af-packet: add variable to disable offloading detection

This flag adds variable to disable offloading detection. The effect
of the flag is to avoid to transmit auxiliary data at each packet.
This could result in a potential performance gain.

diff --git a/src/runmode-af-packet.c b/src/runmode-af-packet.c
index 165d478e39c23aeff5fc7d1c052ba68dbfcbf9dc..ce8803978011aa5c0bc37d0b5d3b46c3eac46bf8 100644 (file)
--- a/src/runmode-af-packet.c
+++ b/src/runmode-af-packet.c
@@ -108,7 +108,7 @@ void *ParseAFPConfig(const char *iface)
     char *tmpclusterid;
     char *tmpctype;
     intmax_t value;
-    int dispromisc;
+    int boolval;
 
     if (iface == NULL) {
         return NULL;
@@ -125,6 +125,7 @@ void *ParseAFPConfig(const char *iface)
     aconf->cluster_id = 1;
     aconf->cluster_type = PACKET_FANOUT_HASH;
     aconf->promisc = 1;
+    aconf->detect_offload = 1;
     aconf->DerefFunc = AFPDerefConfig;
 
     /* Find initial node */
@@ -197,12 +198,20 @@ void *ParseAFPConfig(const char *iface)
         aconf->buffer_size = 0;
     }
 
-    ConfGetChildValueBool(if_root, "disable-promisc", (int *)&dispromisc);
-    if (dispromisc) {
+    ConfGetChildValueBool(if_root, "disable-promisc", (int *)&boolval);
+    if (boolval) {
         SCLogInfo("Disabling promiscuous mode on iface %s",
                 aconf->iface);
         aconf->promisc = 0;
     }
+    ConfGetChildValueBool(if_root, "detect-offload", (int *)&boolval);
+    if (! boolval) {
+        SCLogInfo("Disabling checksum offloading detection for %s",
+                aconf->iface);
+        aconf->detect_offload = 0;
+    }
+
+
 
     return aconf;
 }

diff --git a/src/source-af-packet.c b/src/source-af-packet.c
index 5728f14c9bdf846e3505a809e3c1f1f20d803ea1..da3f4ea26c1729f6ec4cf559f3f49afc620f0521 100644 (file)
--- a/src/source-af-packet.c
+++ b/src/source-af-packet.c
@@ -160,6 +160,7 @@ typedef struct AFPThreadVars_
     /* socket buffer size */
     int buffer_size;
     int promisc;
+    int detect_offload;
 
     int cluster_id;
     int cluster_type;
@@ -522,13 +523,18 @@ static int AFPCreateSocket(AFPThreadVars *ptv, char *devname, int verbose)
         }
     }
 
-{ int    val = 1;
-    if (setsockopt(ptv->socket, SOL_PACKET, PACKET_AUXDATA, &val,
-                sizeof(val)) == -1 && errno != ENOPROTOOPT) {
-/* FIXME */
-        return -1;
+    if (ptv->detect_offload) {
+        int    val = 1;
+        if (setsockopt(ptv->socket, SOL_PACKET, PACKET_AUXDATA, &val,
+                    sizeof(val)) == -1 && errno != ENOPROTOOPT) {
+            SCLogError(SC_ERR_AFP_CREATE,
+                    "Couldn't active auxdata on iface %s, error %s",
+                    devname,
+                    strerror(errno));
+            close(ptv->socket);
+            return -1;
+        }
     }
-}
 
     /* set socket recv buffer size */
     if (ptv->buffer_size != 0) {
@@ -607,6 +613,7 @@ TmEcode ReceiveAFPThreadInit(ThreadVars *tv, void *initdata, void **data) {
     ptv->buffer_size = afpconfig->buffer_size;
 
     ptv->promisc = afpconfig->promisc;
+    ptv->detect_offload = afpconfig->detect_offload;
 
     ptv->threads = 1;
 #ifdef HAVE_PACKET_FANOUT

diff --git a/src/source-af-packet.h b/src/source-af-packet.h
index 93d3167509d2f37b9910ec7e3e3a876746cefc20..a5fadd3a31d51c0f082b982dfffb487a58f7f382 100644 (file)
--- a/src/source-af-packet.h
+++ b/src/source-af-packet.h
@@ -53,6 +53,8 @@ typedef struct AFPIfaceConfig_
     int cluster_type;
     /* promisc mode */
     int promisc;
+    /* no local packet */
+    int detect_offload;
     SC_ATOMIC_DECLARE(unsigned int, ref);
     void (*DerefFunc)(void *);
 } AFPIfaceConfig;

diff --git a/suricata.yaml b/suricata.yaml
index e197ea32a3e9ea3bde0102e6430ae250990aa450..6c1c93916186845e3d2f42d6264a9336aa0d9636 100644 (file)
--- a/suricata.yaml
+++ b/suricata.yaml
@@ -204,6 +204,9 @@ af-packet:
     # buffer-size: 32768
     # Set to yes to disable promiscuous mode
     # disable-promisc: no
+    # If your IDS do not treat any transmitted packets, you can set
+    # the following variable to no.
+    # detect-offload: yes
   - interface: eth1
     threads: 1
     cluster-id: 98