diff options
author | 2015-09-09 22:21:41 -0700 | |
---|---|---|
committer | 2015-09-09 22:21:41 -0700 | |
commit | 8879b125d26e8db1a5633de5a9c692eb2d1c4f83 (patch) | |
tree | c7259d85a991b83dfa85ab2e339360669fc1f58e /framework/src/suricata/src/source-af-packet.h | |
parent | 13d05bc8458758ee39cb829098241e89616717ee (diff) |
suricata checkin based on commit id a4bce14770beee46a537eda3c3f6e8e8565d5d0a
Change-Id: I9a214fa0ee95e58fc640e50bd604dac7f42db48f
Diffstat (limited to 'framework/src/suricata/src/source-af-packet.h')
-rw-r--r-- | framework/src/suricata/src/source-af-packet.h | 137 |
1 files changed, 137 insertions, 0 deletions
diff --git a/framework/src/suricata/src/source-af-packet.h b/framework/src/suricata/src/source-af-packet.h new file mode 100644 index 00000000..61f4e69e --- /dev/null +++ b/framework/src/suricata/src/source-af-packet.h @@ -0,0 +1,137 @@ +/* Copyright (C) 2011,2012 Open Information Security Foundation + * + * You can copy, redistribute or modify this Program under the terms of + * the GNU General Public License version 2 as published by the Free + * Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * version 2 along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +/** + * \file + * + * \author Eric Leblond <eric@regit.org> + */ + +#ifndef __SOURCE_AFP_H__ +#define __SOURCE_AFP_H__ + +#ifndef HAVE_PACKET_FANOUT /* not defined if linux/if_packet.h trying to force */ +#define HAVE_PACKET_FANOUT 1 + +#define PACKET_FANOUT 18 + +#define PACKET_FANOUT_HASH 0 +#define PACKET_FANOUT_LB 1 +#define PACKET_FANOUT_CPU 2 +#define PACKET_FANOUT_ROLLOVER 3 +#define PACKET_FANOUT_RND 4 +#define PACKET_FANOUT_QM 5 + +#define PACKET_FANOUT_FLAG_ROLLOVER 0x1000 +#define PACKET_FANOUT_FLAG_DEFRAG 0x8000 +#else /* HAVE_PACKET_FANOUT */ +#include <linux/if_packet.h> +#endif /* HAVE_PACKET_FANOUT */ +#include "queue.h" + +/* value for flags */ +#define AFP_RING_MODE (1<<0) +#define AFP_ZERO_COPY (1<<1) +#define AFP_SOCK_PROTECT (1<<2) +#define AFP_EMERGENCY_MODE (1<<3) + +#define AFP_COPY_MODE_NONE 0 +#define AFP_COPY_MODE_TAP 1 +#define AFP_COPY_MODE_IPS 2 + +#define AFP_FILE_MAX_PKTS 256 +#define AFP_IFACE_NAME_LENGTH 48 + +typedef struct AFPIfaceConfig_ +{ + char iface[AFP_IFACE_NAME_LENGTH]; + /* number of threads */ + int threads; + /* socket buffer size */ + int buffer_size; + /* ring size in number of packets */ + int ring_size; + /* cluster param */ + int cluster_id; + int cluster_type; + /* promisc mode */ + int promisc; + /* misc use flags including ring mode */ + int flags; + int copy_mode; + ChecksumValidationMode checksum_mode; + char *bpf_filter; + char *out_iface; + SC_ATOMIC_DECLARE(unsigned int, ref); + void (*DerefFunc)(void *); +} AFPIfaceConfig; + +/** + * \ingroup afppeers + * @{ + */ + +typedef struct AFPPeer_ { + char iface[AFP_IFACE_NAME_LENGTH]; + SC_ATOMIC_DECLARE(int, socket); + SC_ATOMIC_DECLARE(int, sock_usage); + SC_ATOMIC_DECLARE(int, if_idx); + SC_ATOMIC_DECLARE(uint8_t, state); + SCMutex sock_protect; + int flags; + int turn; /**< Field used to store initialisation order. */ + struct AFPPeer_ *peer; + TAILQ_ENTRY(AFPPeer_) next; +} AFPPeer; + +/** + * \brief per packet AF_PACKET vars + * + * This structure is used y the release data system and is cleaned + * up by the AFPV_CLEANUP macro below. + */ +typedef struct AFPPacketVars_ +{ + void *relptr; + int copy_mode; + AFPPeer *peer; /**< Sending peer for IPS/TAP mode */ + /** Pointer to ::AFPPeer used for capture. Field is used to be able + * to do reference counting. + */ + AFPPeer *mpeer; +} AFPPacketVars; + +#define AFPV_CLEANUP(afpv) do { \ + (afpv)->relptr = NULL; \ + (afpv)->copy_mode = 0; \ + (afpv)->peer = NULL; \ + (afpv)->mpeer = NULL; \ +} while(0) + +/** + * @} + */ + +void TmModuleReceiveAFPRegister (void); +void TmModuleDecodeAFPRegister (void); + +TmEcode AFPPeersListInit(); +TmEcode AFPPeersListCheck(); +void AFPPeersListClean(); + + +#endif /* __SOURCE_AFP_H__ */ |