#define FLATBUFFERS_ENUM
#endif
+#include <lua.hpp>
+
#include "perf_module.h"
+#include "perf_monitor.h"
#include "log/messages.h"
+#include "main/analyzer_command.h"
#include "main/snort.h"
#include "managers/module_manager.h"
{ nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr }
};
+class PerfMonFlowIPDebug : public AnalyzerCommand
+{
+public:
+ PerfMonFlowIPDebug(PerfMonitorConstraints*);
+ bool execute(Analyzer&, void**) override;
+ const char* stringify() override { return "FLOW_IP_PROFILING"; }
+private:
+ bool enable = false;
+ PerfMonitorConstraints constraints = { };
+};
+
+static const Parameter flow_ip_profiling_params[] =
+{
+ { "time", Parameter::PT_INT, nullptr, nullptr, "sample interval" },
+
+ { "pkts", Parameter::PT_INT, nullptr, nullptr, "number of packets" },
+
+ { nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr }
+};
+
+PerfMonFlowIPDebug::PerfMonFlowIPDebug(PerfMonitorConstraints* cs)
+{
+ if (cs)
+ {
+ constraints = *cs;
+ enable = true;
+ } else {
+ enable = false;
+ }
+}
+
+bool PerfMonFlowIPDebug::execute(Analyzer&, void**)
+{
+ PerfMonitor* perf_monitor = (PerfMonitor*)InspectorManager::get_inspector(PERF_NAME, true);
+
+ if (!perf_monitor)
+ return false;
+
+ if (enable)
+ perf_monitor->enable_profiling(&constraints);
+ else
+ perf_monitor->disable_profiling();
+
+ return true;
+}
+
+static int enable_flow_ip_profiling(lua_State* L)
+{
+ PerfMonitorConstraints constraints;
+
+ constraints.sample_interval = luaL_optint(L, 1, 0);
+ constraints.packet_count = luaL_optint(L, 2, 0);
+
+ LogMessage("Enabling flow ip profiling with sample interval %d packet count %d\n",
+ constraints.sample_interval, constraints.packet_count);
+
+ main_broadcast_command(new PerfMonFlowIPDebug(&constraints), true);
+ return 0;
+}
+
+static int disable_flow_ip_profiling(lua_State*)
+{
+ LogMessage("Disabling flow ip profiling\n");
+ main_broadcast_command(new PerfMonFlowIPDebug(nullptr), true);
+ return 0;
+}
+
+static int show_flow_ip_profiling(lua_State*)
+{
+ bool status = false;
+
+ PerfMonitor* perf_monitor = (PerfMonitor*)InspectorManager::get_inspector(PERF_NAME, true);
+
+ if (perf_monitor)
+ status = perf_monitor->get_config_flags() & PERF_FLOWIP;
+
+ LogMessage("Snort flow ip profiling is %s\n", status ? "enabled" : "disabled");
+
+ return 0;
+}
+
+static const Command perf_module_cmds[] =
+{
+ {"enable_flow_ip_profiling", enable_flow_ip_profiling, flow_ip_profiling_params, "enable flow ip profiling"},
+ {"disable_flow_ip_profiling", disable_flow_ip_profiling, nullptr, "disable flow ip profiling"},
+ {"show_flow_ip_profiling", show_flow_ip_profiling, nullptr, "show flow ip profiling status"},
+ {nullptr, nullptr, nullptr, nullptr}
+};
+
//-------------------------------------------------------------------------
// perf attributes
//-------------------------------------------------------------------------
PegCount* PerfMonModule::get_counts() const
{ return (PegCount*)&pmstats; }
+const Command* PerfMonModule::get_commands() const
+{ return perf_module_cmds; }
+
void ModuleConfig::set_name(const std::string& name)
{ this->name = name; }
PerfMonModule();
~PerfMonModule() override;
+ const snort::Command* get_commands() const override;
bool set(const char*, snort::Value&, snort::SnortConfig*) override;
bool begin(const char*, int, snort::SnortConfig*) override;
bool end(const char*, int, snort::SnortConfig*) override;
#include "framework/data_bus.h"
#include "hash/xhash.h"
#include "log/messages.h"
-#include "managers/inspector_manager.h"
#include "profiler/profiler.h"
#include "protocols/packet.h"
-#include "base_tracker.h"
-#include "cpu_tracker.h"
-#include "flow_ip_tracker.h"
-#include "flow_tracker.h"
#include "perf_module.h"
-
+#include "perf_monitor.h"
#ifdef UNIT_TEST
#include "catch/snort_catch.h"
// class stuff
//-------------------------------------------------------------------------
-class FlowIPDataHandler;
-class PerfMonitor : public Inspector
-{
-public:
- PerfMonitor(PerfConfig*);
- ~PerfMonitor() override { delete config;}
-
- bool configure(SnortConfig*) override;
- void show(SnortConfig*) override;
-
- void eval(Packet*) override;
- bool ready_to_process(Packet* p);
-
- void tinit() override;
- void tterm() override;
-
- void rotate();
-
- FlowIPTracker* get_flow_ip();
-
-private:
- PerfConfig* const config;
- void disable_tracker(size_t);
-};
-
class PerfIdleHandler : public DataHandler
{
public:
PerfMonitor& perf_monitor;
};
-PerfMonitor::PerfMonitor(PerfConfig* pcfg) : config(pcfg)
+PerfMonitor::PerfMonitor(PerfConfig* pcfg) : config(pcfg), flow_ip_data_handler(nullptr)
{ assert (config != nullptr); }
void PerfMonitor::show(SnortConfig*)
new PerfRotateHandler(*this, sc);
if ( config->perf_flags & PERF_FLOWIP )
- new FlowIPDataHandler(*this, sc);
+ flow_ip_data_handler = new FlowIPDataHandler(*this, sc);
return config->resolve();
}
disable_tracker(i--);
}
+void PerfMonitor::enable_profiling(PerfMonitorConstraints* constraints)
+{
+ if (flow_ip_data_handler == nullptr)
+ {
+ flow_ip_data_handler = new FlowIPDataHandler(*this, SnortConfig::get_conf());
+ } else {
+ if (flow_ip_tracker)
+ return;
+ }
+
+ config->perf_flags |= PERF_FLOWIP;
+ config->sample_interval = constraints->sample_interval;
+ config->pkt_cnt = constraints->packet_count;
+
+ flow_ip_tracker = new FlowIPTracker(config);
+ trackers->emplace_back(flow_ip_tracker);
+
+ for (unsigned i = 0; i < trackers->size(); i++)
+ {
+ if (trackers->at(i) == flow_ip_tracker)
+ {
+ if (!(*trackers)[i]->open(true))
+ disable_tracker(i);
+ flow_ip_tracker->reset();
+ break;
+ }
+ }
+}
+
+void PerfMonitor::disable_profiling()
+{
+ config->perf_flags &= ~PERF_FLOWIP;
+
+ if (flow_ip_tracker)
+ {
+ for (unsigned i = 0; i < trackers->size(); i++)
+ {
+ if (trackers->at(i) == flow_ip_tracker)
+ {
+ disable_tracker(i);
+ break;
+ }
+ }
+ flow_ip_tracker = nullptr;
+ }
+
+ if (flow_ip_data_handler)
+ {
+ DataBus::unsubscribe_global(FLOW_STATE_EVENT, flow_ip_data_handler, SnortConfig::get_conf());
+ delete flow_ip_data_handler;
+ flow_ip_data_handler = nullptr;
+ }
+}
+
void PerfMonitor::eval(Packet* p)
{
Profile profile(perfmonStats);
--- /dev/null
+//--------------------------------------------------------------------------
+// Copyright (C) 2020-2020 Cisco and/or its affiliates. All rights reserved.
+//
+// This program is free software; you can redistribute it and/or modify it
+// under the terms of the GNU General Public License Version 2 as published
+// by the Free Software Foundation. You may not use, modify or distribute
+// this program under any other version of the GNU General Public License.
+//
+// This program is distributed in the hope that it will be useful, but
+// WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+// General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+//--------------------------------------------------------------------------
+
+// perf_monitor.h author Puneeth Kumar C V <puneetku@cisco.com>
+
+#ifndef PERF_MONITOR_H
+#define PERF_MONITOR_H
+
+#include "managers/inspector_manager.h"
+#include "protocols/packet.h"
+
+#include "base_tracker.h"
+#include "cpu_tracker.h"
+#include "flow_ip_tracker.h"
+#include "flow_tracker.h"
+
+class FlowIPDataHandler;
+
+struct PerfMonitorConstraints
+{
+ uint32_t sample_interval;
+ uint32_t packet_count;
+};
+
+class PerfMonitor : public snort::Inspector
+{
+public:
+ PerfMonitor(PerfConfig*);
+ ~PerfMonitor() override { delete config;}
+
+ bool configure(snort::SnortConfig*) override;
+ void show(snort::SnortConfig*) override;
+
+ void eval(snort::Packet*) override;
+ bool ready_to_process(snort::Packet* p);
+
+ void tinit() override;
+ void tterm() override;
+
+ void rotate();
+
+ void enable_profiling(PerfMonitorConstraints*);
+ void disable_profiling();
+
+ inline int get_config_flags()
+ { return config->perf_flags; }
+
+ FlowIPTracker* get_flow_ip();
+
+private:
+ PerfConfig* const config;
+ FlowIPDataHandler* flow_ip_data_handler;
+ void disable_tracker(size_t);
+};
+
+#endif
projects / thirdparty / snort3.git / commitdiff
