set_if_true (STATIC_IPS_ACTIONS STATIC_IPS_ACTIONS)
set_if_true (STATIC_IPS_OPTIONS STATIC_IPS_OPTIONS)
set_if_true (STATIC_CODECS STATIC_CODECS)
-set_if_true (BUILD_SIDE_CHANNEL SIDE_CHANNEL)
set_if_true (ENABLE_VALGRIND VALGRIND_TESTING)
set_if_true (ENABLE_PPM PPM_MGR)
set_if_true (ENABLE_PPM_TEST PPM_TEST)
set_if_true (ENABLE_DEBUG DEBUG)
set_if_false (ENABLE_DEBUG NDEBUG)
set_if_false (ENABLE_COREFILES NOCOREFILE)
+set_if_true (BUILD_SHELL BUILD_SHELL)
+set_if_true (BUILD_SIDE_CHANNEL SIDE_CHANNEL)
set_if_true (BUILD_UNIT_TESTS UNIT_TEST)
set_if_true (BUILD_PIGLET PIGLET)
set_if_true (ENABLE_PROFILE PROFILE)
option (STATIC_IPS_ACTIONS "include internal ips actions in binary" ON)
option (STATIC_IPS_OPTIONS "include ips options in binary" ON)
option (STATIC_SEARCH_ENGINES "include search engines in binary" ON)
-option (BUILD_SIDE_CHANNEL "Enable the side channel (Linux only)" OFF)
option (ENABLE_STATIC_DAQ "Link static DAQ modules" ON)
option (ENABLE_VALGRIND "Only use if you are testing with valgrind" OFF)
option (ENABLE_PPM "Disable packet/rule performance monitor" OFF)
-option (ENABLE_PPM_TEST "Enable packet/rule performance monitor for readback" OFF)
option (ENABLE_PERFPROFILING "Disable preprocessor and rule performance profiling" OFF)
option (ENABLE_LINUX_SMP_STATS "Enable statistics reporting through proc" OFF)
option (ENABLE_PTHREAD "Disable pthread support" ON)
option (ENABLE_PROFILE "Enable profiling options (developers only)" OFF)
option (ENABLE_SHELL "enable shell support" OFF)
option (ENABLE_COREFILES "Prevent Snort from generating core files" ON)
-option (BUILD_HA "Enable high-availability state sharing" OFF)
option (ENABLE_INTEL_SOFT_CPM "Enable Intel Soft CPM support" OFF)
option (ENABLE_LARGE_PCAP "Enable support for pcaps larger than 2 GB" OFF)
+option (BUILD_SHELL "Build the command line shell" OFF)
option (BUILD_SIDE_CHANNEL "Build the side channel library" OFF)
option (BUILD_UNIT_TESTS "Build Snort++ unit tests" OFF)
option (BUILD_PIGLET "Build Piglet test harness" OFF)
# TODO: Either make a macro or a of platforms and loop over them.
-if (${CMAKE_SYSTEM_NAME} MATCHES "aix")
- set(AIX "1")
-endif ()
-
-if (${CMAKE_SYSTEM_NAME} MATCHES "bsdi")
- set(BSDI "1")
+if (${CMAKE_SYSTEM_NAME} MATCHES "openbsd")
+ set(OPENBSD "1")
endif ()
-if (${CMAKE_SYSTEM_NAME} MATCHES "freebsd")
- set(FREEBSD "1")
+if (${CMAKE_SYSTEM_NAME} MATCHES "solaris")
+ set(SOLARIS "1")
endif ()
-if (${CMAKE_SYSTEM_NAME} MATCHES "hpux")
- set(HPUX "1")
+if (${CMAKE_SYSTEM_NAME} MATCHES "sunos")
+ set(SUNOS "1")
endif ()
if (${CMAKE_SYSTEM_NAME} MATCHES "linux")
if("${CMAKE_SYSTEM_NAME}" MATCHES "Linux")
set(LINUX "1")
-endif("${CMAKE_SYSTEM_NAME}" MATCHES "Linux")
-
-if (${CMAKE_SYSTEM_NAME} MATCHES "openbsd")
- set(OPENBSD "1")
-endif ()
-
-if (${CMAKE_SYSTEM_NAME} MATCHES "osf")
- set(OSF1 "1")
-endif ()
-
-if (${CMAKE_SYSTEM_NAME} MATCHES "sgi-irix")
- set(IRIX "1")
-endif ()
-
-if (${CMAKE_SYSTEM_NAME} MATCHES "solaris")
- set(SOLARIS "1")
-endif ()
-
-if (${CMAKE_SYSTEM_NAME} MATCHES "sunos")
- set(SUNOS "1")
-endif ()
+endif()
-if (${CMAKE_SYSTEM_NAME} MATCHES "tru64")
- set(OSF1 "1")
+if (${CMAKE_SYSTEM_NAME} MATCHES "freebsd")
+ set(FREEBSD "1")
endif ()
# APPLE is defined by Cmake
set(CMAKE_MACOSX_RPATH OFF)
endif()
-
set (CMAKE_SKIP_RPATH ON)
AC_DEFINE(PPM_MGR, [1], [build ppm manager])
fi
-AC_ARG_ENABLE(ppm-test,
- AC_HELP_STRING([--enable-ppm-test],[enable packet/rule performance monitor for readback]),
- enable_ppm_test="$enableval", enable_ppm_test="no")
-
-if test "x$enable_ppm_test" = "xyes"; then
- AC_DEFINE(PPM_TEST, [1], [build ppm manager for readback])
-fi
-
AC_ARG_ENABLE(perf-profiling,
AC_HELP_STRING([--enable-perf-profiling],[enable module and rule performance profiling]),
enable_perf_profiling="$enableval", enable_perf_profiling="no")
--disable-static-ips-options do not include ips options in binary
--disable-static-search-engines do not include search engines in binary
--disable-static-codecs do not include codecs in binary
+ --disable-static-piglets do not include piglets in binary
--enable-valgrind Only use if you are testing with valgrind.
--enable-ppm Enable packet/rule performance monitor
- --enable-ppm-test Enable packet/rule performance monitor for readback
--enable-perf-profiling Enable preprocessor and rule performance profiling
+ --enable-shell enable command line shell support
--enable-linux-smp-stats Enable statistics reporting through proc
--enable-debug-msgs Enable debug printing options (bugreports and developers only)
+ --enable-large-pcap Enable support for pcaps larger than 2 GB
--enable-debug Enable debugging options (bugreports and developers only)
--enable-gdb Enable gdb debugging information
- --enable-profile Enable profiling options (developers only)
+ --enable-gprof-profile Enable gprof profiling options (developers only)
--disable-corefiles Prevent Snort from generating core files
- --enable-intel-soft-cpm Enable Intel Soft CPM support
--enable-unit-tests Build unit tests
--enable-piglet Build piglet test capability
- --enable-large-pcap Enable support for pcaps larger than 2 GB
--disable-static-daq Link static DAQ modules.
- --enable-shell enable command line shell support
Optional Packages:
--enable-static-search-engines)
append_cache_entry STATIC_SEARCH_ENGINES BOOL true
;;
+ --disable-static-piglets)
+ append_cache_entry STATIC_PIGLETS BOOL false
+ ;;
+ --enable-static-piglets)
+ append_cache_entry STATIC_PIGLETS BOOL true
+ ;;
--disable-side-channel)
append_cache_entry BUILD_SIDE_CHANNEL BOOL false
;;
--enable-ppm)
append_cache_entry ENABLE_PPM BOOL true
;;
- --disable-ppm-test)
- append_cache_entry ENABLE_PPM_TEST BOOL false
- ;;
- --enable-ppm-test)
- append_cache_entry ENABLE_PPM_TEST BOOL true
- ;;
--disable-perf-profiling)
append_cache_entry ENABLE_PERFPROFILING BOOL false
;;
--enable-gdb)
append_cache_entry ENABLE_GDB BOOL true
;;
- --disable-profile)
+ --disable-gprof-profile)
append_cache_entry ENABLE_PROFILE BOOL false
;;
- --enable-profile)
+ --enable-gprof-profile)
append_cache_entry ENABLE_PROFILE BOOL true
;;
--disable-debug)
--enable-debug)
append_cache_entry ENABLE_DEBUG BOOL true
;;
- --disable-ha)
- append_cache_entry BUILD_HA BOOL false
- ;;
- --enable-ha)
- append_cache_entry BUILD_HA BOOL true
- ;;
--disable-corefiles)
append_cache_entry ENABLE_COREFILES BOOL false
;;
--enable-large-pcap)
append_cache_entry ENABLE_LARGE_PCAP BOOL true
;;
- --disable-intel-soft-cpm)
- append_cache_entry ENABLE_INTEL_SOFT_CPM BOOL false
- ;;
- --enable-intel-soft-cpm)
- append_cache_entry ENABLE_INTEL_SOFT_CPM BOOL true
- ;;
--enable-shell)
append_cache_entry ENABLE_SHELL BOOL true
;;
#define PPM_DEFAULT_MAX_SUSP_SECS 60
#define PPM_DEFAULT_RULE_THRESHOLD 5
-PPM_TICKS ppm_tpu = 0; /* ticks per usec */
+PPM_TICKS ppm_tpu = 1; /* ticks per usec */
static ppm_stats_t g_ppm_stats;
/*
* calc ticks per micro-secs in integer units
+ * use usecs instead of ticks for rule suspension during pcap playback
*/
-static int ppm_calc_ticks(void)
+static PPM_TICKS ppm_calc_ticks(void)
{
+#ifndef REG_TEST
ppm_tpu = (PPM_TICKS)get_ticks_per_usec();
if ( ppm_tpu == 0 )
- {
- return -1;
- }
+#endif
+ ppm_tpu = 1;
- return 0;
+ return ppm_tpu;
}
void ppm_print_cfg(ppm_cfg_t* ppm_cfg)
LogMessage("Packet Performance Monitor Config:\n");
LogMessage(" ticks per usec : %lu ticks\n",(unsigned long)ppm_tpu);
- LogMessage(" max packet time : %lu usecs\n",(unsigned long)(ppm_cfg->max_pkt_ticks/
- ppm_tpu));
+ LogMessage(" max packet time : %lu usecs\n",
+ (unsigned long)(ppm_cfg->max_pkt_ticks/ppm_tpu));
+
LogMessage(" packet action : ");
+
if ( ppm_cfg->pkt_action )
LogMessage("fastpath-expensive-packets\n");
else
LogMessage("none\n");
+
LogMessage(" packet logging : ");
+
if (ppm_cfg->pkt_log&PPM_LOG_ALERT)
LogMessage("alert ");
+
if (ppm_cfg->pkt_log&PPM_LOG_MESSAGE)
LogMessage("log ");
+
if (!ppm_cfg->pkt_log)
LogMessage("none ");
+
LogMessage("\n");
}
LogMessage("Rule Performance Monitor Config:\n");
LogMessage(" ticks per usec : %lu ticks\n",(unsigned long)ppm_tpu);
- LogMessage(" max rule time : %lu usecs\n",(unsigned long)(ppm_cfg->max_rule_ticks/
- ppm_tpu));
+ LogMessage(" max rule time : %lu usecs\n",
+ (unsigned long)(ppm_cfg->max_rule_ticks/ ppm_tpu));
+
LogMessage(" rule action : ");
+
if ( ppm_cfg->rule_action )
{
LogMessage("suspend-expensive-rules\n");
else
LogMessage("none\n");
-#ifdef PPM_TEST
- /* use usecs instead of ticks for rule suspension during pcap playback */
- LogMessage(" suspend timeout : %lu secs\n", (unsigned long)(ppm_cfg->max_suspend_ticks/
- ((uint64_t)1000000)) );
-#else
LogMessage(" suspend timeout : %lu secs\n", (unsigned long)(ppm_cfg->max_suspend_ticks/
((uint64_t)ppm_tpu*1000000)) );
-#endif
+
LogMessage(" rule logging : ");
+
if (ppm_cfg->rule_log&PPM_LOG_ALERT)
LogMessage("alert ");
+
if (ppm_cfg->rule_log&PPM_LOG_MESSAGE)
LogMessage("log ");
+
if (!ppm_cfg->rule_log)
LogMessage("none ");
+
LogMessage("\n");
}
}
double ppm_ticks_to_usecs(PPM_TICKS ticks)
{
- if (ppm_tpu > 0)
- return (double)ticks / ppm_tpu;
-
- return 0.0;
+ return (double)ticks / ppm_tpu;
}
/*
void ppm_init(ppm_cfg_t* ppm_cfg)
{
/* calc ticks per usec */
- if (ppm_calc_ticks() == -1)
- return;
+ ppm_calc_ticks();
ppm_cfg->enabled = 1;
ppm_cfg->max_pkt_ticks = PPM_DEFAULT_MAX_PKT_TICKS;
ppm_cfg->max_rule_ticks = PPM_DEFAULT_MAX_RULE_TICKS;
- /* use usecs instead of ticks for rule suspension during pcap playback */
- ppm_cfg->max_suspend_ticks = (uint64_t)PPM_DEFAULT_MAX_SUSP_SECS * 1000000;
-#ifndef PPM_TEST
- ppm_cfg->max_suspend_ticks *= ppm_tpu;
-#endif
+ ppm_cfg->max_suspend_ticks = (uint64_t)PPM_DEFAULT_MAX_SUSP_SECS * 1000000 * ppm_tpu;
ppm_cfg->rule_threshold = PPM_DEFAULT_RULE_THRESHOLD;
}
void ppm_set_max_suspend_time(ppm_cfg_t* ppm_cfg, PPM_SECS secs)
{
- /* use usecs instead of ticks for rule suspension during pcap playback */
- ppm_cfg->max_suspend_ticks = (uint64_t)secs * 1000000;
-#ifndef PPM_TEST
+ ppm_cfg->max_suspend_ticks = (uint64_t)secs * 1000000 * ppm_tpu;
ppm_cfg->max_suspend_ticks *= ppm_tpu;
-#endif
}
void ppm_set_rule_threshold(ppm_cfg_t* ppm_cfg, unsigned int cnt)
#include "time/cpuclock.h"
#include "detection/detection_options.h"
-#define cputime get_clockticks
-
typedef uint64_t PPM_TICKS;
typedef uint64_t PPM_USECS;
typedef unsigned int PPM_SECS;
#define PPM_ACCUM_NC_RULE_TIME() \
ppm_stats.tot_nc_rule_time += ppm_rt->tot; \
ppm_stats.tot_nc_rules++;
+
#define PPM_ACCUM_PCRE_RULE_TIME() \
ppm_stats.tot_pcre_rule_time += ppm_rt->tot; \
ppm_stats.tot_pcre_rules++;
-#define PPM_GET_TIME() cputime(ppm_cur_time)
+
+#define PPM_GET_TIME() get_clockticks(ppm_cur_time)
+
#define PPM_PKT_RULE_TESTS() ppm_pt->rule_tests
#define PPM_PKT_PCRE_RULE_TESTS() ppm_pt->pcre_rule_tests
#define PPM_PKT_NC_RULE_TESTS() ppm_pt->nc_rule_tests
#define PPM_PRINT_PKT_TIME(a) LogMessage(a, ppm_ticks_to_usecs((PPM_TICKS)ppm_pt->tot) );
-#ifdef PPM_TEST
+#ifdef REG_TEST
// use usecs instead of ticks for rule suspension during pcap playback
#define PPM_RULE_TIME(p) ((p->pkth->ts.tv_sec * 1000000) + p->pkth->ts.tv_usec)
#else
} \
}
-#if 0 && defined(PPM_TEST)
-#define PPM_DBG_CSV(state, otn, when) \
- LogMessage( \
- "PPM, %u, %u, %s, " STDu64 "\n", \
- otn->sigInfo.generator, otn->sigInfo.id, state, when \
- )
-#else
-#define PPM_DBG_CSV(state, otn, when)
-#endif
-
// use PPM_GET_TIME; first to get the current time
#define PPM_RULE_TEST(root,p) \
if ( ppm_rt ) \
ppm_set_rule_event(snort_conf->ppm_cfg, root); \
(root_state)->enabled=false; \
(root_state)->ppm_suspend_time=PPM_RULE_TIME(p); \
- PPM_DBG_CSV("disabled", (root), (root)->ppm_suspend_time); \
} \
else \
{ \
(root_state)->ppm_suspend_time=0; \
(root_state)->enabled=true; \
ppm_clear_rule_event(snort_conf->ppm_cfg, root); \
- PPM_DBG_CSV("enabled", (root), now); \
- } \
- else \
- { \
- PPM_DBG_CSV("pending", (root), then-now); \
} \
}
projects / thirdparty / snort3.git / commitdiff
