source-af-packet.c File Reference
#include "suricata-common.h"#include "suricata.h"#include "packet.h"#include "decode.h"#include "packet-queue.h"#include "threads.h"#include "threadvars.h"#include "tm-queuehandlers.h"#include "tm-modules.h"#include "tm-threads.h"#include "tm-threads-common.h"#include "conf.h"#include "util-cpu.h"#include "util-datalink.h"#include "util-debug.h"#include "util-device.h"#include "util-ebpf.h"#include "util-error.h"#include "util-privs.h"#include "util-optimize.h"#include "util-checksum.h"#include "util-ioctl.h"#include "util-host-info.h"#include "tmqh-packetpool.h"#include "source-af-packet.h"#include "runmodes.h"#include "flow-storage.h"#include "util-validate.h"#include "action-globals.h"#include "util-bpf.h"
Include dependency graph for source-af-packet.c:
Go to the source code of this file.
Data Structures | |
| union | thdr |
| struct | AFPThreadVars_ |
| Structure to hold thread specific variables. More... | |
| union | AFPThreadVars_::AFPRing |
| union | AFPThreadVars_::AFPTpacketReq |
| struct | AFPPeersList_ |
Macros | |
| #define | SC_PCAP_DONT_INCLUDE_PCAP_H 1 |
| #define | AFP_IFACE_NAME_LENGTH 48 |
| #define | AFP_STATE_DOWN 0 |
| #define | AFP_STATE_UP 1 |
| #define | AFP_RECONNECT_TIMEOUT 500000 |
| #define | AFP_DOWN_COUNTER_INTERVAL 40 |
| #define | POLL_TIMEOUT 100 |
| #define | TP_STATUS_KERNEL 0 |
| #define | TP_STATUS_USER BIT_U32(0) |
| #define | TP_STATUS_COPY BIT_U32(1) |
| #define | TP_STATUS_LOSING BIT_U32(2) |
| #define | TP_STATUS_CSUMNOTREADY BIT_U32(3) |
| #define | TP_STATUS_VLAN_VALID BIT_U32(4) |
| #define | TP_STATUS_BLK_TMO BIT_U32(5) |
| #define | TP_STATUS_VLAN_TPID_VALID BIT_U32(6) |
| #define | TP_STATUS_CSUM_VALID BIT_U32(7) |
| #define | TP_STATUS_TS_SOFTWARE BIT_U32(29) |
| #define | TP_STATUS_TS_SYS_HARDWARE BIT_U32(30) /* kernel comment says: "deprecated, never set" */ |
| #define | TP_STATUS_TS_RAW_HARDWARE BIT_U32(31) |
| #define | TP_STATUS_USER_BUSY |
| #define | FRAME_BUSY(tp_status) (((uint32_t)(tp_status) & (uint32_t)TP_STATUS_USER_BUSY) == (uint32_t)TP_STATUS_USER_BUSY) |
| #define | AFP_PEERS_MAX_TRY 4 |
| #define | AFP_PEERS_WAIT 20000 |
Typedefs | |
| typedef struct AFPThreadVars_ | AFPThreadVars |
| Structure to hold thread specific variables. More... | |
| typedef struct AFPPeersList_ | AFPPeersList |
Enumerations | |
| enum | { AFP_READ_OK, AFP_READ_FAILURE, AFP_SURI_FAILURE, AFP_KERNEL_DROP } |
| enum | { AFP_FATAL_ERROR = 1, AFP_RECOVERABLE_ERROR } |
Functions | |
| void | TmModuleReceiveAFPRegister (void) |
| Registration Function for RecieveAFP. More... | |
| TmEcode | AFPPeersListInit (void) |
| Init the global list of AFPPeer. More... | |
| TmEcode | AFPPeersListCheck (void) |
| Check that all AFPPeer got a peer. More... | |
| void | AFPPeersListClean (void) |
| Clean the global peers list. More... | |
| void | TmModuleDecodeAFPRegister (void) |
| Registration Function for DecodeAFP. More... | |
| int | AFPGetLinkType (const char *ifname) |
| int | AFPIsFanoutSupported (uint16_t cluster_id) |
| test if we can use FANOUT. Older kernels like those in CentOS6 have HAVE_PACKET_FANOUT defined but fail to work More... | |
Variables | |
| uint32_t | max_pending_packets |
| AFPPeersList | peerslist |
Detailed Description
AF_PACKET socket acquisition support
Definition in file source-af-packet.c.
Macro Definition Documentation
◆ AFP_PEERS_MAX_TRY
| #define AFP_PEERS_MAX_TRY 4 |
◆ AFP_PEERS_WAIT
| #define AFP_PEERS_WAIT 20000 |
