#include <chrono>
#include "main/snort_config.h"
+#include "main/reload_tuner.h"
#include "trace/trace.h"
+#include "latency/packet_latency.h"
+#include "latency/rule_latency.h"
#include "latency_config.h"
#include "latency_rules.h"
return true;
}
+class LatencyTuner : public snort::ReloadResourceTuner
+{
+public:
+ explicit LatencyTuner(bool enable_packet, bool enable_rule)
+ : enable_packet(enable_packet), enable_rule(enable_rule)
+ {}
+ ~LatencyTuner() override = default;
+
+ bool tinit() override
+ {
+ packet_latency::set_force_enable(enable_packet);
+ rule_latency::set_force_enable(enable_rule);
+
+ return false;
+ }
+
+ bool tune_packet_context() override
+ { return true; }
+
+ bool tune_idle_context() override
+ { return true; }
+
+private:
+ bool enable_packet = false;
+ bool enable_rule = false;
+};
+
LatencyModule::LatencyModule() : Module(s_name, s_help, s_params)
{ }
return true;
}
-bool LatencyModule::end(const char*, int, SnortConfig* sc)
+bool LatencyModule::end(const char* fqn, int, SnortConfig* sc)
{
- PacketLatencyConfig& packet_config = sc->latency->packet_latency;
- RuleLatencyConfig& rule_config = sc->latency->rule_latency;
+ const PacketLatencyConfig& packet_config = sc->latency->packet_latency;
+ const RuleLatencyConfig& rule_config = sc->latency->rule_latency;
if ( packet_config.max_time > CLOCK_ZERO )
- packet_config.force_enable = true;
+ packet_latency::set_force_enable(true);
if ( rule_config.max_time > CLOCK_ZERO )
- rule_config.force_enable = true;
+ rule_latency::set_force_enable(true);
+
+ if ( strcmp(fqn, "latency") == 0 )
+ sc->register_reload_handler(new LatencyTuner(packet_latency::force_enabled(),
+ rule_latency::force_enabled()));
return true;
}
namespace packet_latency
{
+THREAD_LOCAL bool force_enable = false;
+
+bool force_enabled()
+{
+ return force_enable;
+}
+
+void set_force_enable(bool force)
+{
+ force_enable = force;
+}
// -----------------------------------------------------------------------------
// helpers
// -----------------------------------------------------------------------------
void PacketLatency::push()
{
- if ( packet_latency::config->force_enabled())
+ if ( packet_latency::force_enabled())
{
packet_latency::get_impl().push();
++latency_stats.total_packets;
void PacketLatency::pop(const Packet* p)
{
- if ( packet_latency::config->force_enabled())
+ if ( packet_latency::force_enabled())
{
if ( packet_latency::get_impl().pop(p) )
++latency_stats.packet_timeouts;
bool PacketLatency::fastpath()
{
- if ( packet_latency::config->enabled() )
+ if ( packet_latency::force_enabled() )
return packet_latency::get_impl().fastpath();
return false;
#ifndef PACKET_LATENCY_H
#define PACKET_LATENCY_H
+#include "main/snort_types.h"
+
namespace snort
{
struct Packet;
}
+namespace packet_latency
+{
+ SO_PUBLIC bool force_enabled();
+
+ SO_PUBLIC void set_force_enable(bool force);
+}
+
class PacketLatency
{
public:
{
hr_duration max_time = CLOCK_ZERO;
bool fastpath = false;
- bool force_enable = false;
+ bool plugin_forced = false;
#ifdef REG_TEST
bool test_timeout = false;
#endif
#endif
return max_time > CLOCK_ZERO;
}
-
- bool force_enabled() const
- {
- return force_enable;
- }
};
#endif
using namespace snort;
+
namespace rule_latency
{
+THREAD_LOCAL bool force_enable = false;
+
+bool force_enabled()
+{
+ return force_enable;
+}
+
+void set_force_enable(bool force)
+{
+ force_enable = force;
+}
// -----------------------------------------------------------------------------
// helpers
// -----------------------------------------------------------------------------
void RuleLatency::push(const detection_option_tree_root_t& root, Packet* p)
{
- if ( rule_latency::config->force_enabled() )
+ if ( rule_latency::force_enabled() )
{
if ( rule_latency::get_impl().push(root, p) )
++latency_stats.rule_tree_enables;
void RuleLatency::pop()
{
- if ( rule_latency::config->force_enabled() )
+ if ( rule_latency::force_enabled() )
{
if ( rule_latency::get_impl().pop() )
++latency_stats.rule_eval_timeouts;
bool RuleLatency::suspended()
{
- if ( rule_latency::config->enabled() )
+ if ( rule_latency::force_enabled() )
return rule_latency::get_impl().suspended();
return false;
#ifndef RULE_LATENCY_H
#define RULE_LATENCY_H
+#include "main/snort_types.h"
+
struct detection_option_tree_root_t;
namespace snort
{
struct Packet;
}
+namespace rule_latency
+{
+ SO_PUBLIC bool force_enabled();
+ SO_PUBLIC void set_force_enable(bool force);
+}
+
class RuleLatency
{
public:
struct RuleLatencyConfig
{
hr_duration max_time = 0_ticks;
- bool force_enable = false;
bool suspend = false;
unsigned suspend_threshold = 0;
hr_duration max_suspend_time = 0_ticks;
return max_time > 0_ticks;
}
- bool force_enabled() const
- {
- return force_enable;
- }
-
bool allow_reenable() const { return max_suspend_time > 0_ticks; }
};
#include "framework/data_bus.h"
#include "latency/packet_latency.h"
#include "latency/rule_latency.h"
+#include "latency/latency_config.h"
#include "log/messages.h"
#include "main/swapper.h"
#include "main.h"
HostAttributesManager::initialize();
RuleContext::set_enabled(sc->profiler->rule.show);
TimeProfilerStats::set_enabled(sc->profiler->time.show);
+ packet_latency::set_force_enable(sc->latency->packet_latency.enabled() ||
+ sc->latency->packet_latency.plugin_forced);
+ rule_latency::set_force_enable(sc->latency->rule_latency.enabled());
// in case there are HA messages waiting, process them first
HighAvailabilityManager::process_receive();
overlay_trace_config = tc;
}
-bool SnortConfig::set_packet_latency(bool is_enabled) const
+bool SnortConfig::set_packet_latency() const
{
if ( latency )
{
- latency->packet_latency.force_enable = is_enabled;
- return is_enabled;
- }
- return false;
-}
-
-bool SnortConfig::get_packet_latency() const
-{
- if ( latency->packet_latency.force_enabled() )
+ latency->packet_latency.plugin_forced = true;
return true;
- return false;
-}
-
-bool SnortConfig::set_rule_latency(bool is_enabled) const
-{
- if ( latency )
- {
- latency->rule_latency.force_enable = is_enabled;
- return is_enabled;
}
return false;
}
-bool SnortConfig::get_rule_latency() const
-{
- if ( latency->rule_latency.force_enabled() )
- return true;
- return false;
-}
-
void SnortConfig::set_tunnel_verdicts(const char* args)
{
char* tmp, * tok;
void set_utc(bool);
void set_watchdog(uint16_t);
void set_watchdog_min_thread_count(uint16_t);
- SO_PUBLIC bool set_packet_latency(bool) const;
- SO_PUBLIC bool get_packet_latency() const;
- SO_PUBLIC bool set_rule_latency(bool) const;
- SO_PUBLIC bool get_rule_latency() const;
+ SO_PUBLIC bool set_packet_latency() const;
//------------------------------------------------------
// accessor methods
void detection_filter_init(DetectionFilterConfig*) { }
void detection_filter_term() { }
void RuleLatency::tterm() { }
+void rule_latency::set_force_enable(bool) { }
void PacketLatency::tterm() { }
+void packet_latency::set_force_enable(bool) { }
void SideChannelManager::thread_init() { }
void SideChannelManager::thread_term() { }
void CodecManager::thread_init() { }
uint64_t curr_flow_latency = 0;
uint64_t curr_rule_latency = 0;
- PerfMonitor* perf_monitor = (PerfMonitor*)PigPen::get_inspector(PERF_NAME, true);
- if ( perf_monitor->get_constraints()->flow_ip_all == true )
+ if ( t_constraints->flow_ip_all == true )
{
if ( p->flow )
{
#include "main/analyzer_command.h"
#include "main/snort_config.h"
#include "managers/module_manager.h"
+#include "latency/packet_latency.h"
+#include "latency/rule_latency.h"
#include "perf_monitor.h"
#include "perf_pegs.h"
PerfMonitor* perf_monitor;
};
-static bool current_packet_latency, current_rule_latency = false;
+static THREAD_LOCAL bool current_packet_latency, current_rule_latency = false;
static const Parameter flow_ip_profiling_params[] =
{
bool PerfMonFlowIPDebug::execute(Analyzer&, void**)
{
if (enable)
+ {
+ if ( constraints->flow_ip_all )
+ {
+ if (rule_latency::force_enabled())
+ current_rule_latency = true;
+ if (packet_latency::force_enabled())
+ current_packet_latency = true;
+ rule_latency::set_force_enable(true);
+ packet_latency::set_force_enable(true);
+ }
perf_monitor->enable_profiling(constraints);
+ }
else
- perf_monitor->disable_profiling(constraints);
+ {
+ if ( !current_packet_latency )
+ packet_latency::set_force_enable(false);
+ if ( !current_rule_latency )
+ rule_latency::set_force_enable(false);
+ perf_monitor->disable_profiling(constraints);
+ }
return true;
}
ControlConn* ctrlcon = ControlConn::query_from_lua(L);
main_broadcast_command(new PerfMonFlowIPDebug(new_constraints, true, perf_monitor), ctrlcon);
- if ( new_constraints->flow_ip_all )
- {
- const SnortConfig* sc = SnortConfig::get_conf();
- if ( sc->get_packet_latency() )
- current_packet_latency = true;
- if ( sc->get_rule_latency() )
- current_rule_latency = true;
- sc->set_packet_latency(true);
- sc->set_rule_latency(true);
- }
-
LogMessage("Enabling flow ip profiling with sample interval %d packet count %d all stats tracking %s\n",
new_constraints->sample_interval, new_constraints->pkt_cnt,
( new_constraints->flow_ip_all ) ? "enabled" : "disabled" );
ControlConn* ctrlcon = ControlConn::query_from_lua(L);
main_broadcast_command(new PerfMonFlowIPDebug(new_constraints, false, perf_monitor), ctrlcon);
- const SnortConfig* sc = SnortConfig::get_conf();
-
- if ( !current_packet_latency )
- sc->set_packet_latency(false);
-
- if ( !current_rule_latency )
- sc->set_rule_latency(false);
-
LogMessage("Disabling flow ip profiling\n");
return 0;
if ( config->flow_ip_all )
{
- sc->set_packet_latency(true);
- sc->set_rule_latency(true);
+ packet_latency::set_force_enable(true);
+ rule_latency::set_force_enable(true);
}
return true;
extern THREAD_LOCAL PerfPegStats pmstats;
extern THREAD_LOCAL snort::ProfileStats perfmonStats;
+extern THREAD_LOCAL PerfConstraints* t_constraints;
#endif
static THREAD_LOCAL std::vector<PerfTracker*>* trackers;
static THREAD_LOCAL FlowIPTracker* flow_ip_tracker = nullptr;
-static THREAD_LOCAL PerfConstraints* t_constraints;
+THREAD_LOCAL PerfConstraints* t_constraints;
//-------------------------------------------------------------------------
// class stuff
uint64_t flow_latency = 0;
uint64_t rule_latency = 0;
- if ( perf_monitor.get_constraints()->flow_ip_all )
+ if ( t_constraints->flow_ip_all )
{
const AppIdSessionApi* appid_session_api = appid_api.get_appid_session_api(*flow);
if ( appid_session_api )
projects / thirdparty / snort3.git / commitdiff
