]>
git.ipfire.org Git - people/ms/suricata.git/blob - src/host-timeout.c
1 /* Copyright (C) 2007-2012 Open Information Security Foundation
3 * You can copy, redistribute or modify this Program under the terms of
4 * the GNU General Public License version 2 as published by the Free
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
12 * You should have received a copy of the GNU General Public License
13 * version 2 along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21 * \author Victor Julien <victor@inliniac.net>
24 #include "suricata-common.h"
27 #include "detect-engine-tag.h"
28 #include "detect-engine-threshold.h"
31 #include "host-timeout.h"
33 #include "reputation.h"
35 uint32_t HostGetSpareCount(void)
37 return HostSpareQueueGetSize();
40 uint32_t HostGetActiveCount(void)
42 return SC_ATOMIC_GET(host_counter
);
46 * \brief See if we can really discard this host. Check use_cnt reference.
51 * \retval 0 not timed out just yet
52 * \retval 1 fully timed out, lets kill it
54 static int HostHostTimedOut(Host
*h
, struct timeval
*ts
)
60 /** never prune a host that is used by a packet
61 * we are currently processing in one of the threads */
62 if (SC_ATOMIC_GET(h
->use_cnt
) > 0) {
67 if (SRepHostTimedOut(h
) == 0)
70 SCLogDebug("host %p reputation timed out", h
);
73 if (TagHostHasTag(h
) && TagTimeoutCheck(h
, ts
) == 0) {
76 if (ThresholdHostHasThreshold(h
) && ThresholdHostTimeoutCheck(h
, ts
) == 0) {
79 if (HostHasHostBits(h
) && HostBitsTimedoutCheck(h
, ts
) == 0) {
83 if (tags
|| thresholds
|| vars
)
86 SCLogDebug("host %p timed out", h
);
93 * \brief check all hosts in a hash row for timing out
95 * \param hb host hash row *LOCKED*
96 * \param h last host in the hash row
99 * \retval cnt timed out hosts
101 static uint32_t HostHashRowTimeout(HostHashRow
*hb
, Host
*h
, struct timeval
*ts
)
106 if (SCMutexTrylock(&h
->m
) != 0) {
111 Host
*next_host
= h
->hprev
;
113 /* check if the host is fully timed out and
114 * ready to be discarded. */
115 if (HostHostTimedOut(h
, ts
) == 1) {
116 /* remove from the hash */
117 if (h
->hprev
!= NULL
)
118 h
->hprev
->hnext
= h
->hnext
;
119 if (h
->hnext
!= NULL
)
120 h
->hnext
->hprev
= h
->hprev
;
131 /* no one is referring to this host, use_cnt 0, removed from hash
132 * so we can unlock it and move it back to the spare queue. */
133 SCMutexUnlock(&h
->m
);
135 /* move to spare list */
140 SCMutexUnlock(&h
->m
);
150 * \brief time out hosts from the hash
152 * \param ts timestamp
154 * \retval cnt number of timed out host
156 uint32_t HostTimeoutHash(struct timeval
*ts
)
161 for (idx
= 0; idx
< host_config
.hash_size
; idx
++) {
162 HostHashRow
*hb
= &host_hash
[idx
];
164 if (HRLOCK_TRYLOCK(hb
) != 0)
167 /* host hash bucket is now locked */
169 if (hb
->tail
== NULL
) {
174 /* we have a host, or more than one */
175 cnt
+= HostHashRowTimeout(hb
, hb
->tail
, ts
);