#include "suricata-common.h"#include "detect.h"#include "detect-engine.h"#include "detect-engine-mpm.h"#include "app-layer-parser.h"#include "tm-threads.h"#include "util-debug.h"#include "util-time.h"#include "util-cpu.h"#include "util-byte.h"#include "util-affinity.h"#include "conf.h"#include "queue.h"#include "runmodes.h"#include "util-unittest.h"#include "util-misc.h"#include "util-plugin.h"#include "output.h"#include "alert-fastlog.h"#include "alert-debuglog.h"#include "log-httplog.h"#include "source-pfring.h"#include "tmqh-flow.h"#include "flow-manager.h"#include "flow-bypass.h"#include "counters.h"#include "suricata-plugin.h"
Go to the source code of this file.
Data Structures | |
| struct | RunMode_ |
| Holds description for a runmode. More... | |
| struct | RunModes_ |
| struct | OutputFreeList_ |
Typedefs | |
| typedef struct RunMode_ | RunMode |
| Holds description for a runmode. More... | |
| typedef struct RunModes_ | RunModes |
| typedef struct OutputFreeList_ | OutputFreeList |
Functions | |
| char * | RunmodeGetActive (void) |
| const char * | RunModeGetMainMode (void) |
| void | RunModeRegisterRunModes (void) |
| Register all runmodes in the engine. More... | |
| void | RunModeListRunmodes (void) |
| Lists all registered runmodes. More... | |
| void | RunModeDispatch (int runmode, const char *custom_mode, const char *capture_plugin_name, const char *capture_plugin_args) |
| void | RunModeEnablesBypassManager (void) |
| int | RunModeNeedsBypassManager (void) |
| void | RunModeRegisterNewRunMode (enum RunModes runmode, const char *name, const char *description, int(*RunModeFunc)(void)) |
| Registers a new runmode. More... | |
| int | RunModeOutputFileEnabled (void) |
| int | RunModeOutputFiledataEnabled (void) |
| bool | IsRunModeSystem (enum RunModes run_mode_to_check) |
| bool | IsRunModeOffline (enum RunModes run_mode_to_check) |
| void | RunModeShutDown (void) |
| void | RunModeInitializeOutputs (void) |
| void | RunModeInitialize (void) |
Variables | |
| int | debuglog_enabled = 0 |
| int | threading_set_cpu_affinity = FALSE |
| uint64_t | threading_set_stack_size = 0 |
| const char * | thread_name_autofp = "RX" |
| const char * | thread_name_single = "W" |
| const char * | thread_name_workers = "W" |
| const char * | thread_name_verdict = "TX" |
| const char * | thread_name_flow_mgr = "FM" |
| const char * | thread_name_flow_rec = "FR" |
| const char * | thread_name_flow_bypass = "FB" |
| const char * | thread_name_unix_socket = "US" |
| const char * | thread_name_detect_loader = "DL" |
| const char * | thread_name_counter_stats = "CS" |
| const char * | thread_name_counter_wakeup = "CW" |
| float | threading_detect_ratio = 1 |
Detailed Description
Pre-cooked threading runmodes.
Definition in file runmodes.c.
Typedef Documentation
◆ OutputFreeList
| typedef struct OutputFreeList_ OutputFreeList |
◆ RunMode
◆ RunModes
Function Documentation
◆ IsRunModeOffline()
| bool IsRunModeOffline | ( | enum RunModes | run_mode_to_check | ) |
bool indicating if run mode is offline
Definition at line 531 of file runmodes.c.
References RUNMODE_CONF_TEST, RUNMODE_ENGINE_ANALYSIS, RUNMODE_ERF_FILE, RUNMODE_PCAP_FILE, and RUNMODE_UNIX_SOCKET.
Referenced by ConfUnixSocketIsEnable().
◆ IsRunModeSystem()
| bool IsRunModeSystem | ( | enum RunModes | run_mode_to_check | ) |
Definition at line 518 of file runmodes.c.
References RUNMODE_ENGINE_ANALYSIS, RUNMODE_ERF_FILE, and RUNMODE_PCAP_FILE.
◆ RunModeDispatch()
| void RunModeDispatch | ( | int | runmode, |
| const char * | custom_mode, | ||
| const char * | capture_plugin_name, | ||
| const char * | capture_plugin_args | ||
| ) |
Definition at line 291 of file runmodes.c.
References ConfGet(), FatalError, SCCapturePlugin_::GetDefaultMode, RUNMODE_AFP_DEV, RUNMODE_DAG, RUNMODE_DPDK, RUNMODE_ERF_FILE, RUNMODE_IPFW, RUNMODE_NAPATECH, RUNMODE_NETMAP, RUNMODE_NFLOG, RUNMODE_NFQ, RUNMODE_PCAP_DEV, RUNMODE_PCAP_FILE, RUNMODE_PFRING, RUNMODE_PLUGIN, RUNMODE_UNIX_SOCKET, RUNMODE_WINDIVERT, RunModeAFPGetDefaultMode(), RunModeDpdkGetDefaultMode(), RunModeErfDagGetDefaultMode(), RunModeErfFileGetDefaultMode(), RunModeFilePcapGetDefaultMode(), RunModeIdsGetDefaultMode(), RunModeIdsNflogGetDefaultMode(), RunModeIdsPfringGetDefaultMode(), RunModeIpsIPFWGetDefaultMode(), RunModeIpsNFQGetDefaultMode(), RunModeIpsWinDivertGetDefaultMode(), RunModeNapatechGetDefaultMode(), RunModeNetmapGetDefaultMode(), RunModeUnixSocketGetDefaultMode(), SC_ERR_FATAL, SC_ERR_PLUGIN, SC_ERR_RUNMODE, SCLogWarning, SCPluginFindCaptureByName(), SCStrdup, and unlikely.
◆ RunModeEnablesBypassManager()
| void RunModeEnablesBypassManager | ( | void | ) |
Definition at line 425 of file runmodes.c.
◆ RunmodeGetActive()
| char* RunmodeGetActive | ( | void | ) |
Return the running mode
The returned string must not be freed.
- Returns
- a string containing the current running mode
Definition at line 199 of file runmodes.c.
◆ RunModeGetMainMode()
| const char* RunModeGetMainMode | ( | void | ) |
Return the running mode
The returned string must not be freed.
- Returns
- a string containing the current running mode
Definition at line 211 of file runmodes.c.
References RunmodeGetCurrent().
◆ RunModeInitialize()
| void RunModeInitialize | ( | void | ) |
Initialize multithreading settings.
Definition at line 932 of file runmodes.c.
References AffinitySetupLoadFromConfig(), ConfGetBool(), ConfGetFloat(), ConfGetNode(), ConfGetValue(), FALSE, FatalError, ParseSizeStringU64(), SC_ERR_INVALID_ARGUMENT, SCLogDebug, threading_detect_ratio, threading_set_cpu_affinity, threading_set_stack_size, TRUE, and WarnInvalidConfEntry.
Referenced by RunModeErfFileAutoFp(), RunModeErfFileSingle(), RunModeFilePcapAutoFp(), RunModeFilePcapSingle(), RunModeIdsAFPAutoFp(), RunModeIdsAFPSingle(), RunModeIdsAFPWorkers(), RunModeIdsDpdkWorkers(), RunModeIdsErfDagAutoFp(), RunModeIdsErfDagSingle(), RunModeIdsErfDagWorkers(), RunModeIdsNflogAutoFp(), RunModeIdsNflogSingle(), RunModeIdsNflogWorkers(), RunModeIdsPcapAutoFp(), RunModeIdsPcapSingle(), RunModeIdsPcapWorkers(), RunModeIdsPfringAutoFp(), RunModeIdsPfringSingle(), RunModeIdsPfringWorkers(), RunModeIpsIPFWAutoFp(), RunModeIpsIPFWWorker(), RunModeIpsNFQAutoFp(), RunModeIpsNFQWorker(), and RunModeIpsWinDivertAutoFp().
◆ RunModeInitializeOutputs()
| void RunModeInitializeOutputs | ( | void | ) |
Initialize the output modules.
Definition at line 749 of file runmodes.c.
References ConfGetNode().
Referenced by PreRunPostPrivsDropInit().
◆ RunModeListRunmodes()
| void RunModeListRunmodes | ( | void | ) |
Lists all registered runmodes.
Definition at line 248 of file runmodes.c.
References RUNMODE_UNKNOWN, and RUNMODE_USER_MAX.
◆ RunModeNeedsBypassManager()
| int RunModeNeedsBypassManager | ( | void | ) |
Definition at line 430 of file runmodes.c.
◆ RunModeOutputFiledataEnabled()
| int RunModeOutputFiledataEnabled | ( | void | ) |
Definition at line 513 of file runmodes.c.
◆ RunModeOutputFileEnabled()
| int RunModeOutputFileEnabled | ( | void | ) |
Definition at line 508 of file runmodes.c.
◆ RunModeRegisterNewRunMode()
| void RunModeRegisterNewRunMode | ( | enum RunModes | runmode, |
| const char * | name, | ||
| const char * | description, | ||
| int(*)(void) | RunModeFunc | ||
| ) |
Registers a new runmode.
- Parameters
-
runmode Runmode type. name Custom mode for this specific runmode type. Within each runmode type, each custom name is a primary key. description Description for this runmode. RunModeFunc The function to be run for this runmode.
Definition at line 446 of file runmodes.c.
Referenced by RunModeDpdkRegister(), RunModeErfDagRegister(), RunModeErfFileRegister(), RunModeFilePcapRegister(), RunModeIdsAFPRegister(), RunModeIdsNetmapRegister(), RunModeIdsNflogRegister(), RunModeIdsPcapRegister(), RunModeIdsPfringRegister(), RunModeIpsIPFWRegister(), RunModeIpsNFQRegister(), RunModeIpsWinDivertRegister(), RunModeNapatechRegister(), RunModeUnixSocketRegister(), and UtRunModeRegister().
◆ RunModeRegisterRunModes()
| void RunModeRegisterRunModes | ( | void | ) |
Register all runmodes in the engine.
Definition at line 221 of file runmodes.c.
Referenced by InitGlobal().
◆ RunModeShutDown()
| void RunModeShutDown | ( | void | ) |
Cleanup the run mode.
Definition at line 549 of file runmodes.c.
Variable Documentation
◆ debuglog_enabled
| int debuglog_enabled = 0 |
Definition at line 59 of file runmodes.c.
◆ thread_name_autofp
| const char* thread_name_autofp = "RX" |
Definition at line 64 of file runmodes.c.
Referenced by RunModeErfFileAutoFp(), RunModeFilePcapAutoFp(), RunModeIdsNflogAutoFp(), RunModeSetIPSAutoFp(), and TmThreadWaitOnThreadInit().
◆ thread_name_counter_stats
| const char* thread_name_counter_stats = "CS" |
Definition at line 73 of file runmodes.c.
◆ thread_name_counter_wakeup
| const char* thread_name_counter_wakeup = "CW" |
Definition at line 74 of file runmodes.c.
◆ thread_name_detect_loader
| const char* thread_name_detect_loader = "DL" |
Definition at line 72 of file runmodes.c.
◆ thread_name_flow_bypass
| const char* thread_name_flow_bypass = "FB" |
Definition at line 70 of file runmodes.c.
Referenced by BypassedFlowManagerThreadSpawn().
◆ thread_name_flow_mgr
| const char* thread_name_flow_mgr = "FM" |
Definition at line 68 of file runmodes.c.
Referenced by FlowDisableFlowManagerThread(), and TmThreadWaitOnThreadInit().
◆ thread_name_flow_rec
| const char* thread_name_flow_rec = "FR" |
Definition at line 69 of file runmodes.c.
Referenced by TmThreadWaitOnThreadInit().
◆ thread_name_single
| const char* thread_name_single = "W" |
Definition at line 65 of file runmodes.c.
Referenced by RunModeErfFileSingle(), RunModeFilePcapSingle(), and RunModeIdsNflogSingle().
◆ thread_name_unix_socket
| const char* thread_name_unix_socket = "US" |
Definition at line 71 of file runmodes.c.
◆ thread_name_verdict
| const char* thread_name_verdict = "TX" |
Definition at line 67 of file runmodes.c.
Referenced by RunModeSetIPSAutoFp(), and TmThreadWaitOnThreadInit().
◆ thread_name_workers
| const char* thread_name_workers = "W" |
Definition at line 66 of file runmodes.c.
Referenced by RunModeErfFileAutoFp(), RunModeFilePcapAutoFp(), RunModeIdsDpdkWorkers(), RunModeIdsNflogWorkers(), RunModeSetIPSAutoFp(), RunModeSetIPSWorker(), RunModeSetLiveCaptureAutoFp(), and TmThreadWaitOnThreadInit().
◆ threading_detect_ratio
| float threading_detect_ratio = 1 |
Definition at line 927 of file runmodes.c.
Referenced by RunModeErfFileAutoFp(), RunModeFilePcapAutoFp(), RunModeInitialize(), and TmThreadsGetWorkerThreadMax().
◆ threading_set_cpu_affinity
| int threading_set_cpu_affinity = FALSE |
Definition at line 60 of file runmodes.c.
Referenced by RunModeErfFileAutoFp(), RunModeInitialize(), and TmThreadSetCPU().
◆ threading_set_stack_size
| uint64_t threading_set_stack_size = 0 |
Definition at line 61 of file runmodes.c.
Referenced by RunModeInitialize(), and TmThreadSpawn().
