuous,
bool should_delete, time_t delay, time_t poll_interval)
273 if (filename == NULL ||
this == NULL)
301 cfile->
delay = delay;
316 static TmEcode UnixSocketAddPcapFileImpl(json_t *cmd, json_t* answer,
void *data,
320 const char *filename;
321 const char *output_dir;
322 uint32_t tenant_id = 0;
323 bool should_delete =
false;
325 time_t poll_interval = 5;
328 json_t *jarg = json_object_get(cmd,
"filename");
329 if (!json_is_string(jarg)) {
331 json_object_set_new(answer,
"message",
332 json_string(
"filename is not a string"));
335 filename = json_string_value(jarg);
337 json_object_set_new(answer,
"message",
338 json_string(
"filename does not exist"));
342 json_t *oarg = json_object_get(cmd,
"output-dir");
344 if (!json_is_string(oarg)) {
347 json_object_set_new(answer,
"message",
348 json_string(
"output-dir is not a string"));
351 output_dir = json_string_value(oarg);
355 json_object_set_new(answer,
"message",
356 json_string(
"output-dir param is mandatory"));
360 if (
SCStatFn(output_dir, &st) != 0) {
361 json_object_set_new(answer,
"message",
362 json_string(
"output-dir does not exist"));
366 json_t *targ = json_object_get(cmd,
"tenant");
368 if (!json_is_integer(targ)) {
369 json_object_set_new(answer,
"message",
370 json_string(
"tenant is not a number"));
373 tenant_id = json_number_value(targ);
376 json_t *delete_arg = json_object_get(cmd,
"delete-when-done");
377 if (delete_arg != NULL) {
378 should_delete = json_is_true(delete_arg);
381 json_t *delay_arg = json_object_get(cmd,
"delay");
382 if (delay_arg != NULL) {
383 if (!json_is_integer(delay_arg)) {
385 json_object_set_new(answer,
"message",
386 json_string(
"delay is not a integer"));
389 delay = json_integer_value(delay_arg);
392 json_t *interval_arg = json_object_get(cmd,
"poll-interval");
393 if (interval_arg != NULL) {
394 if (!json_is_integer(interval_arg)) {
397 json_object_set_new(answer,
"message",
398 json_string(
"poll-interval is not a integer"));
401 poll_interval = json_integer_value(interval_arg);
404 switch (UnixListAddFile(
this, filename, output_dir, tenant_id, continuous,
405 should_delete, delay, poll_interval)) {
408 json_object_set_new(answer,
"message",
409 json_string(
"Unable to add file to list"));
412 SCLogInfo(
"Added file '%s' to list", filename);
413 json_object_set_new(answer,
"message",
414 json_string(
"Successfully added file to list"));
427 static TmEcode UnixSocketAddPcapFile(json_t *cmd, json_t* answer,
void *data)
429 bool continuous =
false;
431 json_t *cont_arg = json_object_get(cmd,
"continuous");
432 if (cont_arg != NULL) {
433 continuous = json_is_true(cont_arg);
436 return UnixSocketAddPcapFileImpl(cmd, answer, data, continuous);
446 static TmEcode UnixSocketAddPcapFileContinuous(json_t *cmd, json_t* answer,
void *data)
448 return UnixSocketAddPcapFileImpl(cmd, answer, data,
true);
464 static TmEcode UnixSocketPcapFilesCheck(
void *data)
467 if (unix_manager_pcap_task_running == 1) {
470 if ((unix_manager_pcap_task_failed == 1) || (this->running == 1)) {
471 if (unix_manager_pcap_task_failed) {
472 SCLogInfo(
"Preceeding task failed, cleaning the running mode");
474 unix_manager_pcap_task_failed = 0;
480 if (this->current_file) {
481 PcapFilesFree(this->current_file);
483 this->current_file = NULL;
494 unix_manager_pcap_task_running = 1;
499 PcapFilesFree(cfile);
507 set_res =
ConfSetFinal(
"pcap-file.continuous",
"false");
510 SCLogError(
"Can not set continuous mode for pcap processing");
511 PcapFilesFree(cfile);
515 set_res =
ConfSetFinal(
"pcap-file.delete-when-done",
"true");
517 set_res =
ConfSetFinal(
"pcap-file.delete-when-done",
"false");
520 SCLogError(
"Can not set delete mode for pcap processing");
521 PcapFilesFree(cfile);
525 if (cfile->
delay > 0) {
527 snprintf(tstr,
sizeof(tstr),
"%" PRIuMAX, (uintmax_t)cfile->
delay);
529 SCLogError(
"Can not set delay to '%s'", tstr);
530 PcapFilesFree(cfile);
537 snprintf(tstr,
sizeof(tstr),
"%" PRIuMAX, (uintmax_t)cfile->
poll_interval);
538 if (
ConfSetFinal(
"pcap-file.poll-interval", tstr) != 1) {
539 SCLogError(
"Can not set poll-interval to '%s'", tstr);
540 PcapFilesFree(cfile);
547 snprintf(tstr,
sizeof(tstr),
"%u", cfile->
tenant_id);
549 SCLogError(
"Can not set working tenant-id to '%s'", tstr);
550 PcapFilesFree(cfile);
554 SCLogInfo(
"pcap-file.tenant-id not set");
560 PcapFilesFree(cfile);
565 this->current_file = cfile;
567 SCLogInfo(
"Starting run for '%s'", this->current_file->filename);
584 #ifdef BUILD_UNIX_SOCKET
595 #ifdef BUILD_UNIX_SOCKET
598 unix_manager_pcap_last_processed.tv_sec = last_processed->tv_sec;
599 unix_manager_pcap_last_processed.tv_nsec = last_processed->tv_nsec;
604 SCLogInfo(
"Marking current task as done");
605 unix_manager_pcap_task_running = 0;
608 SCLogInfo(
"Marking current task as failed");
609 unix_manager_pcap_task_running = 0;
610 unix_manager_pcap_task_failed = 1;
614 if (unix_manager_pcap_task_interrupted == 1) {
615 SCLogInfo(
"Interrupting current run mode");
616 unix_manager_pcap_task_interrupted = 0;
626 #ifdef BUILD_UNIX_SOCKET
634 TmEcode UnixSocketDatasetAdd(json_t *cmd, json_t* answer,
void *data)
637 json_t *narg = json_object_get(cmd,
"setname");
638 if (!json_is_string(narg)) {
639 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
642 const char *set_name = json_string_value(narg);
645 json_t *targ = json_object_get(cmd,
"settype");
646 if (!json_is_string(targ)) {
647 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
650 const char *
type = json_string_value(targ);
653 json_t *varg = json_object_get(cmd,
"datavalue");
654 if (!json_is_string(varg)) {
655 json_object_set_new(answer,
"message", json_string(
"datavalue is not string"));
658 const char *value = json_string_value(varg);
660 SCLogDebug(
"dataset-add: %s type %s value %s", set_name,
type, value);
664 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
670 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
676 json_object_set_new(answer,
"message", json_string(
"data added"));
679 json_object_set_new(answer,
"message", json_string(
"data already in set"));
682 json_object_set_new(answer,
"message", json_string(
"failed to add data"));
687 TmEcode UnixSocketDatasetRemove(json_t *cmd, json_t* answer,
void *data)
690 json_t *narg = json_object_get(cmd,
"setname");
691 if (!json_is_string(narg)) {
692 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
695 const char *set_name = json_string_value(narg);
698 json_t *targ = json_object_get(cmd,
"settype");
699 if (!json_is_string(targ)) {
700 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
703 const char *
type = json_string_value(targ);
706 json_t *varg = json_object_get(cmd,
"datavalue");
707 if (!json_is_string(varg)) {
708 json_object_set_new(answer,
"message", json_string(
"datavalue is not string"));
711 const char *value = json_string_value(varg);
713 SCLogDebug(
"dataset-remove: %s type %s value %s", set_name,
type, value);
717 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
723 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
729 json_object_set_new(answer,
"message", json_string(
"data removed"));
732 json_object_set_new(answer,
"message", json_string(
"data is busy, try again"));
735 json_object_set_new(answer,
"message", json_string(
"failed to remove data"));
740 TmEcode UnixSocketDatasetDump(json_t *cmd, json_t *answer,
void *data)
745 json_object_set_new(answer,
"message", json_string(
"datasets dump done"));
749 TmEcode UnixSocketDatasetClear(json_t *cmd, json_t *answer,
void *data)
752 json_t *narg = json_object_get(cmd,
"setname");
753 if (!json_is_string(narg)) {
754 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
757 const char *set_name = json_string_value(narg);
760 json_t *targ = json_object_get(cmd,
"settype");
761 if (!json_is_string(targ)) {
762 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
765 const char *
type = json_string_value(targ);
769 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
775 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
781 json_object_set_new(answer,
"message", json_string(
"dataset cleared"));
785 TmEcode UnixSocketDatasetLookup(json_t *cmd, json_t *answer,
void *data)
788 json_t *narg = json_object_get(cmd,
"setname");
789 if (!json_is_string(narg)) {
790 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
793 const char *set_name = json_string_value(narg);
796 json_t *targ = json_object_get(cmd,
"settype");
797 if (!json_is_string(targ)) {
798 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
801 const char *
type = json_string_value(targ);
804 json_t *varg = json_object_get(cmd,
"datavalue");
805 if (!json_is_string(varg)) {
806 json_object_set_new(answer,
"message", json_string(
"datavalue is not string"));
809 const char *value = json_string_value(varg);
811 SCLogDebug(
"dataset-exist: %s type %s value %s", set_name,
type, value);
815 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
821 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
826 json_object_set_new(answer,
"message", json_string(
"item found in set"));
829 json_object_set_new(answer,
"message", json_string(
"item not found in set"));
834 static bool JsonU32Value(json_t *jarg, uint32_t *ret)
836 int64_t r = json_integer_value(jarg);
837 if (r < 0 || r > UINT32_MAX) {
851 TmEcode UnixSocketRegisterTenantHandler(json_t *cmd, json_t* answer,
void *data)
854 json_int_t traffic_id = -1;
857 SCLogInfo(
"error: multi-tenant support not enabled");
858 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
863 json_t *jarg = json_object_get(cmd,
"id");
864 if (!json_is_integer(jarg)) {
865 SCLogInfo(
"error: command is not a string");
866 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
870 if (!JsonU32Value(jarg, &tenant_id)) {
872 json_object_set_new(answer,
"message", json_string(
"tenant_id is not a uint32"));
877 jarg = json_object_get(cmd,
"htype");
878 if (!json_is_string(jarg)) {
879 SCLogInfo(
"error: command is not a string");
880 json_object_set_new(answer,
"message", json_string(
"command is not a string"));
883 htype = json_string_value(jarg);
885 SCLogDebug(
"add-tenant-handler: %d %s", tenant_id, htype);
888 json_t *hargs = json_object_get(cmd,
"hargs");
890 if (!json_is_integer(hargs)) {
892 json_object_set_new(answer,
"message", json_string(
"hargs not a number"));
895 traffic_id = json_integer_value(hargs);
900 if (strcmp(htype,
"pcap") == 0) {
902 }
else if (strcmp(htype,
"vlan") == 0) {
903 if (traffic_id < 0) {
904 json_object_set_new(answer,
"message", json_string(
"vlan requires argument"));
907 if (traffic_id > USHRT_MAX) {
908 json_object_set_new(answer,
"message", json_string(
"vlan argument out of range"));
912 SCLogInfo(
"VLAN handler: id %u maps to tenant %u", (uint32_t)traffic_id, tenant_id);
916 json_object_set_new(answer,
"message", json_string(
"handler setup failure"));
921 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
926 json_object_set_new(answer,
"message", json_string(
"handler added"));
937 TmEcode UnixSocketUnregisterTenantHandler(json_t *cmd, json_t* answer,
void *data)
940 json_int_t traffic_id = -1;
943 SCLogInfo(
"error: multi-tenant support not enabled");
944 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
949 json_t *jarg = json_object_get(cmd,
"id");
950 if (!json_is_integer(jarg)) {
951 SCLogInfo(
"error: command is not a string");
952 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
956 if (!JsonU32Value(jarg, &tenant_id)) {
958 json_object_set_new(answer,
"message", json_string(
"tenant_id is not a uint32"));
963 jarg = json_object_get(cmd,
"htype");
964 if (!json_is_string(jarg)) {
965 SCLogInfo(
"error: command is not a string");
966 json_object_set_new(answer,
"message", json_string(
"command is not a string"));
969 htype = json_string_value(jarg);
971 SCLogDebug(
"add-tenant-handler: %d %s", tenant_id, htype);
974 json_t *hargs = json_object_get(cmd,
"hargs");
976 if (!json_is_integer(hargs)) {
978 json_object_set_new(answer,
"message", json_string(
"hargs not a number"));
981 traffic_id = json_integer_value(hargs);
986 if (strcmp(htype,
"pcap") == 0) {
988 }
else if (strcmp(htype,
"vlan") == 0) {
989 if (traffic_id < 0) {
990 json_object_set_new(answer,
"message", json_string(
"vlan requires argument"));
993 if (traffic_id > USHRT_MAX) {
994 json_object_set_new(answer,
"message", json_string(
"vlan argument out of range"));
998 SCLogInfo(
"VLAN handler: removing mapping of %u to tenant %u", (uint32_t)traffic_id, tenant_id);
1002 json_object_set_new(answer,
"message", json_string(
"handler unregister failure"));
1008 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1013 json_object_set_new(answer,
"message", json_string(
"handler removed"));
1024 TmEcode UnixSocketRegisterTenant(json_t *cmd, json_t* answer,
void *data)
1026 const char *filename;
1030 SCLogInfo(
"error: multi-tenant support not enabled");
1031 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
1036 json_t *jarg = json_object_get(cmd,
"id");
1037 if (!json_is_integer(jarg)) {
1038 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
1042 if (!JsonU32Value(jarg, &tenant_id)) {
1044 json_object_set_new(answer,
"message", json_string(
"tenant_id is not a uint32"));
1049 jarg = json_object_get(cmd,
"filename");
1050 if (!json_is_string(jarg)) {
1051 json_object_set_new(answer,
"message", json_string(
"command is not a string"));
1054 filename = json_string_value(jarg);
1055 if (
SCStatFn(filename, &st) != 0) {
1056 json_object_set_new(answer,
"message", json_string(
"file does not exist"));
1060 SCLogDebug(
"add-tenant: %d %s", tenant_id, filename);
1065 snprintf(prefix,
sizeof(prefix),
"multi-detect.%u", tenant_id);
1067 SCLogError(
"failed to load yaml %s", filename);
1068 json_object_set_new(answer,
"message", json_string(
"failed to load yaml"));
1074 json_object_set_new(answer,
"message", json_string(
"adding tenant failed"));
1080 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1085 json_object_set_new(answer,
"message", json_string(
"adding tenant succeeded"));
1089 static int reload_cnt = 1;
1097 TmEcode UnixSocketReloadTenant(json_t *cmd, json_t* answer,
void *data)
1099 const char *filename = NULL;
1103 SCLogInfo(
"error: multi-tenant support not enabled");
1104 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
1109 json_t *jarg = json_object_get(cmd,
"id");
1110 if (!json_is_integer(jarg)) {
1111 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
1115 if (!JsonU32Value(jarg, &tenant_id)) {
1117 json_object_set_new(answer,
"message", json_string(
"tenant_id is not a uint32"));
1122 jarg = json_object_get(cmd,
"filename");
1124 if (!json_is_string(jarg)) {
1125 json_object_set_new(answer,
"message", json_string(
"command is not a string"));
1128 filename = json_string_value(jarg);
1129 if (
SCStatFn(filename, &st) != 0) {
1130 json_object_set_new(answer,
"message", json_string(
"file does not exist"));
1135 SCLogDebug(
"reload-tenant: %d %s", tenant_id, filename);
1139 json_object_set_new(answer,
"message", json_string(
"reload tenant failed"));
1147 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1152 json_object_set_new(answer,
"message", json_string(
"reloading tenant succeeded"));
1163 TmEcode UnixSocketReloadTenants(json_t *cmd, json_t *answer,
void *data)
1166 SCLogInfo(
"error: multi-tenant support not enabled");
1167 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
1172 json_object_set_new(answer,
"message", json_string(
"reload tenants failed"));
1180 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1187 json_object_set_new(answer,
"message", json_string(
"reloading tenants succeeded"));
1198 TmEcode UnixSocketUnregisterTenant(json_t *cmd, json_t* answer,
void *data)
1201 SCLogInfo(
"error: multi-tenant support not enabled");
1202 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
1207 json_t *jarg = json_object_get(cmd,
"id");
1208 if (!json_is_integer(jarg)) {
1209 SCLogInfo(
"error: command is not a string");
1210 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
1214 if (!JsonU32Value(jarg, &tenant_id)) {
1216 json_object_set_new(answer,
"message", json_string(
"tenant_id is not a uint32"));
1220 SCLogInfo(
"remove-tenant: removing tenant %d", tenant_id);
1224 snprintf(prefix,
sizeof(prefix),
"multi-detect.%u", tenant_id);
1228 json_object_set_new(answer,
"message", json_string(
"tenant detect engine not found"));
1238 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1246 json_object_set_new(answer,
"message", json_string(
"removing tenant succeeded"));
1256 TmEcode UnixSocketHostbitAdd(json_t *cmd, json_t* answer,
void *data_usused)
1259 json_t *jarg = json_object_get(cmd,
"ipaddress");
1260 if (!json_is_string(jarg)) {
1261 json_object_set_new(answer,
"message", json_string(
"ipaddress is not an string"));
1264 const char *ipaddress = json_string_value(jarg);
1268 memset(&in, 0,
sizeof(in));
1269 if (inet_pton(AF_INET, ipaddress, &in) != 1) {
1271 memset(&in6, 0,
sizeof(in6));
1272 if (inet_pton(AF_INET6, ipaddress, &in) != 1) {
1273 json_object_set_new(answer,
"message", json_string(
"invalid address string"));
1277 a.addr_data32[0] = in6[0];
1278 a.addr_data32[1] = in6[1];
1279 a.addr_data32[2] = in6[2];
1280 a.addr_data32[3] = in6[3];
1284 a.addr_data32[0] = in.s_addr;
1285 a.addr_data32[1] = 0;
1286 a.addr_data32[2] = 0;
1287 a.addr_data32[3] = 0;
1291 jarg = json_object_get(cmd,
"hostbit");
1292 if (!json_is_string(jarg)) {
1293 json_object_set_new(answer,
"message", json_string(
"hostbit is not a string"));
1296 const char *hostbit = json_string_value(jarg);
1299 json_object_set_new(answer,
"message", json_string(
"hostbit not found"));
1304 jarg = json_object_get(cmd,
"expire");
1305 if (!json_is_integer(jarg)) {
1306 json_object_set_new(answer,
"message", json_string(
"expire is not an integer"));
1310 if (!JsonU32Value(jarg, &expire)) {
1312 json_object_set_new(answer,
"message", json_string(
"expire is not a uint32"));
1316 SCLogInfo(
"add-hostbit: ip %s hostbit %s expire %us", ipaddress, hostbit, expire);
1321 if (
SCTIME_SECS(current_time) + expire > UINT32_MAX) {
1322 json_object_set_new(answer,
"message", json_string(
"couldn't set host expire"));
1329 json_object_set_new(answer,
"message", json_string(
"hostbit added"));
1332 json_object_set_new(answer,
"message", json_string(
"couldn't create host"));
1343 TmEcode UnixSocketHostbitRemove(json_t *cmd, json_t* answer,
void *data_unused)
1346 json_t *jarg = json_object_get(cmd,
"ipaddress");
1347 if (!json_is_string(jarg)) {
1348 json_object_set_new(answer,
"message", json_string(
"ipaddress is not an string"));
1351 const char *ipaddress = json_string_value(jarg);
1355 memset(&in, 0,
sizeof(in));
1356 if (inet_pton(AF_INET, ipaddress, &in) != 1) {
1358 memset(&in6, 0,
sizeof(in6));
1359 if (inet_pton(AF_INET6, ipaddress, &in) != 1) {
1360 json_object_set_new(answer,
"message", json_string(
"invalid address string"));
1364 a.addr_data32[0] = in6[0];
1365 a.addr_data32[1] = in6[1];
1366 a.addr_data32[2] = in6[2];
1367 a.addr_data32[3] = in6[3];
1371 a.addr_data32[0] = in.s_addr;
1372 a.addr_data32[1] = 0;
1373 a.addr_data32[2] = 0;
1374 a.addr_data32[3] = 0;
1378 jarg = json_object_get(cmd,
"hostbit");
1379 if (!json_is_string(jarg)) {
1380 json_object_set_new(answer,
"message", json_string(
"hostbit is not a string"));
1384 const char *hostbit = json_string_value(jarg);
1387 json_object_set_new(answer,
"message", json_string(
"hostbit not found"));
1391 SCLogInfo(
"remove-hostbit: %s %s", ipaddress, hostbit);
1397 json_object_set_new(answer,
"message", json_string(
"hostbit removed"));
1400 json_object_set_new(answer,
"message", json_string(
"host not found"));
1416 TmEcode UnixSocketHostbitList(json_t *cmd, json_t* answer,
void *data_unused)
1419 json_t *jarg = json_object_get(cmd,
"ipaddress");
1420 if (!json_is_string(jarg)) {
1421 json_object_set_new(answer,
"message", json_string(
"ipaddress is not an string"));
1424 const char *ipaddress = json_string_value(jarg);
1428 memset(&in, 0,
sizeof(in));
1429 if (inet_pton(AF_INET, ipaddress, &in) != 1) {
1431 memset(&in6, 0,
sizeof(in6));
1432 if (inet_pton(AF_INET6, ipaddress, &in) != 1) {
1433 json_object_set_new(answer,
"message", json_string(
"invalid address string"));
1437 a.addr_data32[0] = in6[0];
1438 a.addr_data32[1] = in6[1];
1439 a.addr_data32[2] = in6[2];
1440 a.addr_data32[3] = in6[3];
1444 a.addr_data32[0] = in.s_addr;
1445 a.addr_data32[1] = 0;
1446 a.addr_data32[2] = 0;
1447 a.addr_data32[3] = 0;
1450 SCLogInfo(
"list-hostbit: %s", ipaddress);
1458 memset(&bits, 0,
sizeof(bits));
1463 json_object_set_new(answer,
"message", json_string(
"host not found"));
1468 while (use < 256 &&
HostBitList(host, &iter) == 1) {
1469 bits[use].id = iter->
idx;
1470 bits[use].expire = iter->
expire;
1475 json_t *jdata = json_object();
1476 json_t *jarray = json_array();
1477 if (jarray == NULL || jdata == NULL) {
1481 json_decref(jarray);
1482 json_object_set_new(answer,
"message",
1483 json_string(
"internal error at json object creation"));
1487 for (i = 0; i < use; i++) {
1488 json_t *bitobject = json_object();
1489 if (bitobject == NULL)
1491 uint32_t expire = 0;
1498 json_object_set_new(bitobject,
"name", json_string(name));
1499 SCLogDebug(
"xbit %s expire %u", name, expire);
1500 json_object_set_new(bitobject,
"expire", json_integer(expire));
1501 json_array_append_new(jarray, bitobject);
1504 json_object_set_new(jdata,
"count", json_integer(i));
1505 json_object_set_new(jdata,
"hostbits", jarray);
1506 json_object_set_new(answer,
"message", jdata);
1510 static void MemcapBuildValue(uint64_t val,
char *
str, uint32_t str_len)
1512 if ((val / (1024 * 1024 * 1024)) != 0) {
1513 snprintf(
str, str_len,
"%"PRIu64
"gb", val / (1024*1024*1024));
1514 }
else if ((val / (1024 * 1024)) != 0) {
1515 snprintf(
str, str_len,
"%"PRIu64
"mb", val / (1024*1024));
1517 snprintf(
str, str_len,
"%"PRIu64
"kb", val / (1024));
1521 TmEcode UnixSocketSetMemcap(json_t *cmd, json_t* answer,
void *data)
1523 char *memcap = NULL;
1524 char *value_str = NULL;
1528 json_t *jarg = json_object_get(cmd,
"config");
1529 if (!json_is_string(jarg)) {
1530 json_object_set_new(answer,
"message", json_string(
"memcap key is not a string"));
1533 memcap = (
char *)json_string_value(jarg);
1535 jarg = json_object_get(cmd,
"memcap");
1536 if (!json_is_string(jarg)) {
1537 json_object_set_new(answer,
"message", json_string(
"memcap value is not a string"));
1540 value_str = (
char *)json_string_value(jarg);
1544 "memcap from unix socket: %s",
1546 json_object_set_new(answer,
"message",
1547 json_string(
"error parsing memcap specified, "
1548 "value not changed"));
1553 if (strcmp(memcaps[i].name, memcap) == 0 && memcaps[i].SetFunc) {
1554 int updated = memcaps[i].
SetFunc(value);
1558 snprintf(message,
sizeof(message),
1559 "memcap value for '%s' updated: %"PRIu64
" %s",
1560 memcaps[i].name, value,
1561 (value == 0) ?
"(unlimited)" :
"");
1562 json_object_set_new(answer,
"message", json_string(message));
1566 snprintf(message,
sizeof(message),
1567 "Unlimited value is not allowed for '%s'", memcaps[i].name);
1569 if (memcaps[i].GetMemuseFunc()) {
1571 MemcapBuildValue(memcaps[i].GetMemuseFunc(), memuse,
sizeof(memuse));
1572 snprintf(message,
sizeof(message),
1573 "memcap value specified for '%s' is less than the memory in use: %s",
1574 memcaps[i].name, memuse);
1576 snprintf(message,
sizeof(message),
1577 "memcap value specified for '%s' is less than the memory in use",
1581 json_object_set_new(answer,
"message", json_string(message));
1587 json_object_set_new(answer,
"message",
1588 json_string(
"Memcap value not found. Use 'memcap-list' to show all"));
1592 TmEcode UnixSocketShowMemcap(json_t *cmd, json_t *answer,
void *data)
1594 char *memcap = NULL;
1597 json_t *jarg = json_object_get(cmd,
"config");
1598 if (!json_is_string(jarg)) {
1599 json_object_set_new(answer,
"message", json_string(
"memcap name is not a string"));
1602 memcap = (
char *)json_string_value(jarg);
1605 if (strcmp(memcaps[i].name, memcap) == 0 && memcaps[i].
GetFunc) {
1607 uint64_t val = memcaps[i].
GetFunc();
1608 json_t *jobj = json_object();
1610 json_object_set_new(answer,
"message",
1611 json_string(
"internal error at json object creation"));
1618 MemcapBuildValue(val,
str,
sizeof(
str));
1621 json_object_set_new(jobj,
"value", json_string(
str));
1622 json_object_set_new(answer,
"message", jobj);
1627 json_object_set_new(answer,
"message",
1628 json_string(
"Memcap value not found. Use 'memcap-list' to show all"));
1632 TmEcode UnixSocketShowAllMemcap(json_t *cmd, json_t *answer,
void *data)
1634 json_t *jmemcaps = json_array();
1637 if (jmemcaps == NULL) {
1638 json_object_set_new(answer,
"message",
1639 json_string(
"internal error at json array creation"));
1644 json_t *jobj = json_object();
1646 json_decref(jmemcaps);
1647 json_object_set_new(answer,
"message",
1648 json_string(
"internal error at json object creation"));
1652 uint64_t val = memcaps[i].
GetFunc();
1657 MemcapBuildValue(val,
str,
sizeof(
str));
1660 json_object_set_new(jobj,
"name", json_string(memcaps[i].name));
1661 json_object_set_new(jobj,
"value", json_string(
str));
1662 json_array_append_new(jmemcaps, jobj);
1665 json_object_set_new(answer,
"message", jmemcaps);
1669 TmEcode UnixSocketGetFlowStatsById(json_t *cmd, json_t *answer,
void *data)
1672 json_t *jarg = json_object_get(cmd,
"flow_id");
1673 if (!json_is_integer(jarg)) {
1674 SCLogInfo(
"error: command is not a string");
1675 json_object_set_new(answer,
"message", json_string(
"flow_id is not an integer"));
1678 int64_t flow_id = json_integer_value(jarg);
1682 json_object_set_new(answer,
"message", json_string(
"Not found"));
1692 json_t *flow_info = json_object();
1693 if (flow_info == NULL) {
1696 json_object_set_new(flow_info,
"pkts_toclient", json_integer(tosrcpktcnt));
1697 json_object_set_new(flow_info,
"pkts_toserver", json_integer(todstpktcnt));
1698 json_object_set_new(flow_info,
"bytes_toclient", json_integer(tosrcbytecnt));
1699 json_object_set_new(flow_info,
"bytes_toserver", json_integer(todstbytecnt));
1700 json_object_set_new(flow_info,
"age", json_integer(age));
1701 json_object_set_new(answer,
"message", flow_info);
1706 #ifdef BUILD_UNIX_SOCKET
1710 static int RunModeUnixSocketMaster(
void)
1721 pcapcmd->running = 0;
1722 pcapcmd->current_file = NULL;
1724 memset(&unix_manager_pcap_last_processed, 0,
sizeof(
struct timespec));
1728 UnixManagerRegisterCommand(
"pcap-file", UnixSocketAddPcapFile, pcapcmd,
UNIX_CMD_TAKE_ARGS);
1729 UnixManagerRegisterCommand(
"pcap-file-continuous", UnixSocketAddPcapFileContinuous, pcapcmd,
UNIX_CMD_TAKE_ARGS);
1730 UnixManagerRegisterCommand(
"pcap-file-number", UnixSocketPcapFilesNumber, pcapcmd, 0);
1731 UnixManagerRegisterCommand(
"pcap-file-list", UnixSocketPcapFilesList, pcapcmd, 0);
1732 UnixManagerRegisterCommand(
"pcap-last-processed", UnixSocketPcapLastProcessed, pcapcmd, 0);
1733 UnixManagerRegisterCommand(
"pcap-interrupt", UnixSocketPcapInterrupt, pcapcmd, 0);
1734 UnixManagerRegisterCommand(
"pcap-current", UnixSocketPcapCurrent, pcapcmd, 0);
1736 UnixManagerRegisterBackgroundTask(UnixSocketPcapFilesCheck, pcapcmd);