109 "applayer-proto-http",
137 for (
int i = 0; i < 4; i++) {
138 uint64_t memcap = memcaps[i].
GetFunc();
141 float p = (float)((
double)memuse / (double)memcap);
144 percent =
MAX(p, percent);
150 #ifdef BUILD_UNIX_SOCKET
152 static int RunModeUnixSocketMaster(
void);
153 static int unix_manager_pcap_task_running = 0;
154 static int unix_manager_pcap_task_failed = 0;
155 static int unix_manager_pcap_task_interrupted = 0;
156 static struct timespec unix_manager_pcap_last_processed;
157 static SCCtrlMutex unix_manager_pcap_last_processed_mutex;
164 static TmEcode UnixSocketPcapFilesList(json_t *cmd, json_t* answer,
void *data)
172 jdata = json_object();
174 json_object_set_new(answer,
"message",
175 json_string(
"internal error at json object creation"));
178 jarray = json_array();
179 if (jarray == NULL) {
181 json_object_set_new(answer,
"message",
182 json_string(
"internal error at json object creation"));
189 json_object_set_new(jdata,
"count", json_integer(i));
190 json_object_set_new(jdata,
"files", jarray);
191 json_object_set_new(answer,
"message", jdata);
195 static TmEcode UnixSocketPcapFilesNumber(json_t *cmd, json_t* answer,
void *data)
204 json_object_set_new(answer,
"message", json_integer(i));
208 static TmEcode UnixSocketPcapCurrent(json_t *cmd, json_t* answer,
void *data)
212 if (this->current_file != NULL && this->current_file->filename != NULL) {
213 json_object_set_new(answer,
"message",
214 json_string(this->current_file->filename));
216 json_object_set_new(answer,
"message", json_string(
"None"));
221 static TmEcode UnixSocketPcapLastProcessed(json_t *cmd, json_t *answer,
void *data)
223 json_int_t epoch_millis;
228 json_object_set_new(answer,
"message",
229 json_integer(epoch_millis));
234 static TmEcode UnixSocketPcapInterrupt(json_t *cmd, json_t *answer,
void *data)
236 unix_manager_pcap_task_interrupted = 1;
238 json_object_set_new(answer,
"message", json_string(
"Interrupted"));
243 static void PcapFilesFree(
PcapFiles *cfile)
268 static TmEcode UnixListAddFile(
270 const char *filename,
271 const char *output_dir,
280 if (filename == NULL ||
this == NULL)
309 cfile->
delay = delay;
324 static TmEcode UnixSocketAddPcapFileImpl(json_t *cmd, json_t* answer,
void *data,
328 const char *filename;
329 const char *output_dir;
331 bool should_delete =
false;
333 time_t poll_interval = 5;
340 json_t *jarg = json_object_get(cmd,
"filename");
341 if (!json_is_string(jarg)) {
343 json_object_set_new(answer,
"message",
344 json_string(
"filename is not a string"));
347 filename = json_string_value(jarg);
349 if (_stat(filename, &st) != 0) {
351 if (stat(filename, &st) != 0) {
353 json_object_set_new(answer,
"message",
354 json_string(
"filename does not exist"));
358 json_t *oarg = json_object_get(cmd,
"output-dir");
360 if (!json_is_string(oarg)) {
363 json_object_set_new(answer,
"message",
364 json_string(
"output-dir is not a string"));
367 output_dir = json_string_value(oarg);
371 json_object_set_new(answer,
"message",
372 json_string(
"output-dir param is mandatory"));
377 if (_stat(output_dir, &st) != 0) {
379 if (stat(output_dir, &st) != 0) {
381 json_object_set_new(answer,
"message",
382 json_string(
"output-dir does not exist"));
386 json_t *targ = json_object_get(cmd,
"tenant");
388 if (!json_is_integer(targ)) {
389 json_object_set_new(answer,
"message",
390 json_string(
"tenant is not a number"));
393 tenant_id = json_number_value(targ);
396 json_t *delete_arg = json_object_get(cmd,
"delete-when-done");
397 if (delete_arg != NULL) {
398 should_delete = json_is_true(delete_arg);
401 json_t *delay_arg = json_object_get(cmd,
"delay");
402 if (delay_arg != NULL) {
403 if (!json_is_integer(delay_arg)) {
405 json_object_set_new(answer,
"message",
406 json_string(
"delay is not a integer"));
409 delay = json_integer_value(delay_arg);
412 json_t *interval_arg = json_object_get(cmd,
"poll-interval");
413 if (interval_arg != NULL) {
414 if (!json_is_integer(interval_arg)) {
417 json_object_set_new(answer,
"message",
418 json_string(
"poll-interval is not a integer"));
421 poll_interval = json_integer_value(interval_arg);
424 switch (UnixListAddFile(
this, filename, output_dir, tenant_id, continuous,
425 should_delete, delay, poll_interval)) {
428 json_object_set_new(answer,
"message",
429 json_string(
"Unable to add file to list"));
432 SCLogInfo(
"Added file '%s' to list", filename);
433 json_object_set_new(answer,
"message",
434 json_string(
"Successfully added file to list"));
447 static TmEcode UnixSocketAddPcapFile(json_t *cmd, json_t* answer,
void *data)
449 bool continuous =
false;
451 json_t *cont_arg = json_object_get(cmd,
"continuous");
452 if (cont_arg != NULL) {
453 continuous = json_is_true(cont_arg);
456 return UnixSocketAddPcapFileImpl(cmd, answer, data, continuous);
466 static TmEcode UnixSocketAddPcapFileContinuous(json_t *cmd, json_t* answer,
void *data)
468 return UnixSocketAddPcapFileImpl(cmd, answer, data,
true);
484 static TmEcode UnixSocketPcapFilesCheck(
void *data)
487 if (unix_manager_pcap_task_running == 1) {
490 if ((unix_manager_pcap_task_failed == 1) || (this->running == 1)) {
491 if (unix_manager_pcap_task_failed) {
492 SCLogInfo(
"Preceeding task failed, cleaning the running mode");
494 unix_manager_pcap_task_failed = 0;
500 if (this->current_file) {
501 PcapFilesFree(this->current_file);
503 this->current_file = NULL;
514 unix_manager_pcap_task_running = 1;
519 PcapFilesFree(cfile);
527 set_res =
ConfSetFinal(
"pcap-file.continuous",
"false");
530 SCLogError(
"Can not set continuous mode for pcap processing");
531 PcapFilesFree(cfile);
535 set_res =
ConfSetFinal(
"pcap-file.delete-when-done",
"true");
537 set_res =
ConfSetFinal(
"pcap-file.delete-when-done",
"false");
540 SCLogError(
"Can not set delete mode for pcap processing");
541 PcapFilesFree(cfile);
545 if (cfile->
delay > 0) {
547 snprintf(tstr,
sizeof(tstr),
"%" PRIuMAX, (uintmax_t)cfile->
delay);
549 SCLogError(
"Can not set delay to '%s'", tstr);
550 PcapFilesFree(cfile);
557 snprintf(tstr,
sizeof(tstr),
"%" PRIuMAX, (uintmax_t)cfile->
poll_interval);
558 if (
ConfSetFinal(
"pcap-file.poll-interval", tstr) != 1) {
559 SCLogError(
"Can not set poll-interval to '%s'", tstr);
560 PcapFilesFree(cfile);
567 snprintf(tstr,
sizeof(tstr),
"%d", cfile->
tenant_id);
569 SCLogError(
"Can not set working tenant-id to '%s'", tstr);
570 PcapFilesFree(cfile);
574 SCLogInfo(
"pcap-file.tenant-id not set");
580 PcapFilesFree(cfile);
585 this->current_file = cfile;
587 SCLogInfo(
"Starting run for '%s'", this->current_file->filename);
604 #ifdef BUILD_UNIX_SOCKET
615 #ifdef BUILD_UNIX_SOCKET
618 unix_manager_pcap_last_processed.tv_sec = last_processed->tv_sec;
619 unix_manager_pcap_last_processed.tv_nsec = last_processed->tv_nsec;
624 SCLogInfo(
"Marking current task as done");
625 unix_manager_pcap_task_running = 0;
628 SCLogInfo(
"Marking current task as failed");
629 unix_manager_pcap_task_running = 0;
630 unix_manager_pcap_task_failed = 1;
634 if (unix_manager_pcap_task_interrupted == 1) {
635 SCLogInfo(
"Interrupting current run mode");
636 unix_manager_pcap_task_interrupted = 0;
646 #ifdef BUILD_UNIX_SOCKET
654 TmEcode UnixSocketDatasetAdd(json_t *cmd, json_t* answer,
void *data)
657 json_t *narg = json_object_get(cmd,
"setname");
658 if (!json_is_string(narg)) {
659 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
662 const char *set_name = json_string_value(narg);
665 json_t *targ = json_object_get(cmd,
"settype");
666 if (!json_is_string(targ)) {
667 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
670 const char *
type = json_string_value(targ);
673 json_t *varg = json_object_get(cmd,
"datavalue");
674 if (!json_is_string(varg)) {
675 json_object_set_new(answer,
"message", json_string(
"datavalue is not string"));
678 const char *value = json_string_value(varg);
680 SCLogDebug(
"dataset-add: %s type %s value %s", set_name,
type, value);
684 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
690 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
696 json_object_set_new(answer,
"message", json_string(
"data added"));
699 json_object_set_new(answer,
"message", json_string(
"data already in set"));
702 json_object_set_new(answer,
"message", json_string(
"failed to add data"));
707 TmEcode UnixSocketDatasetRemove(json_t *cmd, json_t* answer,
void *data)
710 json_t *narg = json_object_get(cmd,
"setname");
711 if (!json_is_string(narg)) {
712 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
715 const char *set_name = json_string_value(narg);
718 json_t *targ = json_object_get(cmd,
"settype");
719 if (!json_is_string(targ)) {
720 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
723 const char *
type = json_string_value(targ);
726 json_t *varg = json_object_get(cmd,
"datavalue");
727 if (!json_is_string(varg)) {
728 json_object_set_new(answer,
"message", json_string(
"datavalue is not string"));
731 const char *value = json_string_value(varg);
733 SCLogDebug(
"dataset-remove: %s type %s value %s", set_name,
type, value);
737 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
743 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
749 json_object_set_new(answer,
"message", json_string(
"data removed"));
752 json_object_set_new(answer,
"message", json_string(
"data is busy, try again"));
755 json_object_set_new(answer,
"message", json_string(
"failed to remove data"));
760 TmEcode UnixSocketDatasetDump(json_t *cmd, json_t *answer,
void *data)
765 json_object_set_new(answer,
"message", json_string(
"datasets dump done"));
769 TmEcode UnixSocketDatasetClear(json_t *cmd, json_t *answer,
void *data)
772 json_t *narg = json_object_get(cmd,
"setname");
773 if (!json_is_string(narg)) {
774 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
777 const char *set_name = json_string_value(narg);
780 json_t *targ = json_object_get(cmd,
"settype");
781 if (!json_is_string(targ)) {
782 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
785 const char *
type = json_string_value(targ);
789 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
795 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
801 json_object_set_new(answer,
"message", json_string(
"dataset cleared"));
805 TmEcode UnixSocketDatasetLookup(json_t *cmd, json_t *answer,
void *data)
808 json_t *narg = json_object_get(cmd,
"setname");
809 if (!json_is_string(narg)) {
810 json_object_set_new(answer,
"message", json_string(
"setname is not a string"));
813 const char *set_name = json_string_value(narg);
816 json_t *targ = json_object_get(cmd,
"settype");
817 if (!json_is_string(targ)) {
818 json_object_set_new(answer,
"message", json_string(
"settype is not a string"));
821 const char *
type = json_string_value(targ);
824 json_t *varg = json_object_get(cmd,
"datavalue");
825 if (!json_is_string(varg)) {
826 json_object_set_new(answer,
"message", json_string(
"datavalue is not string"));
829 const char *value = json_string_value(varg);
831 SCLogDebug(
"dataset-exist: %s type %s value %s", set_name,
type, value);
835 json_object_set_new(answer,
"message", json_string(
"unknown settype"));
841 json_object_set_new(answer,
"message", json_string(
"set not found or wrong type"));
846 json_object_set_new(answer,
"message", json_string(
"item found in set"));
849 json_object_set_new(answer,
"message", json_string(
"item not found in set"));
861 TmEcode UnixSocketRegisterTenantHandler(json_t *cmd, json_t* answer,
void *data)
864 json_int_t traffic_id = -1;
867 SCLogInfo(
"error: multi-tenant support not enabled");
868 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
873 json_t *jarg = json_object_get(cmd,
"id");
874 if (!json_is_integer(jarg)) {
875 SCLogInfo(
"error: command is not a string");
876 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
879 int tenant_id = json_integer_value(jarg);
882 jarg = json_object_get(cmd,
"htype");
883 if (!json_is_string(jarg)) {
884 SCLogInfo(
"error: command is not a string");
885 json_object_set_new(answer,
"message", json_string(
"command is not a string"));
888 htype = json_string_value(jarg);
890 SCLogDebug(
"add-tenant-handler: %d %s", tenant_id, htype);
893 json_t *hargs = json_object_get(cmd,
"hargs");
895 if (!json_is_integer(hargs)) {
897 json_object_set_new(answer,
"message", json_string(
"hargs not a number"));
900 traffic_id = json_integer_value(hargs);
905 if (strcmp(htype,
"pcap") == 0) {
907 }
else if (strcmp(htype,
"vlan") == 0) {
908 if (traffic_id < 0) {
909 json_object_set_new(answer,
"message", json_string(
"vlan requires argument"));
912 if (traffic_id > USHRT_MAX) {
913 json_object_set_new(answer,
"message", json_string(
"vlan argument out of range"));
917 SCLogInfo(
"VLAN handler: id %u maps to tenant %u", (uint32_t)traffic_id, tenant_id);
921 json_object_set_new(answer,
"message", json_string(
"handler setup failure"));
926 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
931 json_object_set_new(answer,
"message", json_string(
"handler added"));
942 TmEcode UnixSocketUnregisterTenantHandler(json_t *cmd, json_t* answer,
void *data)
945 json_int_t traffic_id = -1;
948 SCLogInfo(
"error: multi-tenant support not enabled");
949 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
954 json_t *jarg = json_object_get(cmd,
"id");
955 if (!json_is_integer(jarg)) {
956 SCLogInfo(
"error: command is not a string");
957 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
960 int tenant_id = json_integer_value(jarg);
963 jarg = json_object_get(cmd,
"htype");
964 if (!json_is_string(jarg)) {
965 SCLogInfo(
"error: command is not a string");
966 json_object_set_new(answer,
"message", json_string(
"command is not a string"));
969 htype = json_string_value(jarg);
971 SCLogDebug(
"add-tenant-handler: %d %s", tenant_id, htype);
974 json_t *hargs = json_object_get(cmd,
"hargs");
976 if (!json_is_integer(hargs)) {
978 json_object_set_new(answer,
"message", json_string(
"hargs not a number"));
981 traffic_id = json_integer_value(hargs);
986 if (strcmp(htype,
"pcap") == 0) {
988 }
else if (strcmp(htype,
"vlan") == 0) {
989 if (traffic_id < 0) {
990 json_object_set_new(answer,
"message", json_string(
"vlan requires argument"));
993 if (traffic_id > USHRT_MAX) {
994 json_object_set_new(answer,
"message", json_string(
"vlan argument out of range"));
998 SCLogInfo(
"VLAN handler: removing mapping of %u to tenant %u", (uint32_t)traffic_id, tenant_id);
1002 json_object_set_new(answer,
"message", json_string(
"handler unregister failure"));
1008 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1013 json_object_set_new(answer,
"message", json_string(
"handler removed"));
1024 TmEcode UnixSocketRegisterTenant(json_t *cmd, json_t* answer,
void *data)
1026 const char *filename;
1034 SCLogInfo(
"error: multi-tenant support not enabled");
1035 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
1040 json_t *jarg = json_object_get(cmd,
"id");
1041 if (!json_is_integer(jarg)) {
1042 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
1045 int tenant_id = json_integer_value(jarg);
1048 jarg = json_object_get(cmd,
"filename");
1049 if (!json_is_string(jarg)) {
1050 json_object_set_new(answer,
"message", json_string(
"command is not a string"));
1053 filename = json_string_value(jarg);
1055 if (_stat(filename, &st) != 0) {
1057 if (stat(filename, &st) != 0) {
1059 json_object_set_new(answer,
"message", json_string(
"file does not exist"));
1063 SCLogDebug(
"add-tenant: %d %s", tenant_id, filename);
1068 snprintf(prefix,
sizeof(prefix),
"multi-detect.%d", tenant_id);
1070 SCLogError(
"failed to load yaml %s", filename);
1071 json_object_set_new(answer,
"message", json_string(
"failed to load yaml"));
1077 json_object_set_new(answer,
"message", json_string(
"adding tenant failed"));
1083 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1088 json_object_set_new(answer,
"message", json_string(
"adding tenant succeeded"));
1092 static int reload_cnt = 1;
1100 TmEcode UnixSocketReloadTenant(json_t *cmd, json_t* answer,
void *data)
1102 const char *filename;
1110 SCLogInfo(
"error: multi-tenant support not enabled");
1111 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
1116 json_t *jarg = json_object_get(cmd,
"id");
1117 if (!json_is_integer(jarg)) {
1118 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
1121 int tenant_id = json_integer_value(jarg);
1124 jarg = json_object_get(cmd,
"filename");
1125 if (!json_is_string(jarg)) {
1126 json_object_set_new(answer,
"message", json_string(
"command is not a string"));
1129 filename = json_string_value(jarg);
1131 if (_stat(filename, &st) != 0) {
1133 if (stat(filename, &st) != 0) {
1135 json_object_set_new(answer,
"message", json_string(
"file does not exist"));
1139 SCLogDebug(
"reload-tenant: %d %s", tenant_id, filename);
1142 snprintf(prefix,
sizeof(prefix),
"multi-detect.%d.reload.%d", tenant_id, reload_cnt);
1146 json_object_set_new(answer,
"message", json_string(
"failed to load yaml"));
1152 json_object_set_new(answer,
"message", json_string(
"reload tenant failed"));
1160 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1165 json_object_set_new(answer,
"message", json_string(
"reloading tenant succeeded"));
1176 TmEcode UnixSocketUnregisterTenant(json_t *cmd, json_t* answer,
void *data)
1179 SCLogInfo(
"error: multi-tenant support not enabled");
1180 json_object_set_new(answer,
"message", json_string(
"multi-tenant support not enabled"));
1185 json_t *jarg = json_object_get(cmd,
"id");
1186 if (!json_is_integer(jarg)) {
1187 SCLogInfo(
"error: command is not a string");
1188 json_object_set_new(answer,
"message", json_string(
"id is not an integer"));
1191 int tenant_id = json_integer_value(jarg);
1193 SCLogInfo(
"remove-tenant: removing tenant %d", tenant_id);
1197 snprintf(prefix,
sizeof(prefix),
"multi-detect.%d", tenant_id);
1201 json_object_set_new(answer,
"message", json_string(
"tenant detect engine not found"));
1211 json_object_set_new(answer,
"message", json_string(
"couldn't apply settings"));
1219 json_object_set_new(answer,
"message", json_string(
"removing tenant succeeded"));
1229 TmEcode UnixSocketHostbitAdd(json_t *cmd, json_t* answer,
void *data_usused)
1232 json_t *jarg = json_object_get(cmd,
"ipaddress");
1233 if (!json_is_string(jarg)) {
1234 json_object_set_new(answer,
"message", json_string(
"ipaddress is not an string"));
1237 const char *ipaddress = json_string_value(jarg);
1241 memset(&in, 0,
sizeof(in));
1242 if (inet_pton(AF_INET, ipaddress, &in) != 1) {
1244 memset(&in6, 0,
sizeof(in6));
1245 if (inet_pton(AF_INET6, ipaddress, &in) != 1) {
1246 json_object_set_new(answer,
"message", json_string(
"invalid address string"));
1250 a.addr_data32[0] = in6[0];
1251 a.addr_data32[1] = in6[1];
1252 a.addr_data32[2] = in6[2];
1253 a.addr_data32[3] = in6[3];
1257 a.addr_data32[0] = in.s_addr;
1258 a.addr_data32[1] = 0;
1259 a.addr_data32[2] = 0;
1260 a.addr_data32[3] = 0;
1264 jarg = json_object_get(cmd,
"hostbit");
1265 if (!json_is_string(jarg)) {
1266 json_object_set_new(answer,
"message", json_string(
"hostbit is not a string"));
1269 const char *hostbit = json_string_value(jarg);
1272 json_object_set_new(answer,
"message", json_string(
"hostbit not found"));
1277 jarg = json_object_get(cmd,
"expire");
1278 if (!json_is_integer(jarg)) {
1279 json_object_set_new(answer,
"message", json_string(
"expire is not an integer"));
1282 uint32_t expire = json_integer_value(jarg);
1284 SCLogInfo(
"add-hostbit: ip %s hostbit %s expire %us", ipaddress, hostbit, expire);
1292 json_object_set_new(answer,
"message", json_string(
"hostbit added"));
1295 json_object_set_new(answer,
"message", json_string(
"couldn't create host"));
1306 TmEcode UnixSocketHostbitRemove(json_t *cmd, json_t* answer,
void *data_unused)
1309 json_t *jarg = json_object_get(cmd,
"ipaddress");
1310 if (!json_is_string(jarg)) {
1311 json_object_set_new(answer,
"message", json_string(
"ipaddress is not an string"));
1314 const char *ipaddress = json_string_value(jarg);
1318 memset(&in, 0,
sizeof(in));
1319 if (inet_pton(AF_INET, ipaddress, &in) != 1) {
1321 memset(&in6, 0,
sizeof(in6));
1322 if (inet_pton(AF_INET6, ipaddress, &in) != 1) {
1323 json_object_set_new(answer,
"message", json_string(
"invalid address string"));
1327 a.addr_data32[0] = in6[0];
1328 a.addr_data32[1] = in6[1];
1329 a.addr_data32[2] = in6[2];
1330 a.addr_data32[3] = in6[3];
1334 a.addr_data32[0] = in.s_addr;
1335 a.addr_data32[1] = 0;
1336 a.addr_data32[2] = 0;
1337 a.addr_data32[3] = 0;
1341 jarg = json_object_get(cmd,
"hostbit");
1342 if (!json_is_string(jarg)) {
1343 json_object_set_new(answer,
"message", json_string(
"hostbit is not a string"));
1347 const char *hostbit = json_string_value(jarg);
1350 json_object_set_new(answer,
"message", json_string(
"hostbit not found"));
1354 SCLogInfo(
"remove-hostbit: %s %s", ipaddress, hostbit);
1360 json_object_set_new(answer,
"message", json_string(
"hostbit removed"));
1363 json_object_set_new(answer,
"message", json_string(
"host not found"));
1379 TmEcode UnixSocketHostbitList(json_t *cmd, json_t* answer,
void *data_unused)
1382 json_t *jarg = json_object_get(cmd,
"ipaddress");
1383 if (!json_is_string(jarg)) {
1384 json_object_set_new(answer,
"message", json_string(
"ipaddress is not an string"));
1387 const char *ipaddress = json_string_value(jarg);
1391 memset(&in, 0,
sizeof(in));
1392 if (inet_pton(AF_INET, ipaddress, &in) != 1) {
1394 memset(&in6, 0,
sizeof(in6));
1395 if (inet_pton(AF_INET6, ipaddress, &in) != 1) {
1396 json_object_set_new(answer,
"message", json_string(
"invalid address string"));
1400 a.addr_data32[0] = in6[0];
1401 a.addr_data32[1] = in6[1];
1402 a.addr_data32[2] = in6[2];
1403 a.addr_data32[3] = in6[3];
1407 a.addr_data32[0] = in.s_addr;
1408 a.addr_data32[1] = 0;
1409 a.addr_data32[2] = 0;
1410 a.addr_data32[3] = 0;
1413 SCLogInfo(
"list-hostbit: %s", ipaddress);
1421 memset(&bits, 0,
sizeof(bits));
1426 json_object_set_new(answer,
"message", json_string(
"host not found"));
1431 while (use < 256 &&
HostBitList(host, &iter) == 1) {
1432 bits[use].id = iter->
idx;
1433 bits[use].expire = iter->
expire;
1438 json_t *jdata = json_object();
1439 json_t *jarray = json_array();
1440 if (jarray == NULL || jdata == NULL) {
1444 json_decref(jarray);
1445 json_object_set_new(answer,
"message",
1446 json_string(
"internal error at json object creation"));
1450 for (i = 0; i < use; i++) {
1451 json_t *bitobject = json_object();
1452 if (bitobject == NULL)
1454 uint32_t expire = 0;
1461 json_object_set_new(bitobject,
"name", json_string(name));
1462 SCLogDebug(
"xbit %s expire %u", name, expire);
1463 json_object_set_new(bitobject,
"expire", json_integer(expire));
1464 json_array_append_new(jarray, bitobject);
1467 json_object_set_new(jdata,
"count", json_integer(i));
1468 json_object_set_new(jdata,
"hostbits", jarray);
1469 json_object_set_new(answer,
"message", jdata);
1473 static void MemcapBuildValue(uint64_t val,
char *
str, uint32_t str_len)
1475 if ((val / (1024 * 1024 * 1024)) != 0) {
1476 snprintf(
str, str_len,
"%"PRIu64
"gb", val / (1024*1024*1024));
1477 }
else if ((val / (1024 * 1024)) != 0) {
1478 snprintf(
str, str_len,
"%"PRIu64
"mb", val / (1024*1024));
1480 snprintf(
str, str_len,
"%"PRIu64
"kb", val / (1024));
1484 TmEcode UnixSocketSetMemcap(json_t *cmd, json_t* answer,
void *data)
1486 char *memcap = NULL;
1487 char *value_str = NULL;
1491 json_t *jarg = json_object_get(cmd,
"config");
1492 if (!json_is_string(jarg)) {
1493 json_object_set_new(answer,
"message", json_string(
"memcap key is not a string"));
1496 memcap = (
char *)json_string_value(jarg);
1498 jarg = json_object_get(cmd,
"memcap");
1499 if (!json_is_string(jarg)) {
1500 json_object_set_new(answer,
"message", json_string(
"memcap value is not a string"));
1503 value_str = (
char *)json_string_value(jarg);
1507 "memcap from unix socket: %s",
1509 json_object_set_new(answer,
"message",
1510 json_string(
"error parsing memcap specified, "
1511 "value not changed"));
1516 if (strcmp(memcaps[i].name, memcap) == 0 && memcaps[i].SetFunc) {
1517 int updated = memcaps[i].
SetFunc(value);
1521 snprintf(message,
sizeof(message),
1522 "memcap value for '%s' updated: %"PRIu64
" %s",
1523 memcaps[i].name, value,
1524 (value == 0) ?
"(unlimited)" :
"");
1525 json_object_set_new(answer,
"message", json_string(message));
1529 snprintf(message,
sizeof(message),
1530 "Unlimited value is not allowed for '%s'", memcaps[i].name);
1532 if (memcaps[i].GetMemuseFunc()) {
1534 MemcapBuildValue(memcaps[i].GetMemuseFunc(), memuse,
sizeof(memuse));
1535 snprintf(message,
sizeof(message),
1536 "memcap value specified for '%s' is less than the memory in use: %s",
1537 memcaps[i].name, memuse);
1539 snprintf(message,
sizeof(message),
1540 "memcap value specified for '%s' is less than the memory in use",
1544 json_object_set_new(answer,
"message", json_string(message));
1550 json_object_set_new(answer,
"message",
1551 json_string(
"Memcap value not found. Use 'memcap-list' to show all"));
1555 TmEcode UnixSocketShowMemcap(json_t *cmd, json_t *answer,
void *data)
1557 char *memcap = NULL;
1560 json_t *jarg = json_object_get(cmd,
"config");
1561 if (!json_is_string(jarg)) {
1562 json_object_set_new(answer,
"message", json_string(
"memcap name is not a string"));
1565 memcap = (
char *)json_string_value(jarg);
1568 if (strcmp(memcaps[i].name, memcap) == 0 && memcaps[i].
GetFunc) {
1570 uint64_t val = memcaps[i].
GetFunc();
1571 json_t *jobj = json_object();
1573 json_object_set_new(answer,
"message",
1574 json_string(
"internal error at json object creation"));
1581 MemcapBuildValue(val,
str,
sizeof(
str));
1584 json_object_set_new(jobj,
"value", json_string(
str));
1585 json_object_set_new(answer,
"message", jobj);
1590 json_object_set_new(answer,
"message",
1591 json_string(
"Memcap value not found. Use 'memcap-list' to show all"));
1595 TmEcode UnixSocketShowAllMemcap(json_t *cmd, json_t *answer,
void *data)
1597 json_t *jmemcaps = json_array();
1600 if (jmemcaps == NULL) {
1601 json_object_set_new(answer,
"message",
1602 json_string(
"internal error at json array creation"));
1607 json_t *jobj = json_object();
1609 json_decref(jmemcaps);
1610 json_object_set_new(answer,
"message",
1611 json_string(
"internal error at json object creation"));
1615 uint64_t val = memcaps[i].
GetFunc();
1620 MemcapBuildValue(val,
str,
sizeof(
str));
1623 json_object_set_new(jobj,
"name", json_string(memcaps[i].name));
1624 json_object_set_new(jobj,
"value", json_string(
str));
1625 json_array_append_new(jmemcaps, jobj);
1628 json_object_set_new(answer,
"message", jmemcaps);
1632 TmEcode UnixSocketGetFlowStatsById(json_t *cmd, json_t *answer,
void *data)
1635 json_t *jarg = json_object_get(cmd,
"flow_id");
1636 if (!json_is_integer(jarg)) {
1637 SCLogInfo(
"error: command is not a string");
1638 json_object_set_new(answer,
"message", json_string(
"flow_id is not an integer"));
1641 int64_t flow_id = json_integer_value(jarg);
1645 json_object_set_new(answer,
"message", json_string(
"Not found"));
1655 json_t *flow_info = json_object();
1656 if (flow_info == NULL) {
1659 json_object_set_new(flow_info,
"pkts_toclient", json_integer(tosrcpktcnt));
1660 json_object_set_new(flow_info,
"pkts_toserver", json_integer(todstpktcnt));
1661 json_object_set_new(flow_info,
"bytes_toclient", json_integer(tosrcbytecnt));
1662 json_object_set_new(flow_info,
"bytes_toserver", json_integer(todstbytecnt));
1663 json_object_set_new(flow_info,
"age", json_integer(age));
1664 json_object_set_new(answer,
"message", flow_info);
1669 #ifdef BUILD_UNIX_SOCKET
1673 static int RunModeUnixSocketMaster(
void)
1684 pcapcmd->running = 0;
1685 pcapcmd->current_file = NULL;
1687 memset(&unix_manager_pcap_last_processed, 0,
sizeof(
struct timespec));
1691 UnixManagerRegisterCommand(
"pcap-file", UnixSocketAddPcapFile, pcapcmd,
UNIX_CMD_TAKE_ARGS);
1692 UnixManagerRegisterCommand(
"pcap-file-continuous", UnixSocketAddPcapFileContinuous, pcapcmd,
UNIX_CMD_TAKE_ARGS);
1693 UnixManagerRegisterCommand(
"pcap-file-number", UnixSocketPcapFilesNumber, pcapcmd, 0);
1694 UnixManagerRegisterCommand(
"pcap-file-list", UnixSocketPcapFilesList, pcapcmd, 0);
1695 UnixManagerRegisterCommand(
"pcap-last-processed", UnixSocketPcapLastProcessed, pcapcmd, 0);
1696 UnixManagerRegisterCommand(
"pcap-interrupt", UnixSocketPcapInterrupt, pcapcmd, 0);
1697 UnixManagerRegisterCommand(
"pcap-current", UnixSocketPcapCurrent, pcapcmd, 0);
1699 UnixManagerRegisterBackgroundTask(UnixSocketPcapFilesCheck, pcapcmd);