Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

af-packet: terminate on same iface and copyiface #9308

Closed
wants to merge 1 commit into from
Closed

af-packet: terminate on same iface and copyiface #9308

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions src/suricata.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1024,6 +1024,10 @@ static TmEcode ParseInterfacesList(const int runmode, char *pcap_dev)
SCLogError("No interface found in config for af-packet");
SCReturnInt(TM_ECODE_FAILED);
}
int retval = CheckAFPacketIPSDevs();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can this be checked in the af-packet files instead?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. As per your main suggestion since all of the other things done are invalid, it should all probably be there.

if (retval == -1) {
FatalError("af-packet IPS setting is incorrect");
}
}
#endif
#ifdef HAVE_AF_XDP
Expand Down
30 changes: 30 additions & 0 deletions src/util-device.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -271,6 +271,36 @@ const char *LiveGetShortName(const char *dev)
return live_dev->dev_short;
}

int CheckAFPacketIPSDevs(void)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why is this in util-device?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thought that since we're looping for ifaces and that kinda logic seemed to already be here in this file so this might be the right place.

{
ConfNode *base = ConfGetNode("af-packet");
ConfNode *child;

if (base == NULL)
return 0;

TAILQ_FOREACH (child, &base->head, next) {
ConfNode *subchild;
const char *iface = NULL, *copyiface = NULL;
TAILQ_FOREACH (subchild, &child->head, next) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't really understand what we're looping here?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From what I understand, each of the entries in a list item like

 - interface: wlp0s20f3
    threads: auto 
    cluster-id: 99
    cluster-type: cluster_flow
    defrag: yes
    copy-mode: ips
    copy-iface: eth2

if (!strcmp(subchild->name, "interface"))
iface = subchild->val;
if (!strcmp(subchild->name, "copy-iface"))
copyiface = subchild->val;
if (iface && copyiface && !strcmp(iface, copyiface)) {
SCLogError("af-packet interface and copy-iface cannot be the same");
return -1;
}
if (iface && copyiface) {
iface = NULL;
copyiface = NULL;
}
}
}

return 1;
}

int LiveBuildDeviceList(const char *runmode)
{
return LiveBuildDeviceListCustom(runmode, "interface");
Expand Down
1 change: 1 addition & 0 deletions src/util-device.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,7 @@ int LiveGetDeviceCount(void);
const char *LiveGetDeviceName(int number);
LiveDevice *LiveGetDevice(const char *dev);
const char *LiveGetShortName(const char *dev);
int CheckAFPacketIPSDevs(void);
int LiveBuildDeviceList(const char *base);
void LiveDeviceHasNoStats(void);
int LiveDeviceListClean(void);
Expand Down
Loading