typedef struct BypassedCheckFuncItem_ {
BypassedCheckFunc Func;
+ BypassedCheckFuncInit FuncInit;
void *data;
} BypassedCheckFuncItem;
{
#ifdef HAVE_PACKET_EBPF
int tcount = 0;
+ int i;
BypassedFlowManagerThreadData *ftd = thread_data;
+ struct timespec curtime = {0, 0};
+
+ if (clock_gettime(CLOCK_MONOTONIC, &curtime) != 0) {
+ SCLogWarning(SC_ERR_INVALID_VALUE, "Can't get time: %s (%d)",
+ strerror(errno), errno);
+ }
+ for (i = 0; i < g_bypassed_func_max_index; i++) {
+ if (BypassedFuncList[i].FuncInit) {
+ BypassedFuncList[i].FuncInit(&curtime, BypassedFuncList[i].data);
+ }
+ }
+
while (1) {
- int i;
SCLogDebug("Dumping the table");
- struct timespec curtime;
if (clock_gettime(CLOCK_MONOTONIC, &curtime) != 0) {
SCLogWarning(SC_ERR_INVALID_VALUE, "Can't get time: %s (%d)",
strerror(errno), errno);
}
int BypassedFlowManagerRegisterCheckFunc(BypassedCheckFunc CheckFunc,
+ BypassedCheckFuncInit CheckFuncInit,
void *data)
{
if (!CheckFunc) {
}
if (g_bypassed_func_max_index < BYPASSFUNCMAX) {
BypassedFuncList[g_bypassed_func_max_index].Func = CheckFunc;
+ BypassedFuncList[g_bypassed_func_max_index].FuncInit = CheckFuncInit;
BypassedFuncList[g_bypassed_func_max_index].data = data;
g_bypassed_func_max_index++;
} else {
typedef int (*BypassedCheckFunc)(struct flows_stats *bypassstats,
struct timespec *curtime, void *data);
+typedef int (*BypassedCheckFuncInit)(struct timespec *curtime, void *data);
typedef int (*BypassedUpdateFunc)(Flow *f, Packet *p, void *data);
void FlowAddToBypassed(Flow *f);
void BypassedFlowManagerThreadSpawn(void);
void TmModuleBypassedFlowManagerRegister(void);
-int BypassedFlowManagerRegisterCheckFunc(BypassedCheckFunc CheckFunc, void *data);
+int BypassedFlowManagerRegisterCheckFunc(BypassedCheckFunc CheckFunc,
+ BypassedCheckFuncInit CheckFuncInit, void *data);
int BypassedFlowManagerRegisterUpdateFunc(BypassedUpdateFunc UpdateFunc, void *data);
void BypassedFlowUpdate(Flow *f, Packet *p);
aconf->iface);
aconf->flags |= AFP_BYPASS;
RunModeEnablesBypassManager();
- BypassedFlowManagerRegisterCheckFunc(EBPFCheckBypassedFlowTimeout, (void *) &(aconf->ebpf_t_config));
+ BypassedFlowManagerRegisterCheckFunc(EBPFCheckBypassedFlowTimeout,
+ NULL,
+ (void *) &(aconf->ebpf_t_config));
BypassedFlowManagerRegisterUpdateFunc(EBPFUpdateFlow, NULL);
#else
SCLogError(SC_ERR_UNIMPLEMENTED, "Bypass set but eBPF support is not built-in");
aconf->iface);
aconf->flags |= AFP_XDPBYPASS;
RunModeEnablesBypassManager();
- BypassedFlowManagerRegisterCheckFunc(EBPFCheckBypassedFlowTimeout, (void *) &(aconf->ebpf_t_config));
+ /* TODO move that to get it conditional on pinned maps */
+ BypassedFlowManagerRegisterCheckFunc(EBPFCheckBypassedFlowTimeout,
+ EBPFCheckBypassedFlowCreate,
+ (void *) &(aconf->ebpf_t_config));
BypassedFlowManagerRegisterUpdateFunc(EBPFUpdateFlow, NULL);
}
#else
-/* Copyright (C) 2018 Open Information Security Foundation
+/* Copyright (C) 2018-2019 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
return found;
}
+
+int EBPFCheckBypassedFlowCreate(struct timespec *curtime, void *data)
+{
+ /* loop on v4 table */
+ /* create flow key*/
+ /* look for flow in hash, create entry if not found */
+
+ /* loop on v6*/
+
+ return 0;
+}
+
/**
* Flow timeout checking function
*
int EBPFCheckBypassedFlowTimeout(struct flows_stats *bypassstats,
struct timespec *curtime,
void *data);
+int EBPFCheckBypassedFlowCreate(struct timespec *curtime, void *data);
void EBPFRegisterExtension(void);
projects / thirdparty / suricata.git / commitdiff
