runmodes.c File Reference

#include "suricata-common.h"
#include "detect.h"
#include "detect-engine.h"
#include "detect-engine-mpm.h"
#include "app-layer-parser.h"
#include "tm-threads.h"
#include "util-debug.h"
#include "util-time.h"
#include "util-cpu.h"
#include "util-byte.h"
#include "util-affinity.h"
#include "conf.h"
#include "queue.h"
#include "runmodes.h"
#include "util-unittest.h"
#include "util-misc.h"
#include "output.h"
#include "alert-fastlog.h"
#include "alert-prelude.h"
#include "alert-unified2-alert.h"
#include "alert-debuglog.h"
#include "log-httplog.h"
#include "source-pfring.h"
#include "tmqh-flow.h"
#include "flow-manager.h"
#include "flow-bypass.h"
#include "counters.h"

Include dependency graph for runmodes.c:

Go to the source code of this file.

Data Structures
struct	RunMode_
	Holds description for a runmode. More...
struct	RunModes_
struct	OutputFreeList_

Typedefs
typedef struct RunMode_	RunMode
	Holds description for a runmode. More...
typedef struct RunModes_	RunModes
typedef struct OutputFreeList_	OutputFreeList

Functions
char *	RunmodeGetActive (void)
const char *	RunModeGetMainMode (void)
void	RunModeRegisterRunModes (void)
	Register all runmodes in the engine. More...
void	RunModeListRunmodes (void)
	Lists all registered runmodes. More...
void	RunModeDispatch (int runmode, const char *custom_mode)
void	RunModeEnablesBypassManager (void)
int	RunModeNeedsBypassManager (void)
void	RunModeRegisterNewRunMode (int runmode, const char *name, const char *description, int(*RunModeFunc)(void))
	Registers a new runmode. More...
int	RunModeOutputFileEnabled (void)
int	RunModeOutputFiledataEnabled (void)
bool	IsRunModeOffline (int run_mode_to_check)
void	RunModeShutDown (void)
void	RunModeInitializeOutputs (void)
void	RunModeInitialize (void)

Variables
int	debuglog_enabled = 0
const char *	thread_name_autofp = "RX"
const char *	thread_name_single = "W"
const char *	thread_name_workers = "W"
const char *	thread_name_verdict = "TX"
const char *	thread_name_flow_mgr = "FM"
const char *	thread_name_flow_rec = "FR"
const char *	thread_name_unix_socket = "US"
const char *	thread_name_detect_loader = "DL"
const char *	thread_name_counter_stats = "CS"
const char *	thread_name_counter_wakeup = "CW"
float	threading_detect_ratio = 1

Detailed Description

Author

Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

Pre-cooked threading runmodes.

Definition in file runmodes.c.

Typedef Documentation

typedef struct OutputFreeList_ OutputFreeList

typedef struct RunMode_ RunMode

Holds description for a runmode.

typedef struct RunModes_ RunModes

Function Documentation

bool IsRunModeOffline

(

int

run_mode_to_check

)

bool indicating if run mode is offline

Definition at line 500 of file runmodes.c.

References RUNMODE_CONF_TEST, RUNMODE_ENGINE_ANALYSIS, RUNMODE_ERF_FILE, RUNMODE_PCAP_FILE, and RUNMODE_UNIX_SOCKET.

Referenced by ConfUnixSocketIsEnable(), RegisterAllModules(), and SCConfLogOpenGeneric().

Here is the caller graph for this function:

void RunModeDispatch	(	int	runmode,
		const char *	custom_mode
	)

Definition at line 282 of file runmodes.c.

References BypassedFlowManagerThreadSpawn(), ConfGet(), FlowManagerThreadSpawn(), FlowRecyclerThreadSpawn(), RUNMODE_AFP_DEV, RUNMODE_DAG, RUNMODE_ERF_FILE, RUNMODE_IPFW, RUNMODE_NAPATECH, RUNMODE_NETMAP, RUNMODE_NFLOG, RUNMODE_NFQ, RUNMODE_PCAP_DEV, RUNMODE_PCAP_FILE, RUNMODE_PFRING, RUNMODE_TILERA_MPIPE, RUNMODE_UNIX_SOCKET, RUNMODE_WINDIVERT, RunModeAFPGetDefaultMode(), RunModeErfDagGetDefaultMode(), RunModeErfFileGetDefaultMode(), RunModeFilePcapGetDefaultMode(), RunMode_::RunModeFunc, RunModeIdsGetDefaultMode(), RunModeIdsNflogGetDefaultMode(), RunModeIdsPfringGetDefaultMode(), RunModeIpsIPFWGetDefaultMode(), RunModeIpsNFQGetDefaultMode(), RunModeIpsWinDivertGetDefaultMode(), RunModeNapatechGetDefaultMode(), RunModeNeedsBypassManager(), RunModeNetmapGetDefaultMode(), RunModeTileMpipeGetDefaultMode(), RunModeUnixSocketGetDefaultMode(), SC_ERR_MEM_ALLOC, SC_ERR_RUNMODE, SC_ERR_UNKNOWN_RUN_MODE, SCFree, SCLogError, SCLogWarning, SCStrdup, StatsSpawnThreads(), TmqhFlowPrintAutofpHandler(), TmValidateQueueState(), and unlikely.

Referenced by main(), and RunModeUnixSocketGetDefaultMode().

Here is the call graph for this function:

Here is the caller graph for this function:

void RunModeEnablesBypassManager

(

void

)

Definition at line 405 of file runmodes.c.

Referenced by RunModeIdsAFPRegister().

Here is the caller graph for this function:

char* RunmodeGetActive

(

void

)

Return the running mode

The returned string must not be freed.

Returns

a string containing the current running mode

Definition at line 190 of file runmodes.c.

Referenced by NFQInitConfig(), NoNetmapSupportExit(), NoNFLOGSupportExit(), ReceivePfringThreadInit(), RunModeIdsAFPRegister(), and TmModuleDecodeIPFWRegister().

Here is the caller graph for this function:

const char* RunModeGetMainMode

(

void

)

Return the running mode

The returned string must not be freed.

Returns

a string containing the current running mode

Definition at line 202 of file runmodes.c.

References RunmodeGetCurrent().

Here is the call graph for this function:

void RunModeInitialize

(

void

)

Initialize multithreading settings.

Definition at line 912 of file runmodes.c.

References AffinitySetupLoadFromConfig(), ConfGetBool(), ConfGetFloat(), ConfGetNode(), FALSE, SCLogDebug, threading_set_cpu_affinity, TRUE, and WarnInvalidConfEntry.

Referenced by RunModeErfFileAutoFp(), RunModeErfFileSingle(), RunModeFilePcapAutoFp(), RunModeFilePcapSingle(), RunModeIdsAFPAutoFp(), RunModeIdsAFPSingle(), RunModeIdsAFPWorkers(), RunModeIdsErfDagAutoFp(), RunModeIdsErfDagSingle(), RunModeIdsErfDagWorkers(), RunModeIdsNetmapAutoFp(), RunModeIdsNetmapSingle(), RunModeIdsNetmapWorkers(), RunModeIdsNflogAutoFp(), RunModeIdsNflogSingle(), RunModeIdsNflogWorkers(), RunModeIdsPcapAutoFp(), RunModeIdsPcapSingle(), RunModeIdsPcapWorkers(), RunModeIdsPfringAutoFp(), RunModeIdsPfringSingle(), RunModeIdsPfringWorkers(), RunModeIpsIPFWAutoFp(), RunModeIpsIPFWWorker(), RunModeIpsNFQAutoFp(), RunModeIpsNFQWorker(), RunModeIpsWinDivertAutoFp(), RunModeNapatechRegister(), and RunModeTileMpipeRegister().

Here is the call graph for this function:

Here is the caller graph for this function:

void RunModeInitializeOutputs

(

void

)

Initialize the output modules.

Definition at line 723 of file runmodes.c.

References ALPROTO_MAX, AppLayerParserProtocolHasLogger(), AppLayerParserRegisterLoggerBits(), AppProtoToString(), OutputModule_::conf_name, ConfGetNode(), ConfNodeLookupChild(), ConfNodeLookupChildValue(), ConfValIsTrue(), OutputInitResult_::ctx, FatalError, FatalErrorOnInit, OutputModule_::InitFunc, OutputModule_::InitSubFunc, OutputModule_::name, next, OutputInitResult_::ok, output_modules, OutputGetModuleByConfName(), SC_ERR_CONF_YAML_ERROR, SC_ERR_INVALID_ARGUMENT, SC_ERR_NOT_SUPPORTED, SCLogDebug, SCLogInfo, SCLogWarning, TAILQ_FOREACH, and ConfNode_::val.

Referenced by PreRunPostPrivsDropInit().

Here is the call graph for this function:

Here is the caller graph for this function:

void RunModeListRunmodes

(

void

)

Lists all registered runmodes.

Definition at line 239 of file runmodes.c.

References RunMode_::description, RunMode_::name, RunMode_::runmode, RUNMODE_UNKNOWN, and RUNMODE_USER_MAX.

Referenced by PostRunDeinit().

Here is the caller graph for this function:

int RunModeNeedsBypassManager

(

void

)

Definition at line 410 of file runmodes.c.

Referenced by RunModeDispatch().

Here is the caller graph for this function:

int RunModeOutputFiledataEnabled

(

void

)

Definition at line 495 of file runmodes.c.

Referenced by FileTrackedSize().

Here is the caller graph for this function:

int RunModeOutputFileEnabled

(

void

)

Definition at line 490 of file runmodes.c.

Referenced by FileTrackedSize().

Here is the caller graph for this function:

void RunModeRegisterNewRunMode	(	int	runmode,
		const char *	name,
		const char *	description,
		int(*)(void)	RunModeFunc
	)

Registers a new runmode.

Parameters

runmode	Runmode type.
name	Custom mode for this specific runmode type. Within each runmode type, each custom name is a primary key.
description	Description for this runmode.
RunModeFunc	The function to be run for this runmode.

Definition at line 426 of file runmodes.c.

References ALPROTO_MAX, OutputCtx_::DeInit, RunMode_::description, OutputModule_::name, RunMode_::name, OutputFreeList_::output_ctx, OutputFreeList_::output_module, RunMode_::runmode, RunMode_::RunModeFunc, SC_ERR_MEM_ALLOC, SC_ERR_RUNMODE, SCFree, SCLogDebug, SCLogError, SCRealloc, SCStrdup, TAILQ_FIRST, TAILQ_REMOVE, and unlikely.

Referenced by RunModeErfDagRegister(), RunModeErfFileRegister(), RunModeFilePcapRegister(), RunModeIdsAFPRegister(), RunModeIdsNetmapRegister(), RunModeIdsNflogRegister(), RunModeIdsPcapRegister(), RunModeIdsPfringRegister(), RunModeIpsIPFWRegister(), RunModeIpsNFQRegister(), RunModeIpsWinDivertRegister(), RunModeNapatechRegister(), RunModeTileMpipeRegister(), RunModeUnixSocketRegister(), and UtRunModeRegister().

Here is the caller graph for this function:

void RunModeRegisterRunModes

(

void

)

Register all runmodes in the engine.

Definition at line 212 of file runmodes.c.

References RunModeErfDagRegister(), RunModeErfFileRegister(), RunModeFilePcapRegister(), RunModeIdsAFPRegister(), RunModeIdsNetmapRegister(), RunModeIdsNflogRegister(), RunModeIdsPcapRegister(), RunModeIdsPfringRegister(), RunModeIpsIPFWRegister(), RunModeIpsNFQRegister(), RunModeIpsWinDivertRegister(), RunModeNapatechRegister(), RunModeTileMpipeRegister(), RunModeUnixSocketRegister(), and UtRunModeRegister().

Referenced by main().

Here is the call graph for this function:

Here is the caller graph for this function:

void RunModeShutDown

(

void

)

Cleanup the run mode.

Definition at line 518 of file runmodes.c.

References OutputModule_::alproto, BUG_ON, OutputModule_::conf_name, ConfNodeLookupChild(), ConfNodeLookupChildValue(), ConfValIsTrue(), OutputInitResult_::ctx, debuglog_enabled, FatalError, FatalErrorOnInit, OutputModule_::FiledataLogFunc, OutputModule_::FileLogFunc, OutputModule_::FlowLogFunc, OutputModule_::InitSubFunc, LOGGER_ALERT_DEBUG, OutputModule_::logger_id, m, OutputModule_::name, next, OutputInitResult_::ok, OutputFreeList_::output_ctx, OutputFreeList_::output_module, output_modules, OutputFiledataShutdown(), OutputFileShutdown(), OutputFlowShutdown(), OutputGetModuleByConfName(), OutputPacketShutdown(), OutputRegisterFiledataLogger(), OutputRegisterFileLogger(), OutputRegisterFlowLogger(), OutputRegisterPacketLogger(), OutputRegisterStatsLogger(), OutputRegisterStreamingLogger(), OutputRegisterTxLogger(), OutputStatsShutdown(), OutputStreamingShutdown(), OutputTxShutdown(), OutputModule_::PacketConditionFunc, OutputModule_::PacketLogFunc, OutputModule_::parent_name, SC_ERR_INVALID_ARGUMENT, SC_WARN_RUST_NOT_AVAILABLE, SCCalloc, SCLogDebug, SCLogError, SCLogWarning, OutputModule_::StatsLogFunc, OutputModule_::stream_type, OutputModule_::StreamingLogFunc, TAILQ_FOREACH, TAILQ_INSERT_TAIL, OutputModule_::tc_log_progress, OutputModule_::ThreadDeinit, OutputModule_::ThreadExitPrintStats, OutputModule_::ThreadInit, OutputModule_::ts_log_progress, OutputModule_::TxLogCondition, OutputModule_::TxLogFunc, type, unlikely, and ConfNode_::val.

Referenced by PostRunDeinit().

Here is the call graph for this function:

Here is the caller graph for this function:

Variable Documentation

int debuglog_enabled = 0

Definition at line 58 of file runmodes.c.

Referenced by RunModeShutDown().

const char* thread_name_autofp = "RX"

Definition at line 61 of file runmodes.c.

Referenced by RunModeErfFileAutoFp(), RunModeFilePcapAutoFp(), RunModeIdsAFPAutoFp(), RunModeIdsErfDagAutoFp(), RunModeIdsNetmapAutoFp(), RunModeIdsNflogAutoFp(), RunModeIdsPcapAutoFp(), RunModeIdsPfringAutoFp(), RunModeNapatechRegister(), and RunModeSetIPSAutoFp().

const char* thread_name_counter_stats = "CS"

Definition at line 69 of file runmodes.c.

Referenced by StatsSpawnThreads().

const char* thread_name_counter_wakeup = "CW"

Definition at line 70 of file runmodes.c.

Referenced by StatsSpawnThreads().

const char* thread_name_detect_loader = "DL"

Definition at line 68 of file runmodes.c.

Referenced by DetectLoaderThreadSpawn().

const char* thread_name_flow_mgr = "FM"

Definition at line 65 of file runmodes.c.

Referenced by FlowDisableFlowManagerThread(), and FlowManagerThreadSpawn().

const char* thread_name_flow_rec = "FR"

Definition at line 66 of file runmodes.c.

Referenced by FlowDisableFlowRecyclerThread(), and FlowRecyclerThreadSpawn().

const char* thread_name_single = "W"

Definition at line 62 of file runmodes.c.

Referenced by RunModeErfFileSingle(), RunModeFilePcapSingle(), RunModeIdsAFPSingle(), RunModeIdsErfDagSingle(), RunModeIdsNetmapSingle(), RunModeIdsNflogSingle(), RunModeIdsPcapSingle(), and RunModeIdsPfringSingle().

const char* thread_name_unix_socket = "US"

Definition at line 67 of file runmodes.c.

const char* thread_name_verdict = "TX"

Definition at line 64 of file runmodes.c.

Referenced by RunModeSetIPSAutoFp().

const char* thread_name_workers = "W"

Definition at line 63 of file runmodes.c.

Referenced by RunModeErfFileAutoFp(), RunModeFilePcapAutoFp(), RunModeIdsAFPWorkers(), RunModeIdsErfDagWorkers(), RunModeIdsNetmapWorkers(), RunModeIdsNflogWorkers(), RunModeIdsPcapWorkers(), RunModeIdsPfringWorkers(), RunModeNapatechRegister(), RunModeSetIPSAutoFp(), RunModeSetIPSWorker(), RunModeSetLiveCaptureAutoFp(), and RunModeTileMpipeRegister().

float threading_detect_ratio = 1

Definition at line 907 of file runmodes.c.

Referenced by RunModeErfFileAutoFp(), RunModeFilePcapAutoFp(), RunModeSetIPSAutoFp(), and RunModeSetLiveCaptureAutoFp().