char *tmpclusterid;
char *tmpctype;
intmax_t value;
+ int dispromisc;
if (aconf == NULL) {
return NULL;
aconf->buffer_size = 0;
aconf->cluster_id = 1;
aconf->cluster_type = PACKET_FANOUT_HASH;
+ aconf->promisc = 1;
/* Find initial node */
af_packet_node = ConfGetNode("af-packet");
aconf->buffer_size = 0;
}
+ ConfGetChildValueBool(if_root, "disable-promisc", (int *)&dispromisc);
+ if (dispromisc) {
+ SCLogInfo("Disabling promiscuous mode on iface %s",
+ aconf->iface);
+ aconf->promisc = 0;
+ }
+
return aconf;
}
/* socket buffer size */
int buffer_size;
+ int promisc;
int cluster_id;
int cluster_type;
close(ptv->socket);
return -1;
}
- /* Force promiscuous mode */
- memset(&sock_params, 0, sizeof(sock_params));
- sock_params.mr_type = PACKET_MR_PROMISC;
- sock_params.mr_ifindex = bind_address.sll_ifindex;
- r = setsockopt(ptv->socket, SOL_PACKET, PACKET_ADD_MEMBERSHIP,(void *)&sock_params, sizeof(sock_params));
- if (r < 0) {
- SCLogError(SC_ERR_AFP_CREATE,
- "Couldn't switch iface %s to promiscuous, error %s",
- devname,
- strerror(errno));
- close(ptv->socket);
- return -1;
+ if (ptv->promisc != 0) {
+ /* Force promiscuous mode */
+ memset(&sock_params, 0, sizeof(sock_params));
+ sock_params.mr_type = PACKET_MR_PROMISC;
+ sock_params.mr_ifindex = bind_address.sll_ifindex;
+ r = setsockopt(ptv->socket, SOL_PACKET, PACKET_ADD_MEMBERSHIP,(void *)&sock_params, sizeof(sock_params));
+ if (r < 0) {
+ SCLogError(SC_ERR_AFP_CREATE,
+ "Couldn't switch iface %s to promiscuous, error %s",
+ devname,
+ strerror(errno));
+ close(ptv->socket);
+ return -1;
+ }
}
/* set socket recv buffer size */
if (ptv->buffer_size != 0) {
ptv->buffer_size = afpconfig->buffer_size;
+ ptv->promisc = afpconfig->promisc;
+
ptv->threads = 1;
#ifdef HAVE_PACKET_FANOUT
ptv->cluster_type = PACKET_FANOUT_LB;
projects / people / ms / suricata.git / commitdiff
