Merge pull request #2925 in SNORT/snort3 from ~SBAIGAL/snort3:cli to master

Squashed commit of the following:

commit 09519fc596dfb0dd1b406a9ee5bb26b2520c2d32
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date:   Fri Jun 4 12:30:10 2021 -0400

    dump_stats: direct output back to command channel

    stats: update file and appid stats to use Log functions provided from stats.cc

    add LogText for simple string logging without separator logic

diff --git a/src/control/control.h b/src/control/control.h
index 446cd193e2729a60433b0c44ea17b03017e1c485..d96ce40809c66a33684c5b19ba88a96cb4a5205e 100644 (file)
--- a/src/control/control.h
+++ b/src/control/control.h
@@ -75,5 +75,7 @@ private:
     bool removed = false;
 };
 
-#endif
+#define LogRespond(cn, ...)       if (cn) cn->respond(__VA_ARGS__); else LogMessage(__VA_ARGS__)
+#define LogfRespond(cn, fh, ...)  if (cn) cn->respond(__VA_ARGS__); else LogMessage(fh, __VA_ARGS__)
 
+#endif

diff --git a/src/file_api/file_stats.cc b/src/file_api/file_stats.cc
index 2cfd3f7811395ebc4eefc19406f8925922a4ca9c..b3970f00db6f9abc86045ecc4ea64fcadcb2cd47 100644 (file)
--- a/src/file_api/file_stats.cc
+++ b/src/file_api/file_stats.cc
@@ -97,34 +97,37 @@ void file_stats_print()
     LogLabel("File Statistics");
     LogLabel("file type stats (files)");
 
-    LogMessage("         Type              Download   Upload \n");
+    LogLabel("         Type              Download   Upload ");
 
     processed_total[0] = 0;
     processed_total[1] = 0;
     processed_data_total[0] = 0;
     processed_data_total[1] = 0;
 
+    char buff[128];
     for (unsigned i = 0; i < FILE_ID_MAX; i++)
     {
         std::string type_name = file_type_name(i);
         if (type_name.length() &&
             (file_totals.files_processed[i][0] || file_totals.files_processed[i][1] ))
         {
-            LogMessage("%12s(%3d)          " FMTu64("-10") " " FMTu64("-10") " \n",
+            snprintf(buff, sizeof(buff), "%12s(%3d)          " FMTu64("-10") " " FMTu64("-10") " ",
                 type_name.c_str(), i,
                 file_totals.files_processed[i][0],
                 file_totals.files_processed[i][1]);
+            LogText(buff);
             processed_total[0]+= file_totals.files_processed[i][0];
             processed_total[1]+= file_totals.files_processed[i][1];
         }
     }
 
-    LogMessage("            Total          " FMTu64("-10") " " FMTu64("-10") " \n",
+    snprintf(buff, sizeof(buff), "            Total          " FMTu64("-10") " " FMTu64("-10") " ",
         processed_total[0], processed_total[1]);
+    LogText(buff);
 
     LogLabel("file type stats (bytes)");
 
-    LogMessage("         Type              Download   Upload \n");
+    LogLabel("         Type              Download   Upload ");
 
     for (unsigned i = 0; i < FILE_ID_MAX; i++)
     {
@@ -132,18 +135,20 @@ void file_stats_print()
         if (type_name.length() &&
             (file_totals.files_processed[i][0] || file_totals.files_processed[i][1] ))
         {
-            LogMessage("%12s(%3d)          " FMTu64("-10") " " FMTu64("-10") " \n",
+            snprintf(buff, sizeof(buff), "%12s(%3d)          " FMTu64("-10") " " FMTu64("-10") " ",
                 type_name.c_str(), i,
                 file_totals.data_processed[i][0],
                 file_totals.data_processed[i][1]);
+            LogText(buff);
 
             processed_data_total[0]+= file_totals.data_processed[i][0];
             processed_data_total[1]+= file_totals.data_processed[i][1];
         }
     }
 
-    LogMessage("            Total          " FMTu64("-10") " " FMTu64("-10") " \n",
+    snprintf(buff, sizeof(buff), "            Total          " FMTu64("-10") " " FMTu64("-10") " ",
         processed_data_total[0], processed_data_total[1]);
+    LogText(buff);
 
     check_total = 0;
 
@@ -161,7 +166,7 @@ void file_stats_print()
 
     LogLabel("file signature stats");
 
-    LogMessage("         Type              Download   Upload \n");
+    LogLabel("         Type              Download   Upload ");
 
     processed_total[0] = 0;
     processed_total[1] = 0;
@@ -171,15 +176,17 @@ void file_stats_print()
         if (type_name.length() &&
             (file_totals.signatures_processed[i][0] || file_totals.signatures_processed[i][1] ))
         {
-            LogMessage("%12s(%3d)          " FMTu64("-10") " " FMTu64("-10") " \n",
+            snprintf(buff, sizeof(buff), "%12s(%3d)          " FMTu64("-10") " " FMTu64("-10") " ",
                 type_name.c_str(), i,
                 file_totals.signatures_processed[i][0], file_totals.signatures_processed[i][1]);
+            LogText(buff);
             processed_total[0]+= file_totals.signatures_processed[i][0];
             processed_total[1]+= file_totals.signatures_processed[i][1];
         }
     }
-    LogMessage("            Total          " FMTu64("-10") " " FMTu64("-10") " \n",
+    snprintf(buff, sizeof(buff), "            Total          " FMTu64("-10") " " FMTu64("-10") " ",
         processed_total[0], processed_total[1]);
+    LogText(buff);
 
 #if 0
     LogLabel("file type verdicts");  // FIXIT-RC should be fixed

diff --git a/src/main.cc b/src/main.cc
index 775c33fa3839f5582944967ddea4867252c48f4b..ec66560c122cc600428644589bfde7c5c3081b6b 100644 (file)
--- a/src/main.cc
+++ b/src/main.cc
@@ -324,7 +324,7 @@ int main_dump_stats(lua_State* L)
 {
     ControlConn* ctrlcon = ControlConn::query_from_lua(L);
     send_response(ctrlcon, "== dumping stats\n");
-    main_broadcast_command(new ACGetStats(), ctrlcon);
+    main_broadcast_command(new ACGetStats(ctrlcon), ctrlcon);
     return 0;
 }
 

diff --git a/src/main/analyzer_command.cc b/src/main/analyzer_command.cc
index 3a8fd2d10694c1191701ebdb71cd1eb37edef10c..725e31abd37b5e7c14b13d405162878686e291b0 100644 (file)
--- a/src/main/analyzer_command.cc
+++ b/src/main/analyzer_command.cc
@@ -92,8 +92,9 @@ ACGetStats::~ACGetStats()
 
     // FIXIT-L This should track the owner so it can dump stats to the
     // shell instead of the logs when initiated by a shell command
-    DropStats();
-    LogMessage("==================================================\n"); // Marking End of stats
+    DropStats(ctrlcon);
+    LogRespond(ctrlcon, "==================================================\n"); // Marking End of stats
+
     ModuleManager::clear_global_active_counters();
 }
 

diff --git a/src/main/analyzer_command.h b/src/main/analyzer_command.h
index f19b784ed4bf097c6b67945df0c3712cef6d059c..5dc8b3755550fa466f755c7a0647dc63abafb336 100644 (file)
--- a/src/main/analyzer_command.h
+++ b/src/main/analyzer_command.h
@@ -50,9 +50,12 @@ private:
 class ACGetStats : public snort::AnalyzerCommand
 {
 public:
+    ACGetStats(ControlConn* conn) : ctrlcon(conn) {}
     bool execute(Analyzer&, void**) override;
     const char* stringify() override { return "GET_STATS"; }
     ~ACGetStats() override;
+private:
+    ControlConn* ctrlcon;
 };
 
 typedef enum clear_counter_type

diff --git a/src/network_inspectors/appid/appid_peg_counts.cc b/src/network_inspectors/appid/appid_peg_counts.cc
index 6f1b8255f42144bba03e5ea3a9098b846ac62817..99b1acd49c61ead132893d99a97407aee29d3845 100644 (file)
--- a/src/network_inspectors/appid/appid_peg_counts.cc
+++ b/src/network_inspectors/appid/appid_peg_counts.cc
@@ -161,8 +161,10 @@ void AppIdPegCounts::print()
     LogLabel("Appid Statistics");
     LogLabel("detected apps and services");
 
-    LogMessage("%25.25s: %-10s %-10s %-10s %-10s %-10s %-10s %-10s\n",
+    char buff[120];
+    snprintf(buff, sizeof(buff), "%25.25s: %-10s %-10s %-10s %-10s %-10s %-10s %-10s",
         "Application", "Flows", "Clients", "Users", "Payloads", "Misc", "Incompat.", "Failed");
+    LogText(buff);
 
     for (unsigned i = 0; i < app_num; i++)
     {
@@ -171,14 +173,13 @@ void AppIdPegCounts::print()
             continue;
 
         std::string app_name = AppIdPegCounts::appid_detectors_info[i];
-        LogMessage("%25.25s:", app_name.c_str());
-        pegs->print();
+        pegs->print(app_name.c_str(), buff, sizeof(buff));
+        LogText(buff);
     }
 
     if (!unknown_pegs->all_zeros())
     {
-        LogMessage("%25.25s:", "unknown");
-        unknown_pegs->print();
+        unknown_pegs->print("unknown", buff, sizeof(buff));
+        LogText(buff);
     }
 }
-

diff --git a/src/network_inspectors/appid/appid_peg_counts.h b/src/network_inspectors/appid/appid_peg_counts.h
index 47270e05ec317429cc9b29de2aed0f3f38f2e856..2914273732d26f4b0044f515fb3d47e14ebfd35c 100644 (file)
--- a/src/network_inspectors/appid/appid_peg_counts.h
+++ b/src/network_inspectors/appid/appid_peg_counts.h
@@ -68,10 +68,10 @@ public:
             return !memcmp(stats, &zeroed_peg, sizeof(stats));
         }
 
-        void print()
+        void print(const char* app, char* buf, int buf_size)
         {
-            snort::LogMessage(" " FMTu64("-10") " " FMTu64("-10") " " FMTu64("-10") " " FMTu64("-10")
-                " " FMTu64("-10") " " FMTu64("-10") " " FMTu64("-10")"\n",
+            snprintf(buf, buf_size, "%25.25s: " FMTu64("-10") " " FMTu64("-10") " " FMTu64("-10") " " FMTu64("-10")
+                " " FMTu64("-10") " " FMTu64("-10") " " FMTu64("-10"), app, 
                 stats[0], stats[1], stats[2], stats[3], stats[4], stats[5], stats[6]);
         }
     };

diff --git a/src/network_inspectors/appid/test/appid_discovery_test.cc b/src/network_inspectors/appid/test/appid_discovery_test.cc
index 5bc1297211baca8d6c9c201d24949ef7a160445d..3d246704faff8359b54d142464fb0893e89b2a08 100644 (file)
--- a/src/network_inspectors/appid/test/appid_discovery_test.cc
+++ b/src/network_inspectors/appid/test/appid_discovery_test.cc
@@ -73,6 +73,8 @@ PegCount Module::get_global_count(char const*) const { return 0; }
 void LogMessage(const char*,...) {}
 void ErrorMessage(const char*,...) {}
 void LogLabel(const char*, FILE*) {}
+void LogText(const char*, FILE*) {}
+
 
 // Stubs for utils
 char* snort_strdup(const char* str)

diff --git a/src/network_inspectors/appid/test/appid_mock_definitions.h b/src/network_inspectors/appid/test/appid_mock_definitions.h
index 3dd5371116cf697000b553f73432cb4968143c1e..427a2231f541866b601e66a6c65e11201972beec 100644 (file)
--- a/src/network_inspectors/appid/test/appid_mock_definitions.h
+++ b/src/network_inspectors/appid/test/appid_mock_definitions.h
@@ -52,6 +52,8 @@ char* snort_strdup(const char* str)
 void ErrorMessage(const char*,...) { }
 void WarningMessage(const char*,...) { }
 void LogMessage(const char*,...) { }
+void LogText(const char*, FILE*) {}
+
 void ParseWarning(WarningGroup, const char*, ...) { }
 
 void LogLabel(const char*, FILE*) {}

diff --git a/src/network_inspectors/appid/test/service_state_test.cc b/src/network_inspectors/appid/test/service_state_test.cc
index 881a65c2ad04c8410f730a823b92d39bbc3c751a..7b9051ea73f8f153793e18029a792d7ca09422c6 100644 (file)
--- a/src/network_inspectors/appid/test/service_state_test.cc
+++ b/src/network_inspectors/appid/test/service_state_test.cc
@@ -44,6 +44,8 @@ void LogMessage(const char* format,...)
 }
 void ErrorMessage(const char*,...) {}
 void LogLabel(const char*, FILE*) {}
+void LogText(const char* s, FILE*) { LogMessage("%s\n", s); }
+
 
 // Stubs for utils
 char* snort_strdup(const char* str)

diff --git a/src/network_inspectors/perf_monitor/perf_module.cc b/src/network_inspectors/perf_monitor/perf_module.cc
index 1e6ede6e587016b867d08365aba5509d15da57a8..fe901aca98981ff97e528ad4afc9ccfbb5697841 100644 (file)
--- a/src/network_inspectors/perf_monitor/perf_module.cc
+++ b/src/network_inspectors/perf_monitor/perf_module.cc
@@ -194,18 +194,19 @@ static int disable_flow_ip_profiling(lua_State* L)
     return 0;
 }
 
-static int show_flow_ip_profiling(lua_State*)
+static int show_flow_ip_profiling(lua_State* L)
 {
     bool status = false;
+    ControlConn* ctrlcon = ControlConn::query_from_lua(L);
 
     PerfMonitor* perf_monitor = (PerfMonitor*)InspectorManager::get_inspector(PERF_NAME, true);
 
     if (perf_monitor)
         status = perf_monitor->is_flow_ip_enabled();
     else
-        LogMessage("perf_monitor is not configured\n");
+        LogRespond(ctrlcon, "perf_monitor is not configured\n");
 
-    LogMessage("Snort flow ip profiling is %s\n", status ? "enabled" : "disabled");
+    LogRespond(ctrlcon, "Snort flow ip profiling is %s\n", status ? "enabled" : "disabled");
 
     return 0;
 }

diff --git a/src/utils/stats.cc b/src/utils/stats.cc
index 1803440623376af62308eda3517aab0ef80998cb..344fd9135c6f4f87769bae339b68ccd8ae78ee4e 100644 (file)
--- a/src/utils/stats.cc
+++ b/src/utils/stats.cc
@@ -25,6 +25,7 @@
 
 #include <cassert>
 
+#include "control/control.h"
 #include "detection/detection_engine.h"
 #include "file_api/file_stats.h"
 #include "filters/sfthreshold.h"
@@ -51,48 +52,60 @@ namespace snort
 {
 
 THREAD_LOCAL PacketCount pc;
+static THREAD_LOCAL ControlConn* s_ctrlcon = nullptr;
 
 //-------------------------------------------------------------------------
 
 static inline void LogSeparator(FILE* fh = stdout)
 {
-    LogMessage(fh, "%s\n", STATS_SEPARATOR);
+    LogfRespond(s_ctrlcon, fh, "%s\n", STATS_SEPARATOR);
+}
+
+void LogText(const char* s, FILE* fh)
+{
+    LogfRespond(s_ctrlcon, fh, "%s\n", s);
 }
 
 void LogLabel(const char* s, FILE* fh)
 {
     if ( *s == ' ' )
     {
-        LogMessage(fh, "%s\n", s);
+        LogfRespond(s_ctrlcon, fh, "%s\n", s);
     }
     else
     {
         LogSeparator(fh);
-        LogMessage(fh, "%s\n", s);
+        LogfRespond(s_ctrlcon, fh, "%s\n", s);
     }
 }
 
 void LogValue(const char* s, const char* v, FILE* fh)
 {
-    LogMessage(fh, "%25.25s: %s\n", s, v);
+    LogfRespond(s_ctrlcon, fh, "%25.25s: %s\n", s, v);
 }
 
 void LogCount(const char* s, uint64_t c, FILE* fh)
 {
     if ( c )
-        LogMessage(fh, "%25.25s: " STDu64 "\n", s, c);
+    {
+        LogfRespond(s_ctrlcon, fh, "%25.25s: " STDu64 "\n", s, c);
+    }
 }
 
 void LogStat(const char* s, uint64_t n, uint64_t tot, FILE* fh)
 {
     if ( n )
-        LogMessage(fh, "%25.25s: " FMTu64("-12") "\t(%7.3f%%)\n", s, n, CalcPct(n, tot));
+    {
+        LogfRespond(s_ctrlcon, fh, "%25.25s: " FMTu64("-12") "\t(%7.3f%%)\n", s, n, CalcPct(n, tot));
+    }
 }
 
 void LogStat(const char* s, double d, FILE* fh)
 {
     if ( d )
-        LogMessage(fh, "%25.25s: %g\n", s, d);
+    {
+        LogfRespond(s_ctrlcon, fh, "%25.25s: %g\n", s, d);
+    }
 }
 }
 
@@ -228,8 +241,9 @@ const PegInfo proc_names[] =
 
 //-------------------------------------------------------------------------
 
-void DropStats()
+void DropStats(ControlConn* ctrlcon)
 {
+    s_ctrlcon = ctrlcon;
     LogLabel("Packet Statistics");
     ModuleManager::get_module("daq")->show_stats();
 
@@ -242,6 +256,7 @@ void DropStats()
 
     LogLabel("Summary Statistics");
     show_stats((PegCount*)&proc_stats, proc_names, array_size(proc_names)-1, "process");
+    s_ctrlcon = nullptr;
 }
 
 //-------------------------------------------------------------------------

diff --git a/src/utils/stats.h b/src/utils/stats.h
index 85d04f37ff00604b185acd534984c0078ffcf1ea..50c825ecb57a1ca59d9cae97066261420c041cf1 100644 (file)
--- a/src/utils/stats.h
+++ b/src/utils/stats.h
@@ -31,6 +31,8 @@
 
 using IndexVec = std::vector<unsigned>;
 
+class ControlConn;
+
 // FIXIT-L split this out into appropriate modules
 struct PacketCount
 {
@@ -99,6 +101,7 @@ extern SO_PUBLIC THREAD_LOCAL PacketCount pc;
 SO_PUBLIC inline PegCount get_packet_number() { return pc.analyzed_pkts; }
 
 SO_PUBLIC void LogLabel(const char*, FILE* = stdout);
+SO_PUBLIC void LogText(const char*, FILE* = stdout);
 SO_PUBLIC void LogValue(const char*, const char*, FILE* = stdout);
 SO_PUBLIC void LogCount(const char*, uint64_t, FILE* = stdout);
 
@@ -116,7 +119,7 @@ void sum_stats(SimpleStats* sums, SimpleStats* counts);
 void show_stats(SimpleStats*, const char* module_name);
 
 double CalcPct(uint64_t, uint64_t);
-void DropStats();
+void DropStats(ControlConn* ctrlcon = nullptr);
 void PrintStatistics();
 void TimeStart();
 void TimeStop();