Merge in SNORT/snort3 from ~RCONJEEV/snort3:rconjeev_us824999 to master
Squashed commit of the following:
commit
e0b6f73b0314f204e536403604d48c93355cc0d7
Author: RAGHURAAM CONJEEVARAM UDAYANAN -X (rconjeev - XORIANT CORPORATION at Cisco) <rconjeev@cisco.com>
Date: Fri May 19 15:26:27 2023 +0530
flow: introduced granular counters for idle_prunes
time_t timestamp = packet_time();
if ( hash_table->get_num_nodes() >= config.max_flows )
{
- if ( !prune_stale(timestamp, nullptr) )
+ if ( !prune_idle(timestamp, nullptr) )
{
if ( !prune_unis(key->pkt_type) )
prune_excess(nullptr);
remove(flow);
}
-unsigned FlowCache::prune_stale(uint32_t thetime, const Flow* save_me)
+unsigned FlowCache::prune_idle(uint32_t thetime, const Flow* save_me)
{
ActiveSuspendContext act_susp(Active::ASP_PRUNE);
break;
flow->ssn_state.session_flags |= SSNFLAG_TIMEDOUT;
- if ( release(flow, PruneReason::IDLE) )
+ if ( release(flow, PruneReason::IDLE_MAX_FLOWS) )
++pruned;
flow = static_cast<Flow*>(hash_table->lru_first());
}
flow->ssn_state.session_flags |= SSNFLAG_TIMEDOUT;
- if ( release(flow, PruneReason::IDLE) )
+ if ( release(flow, PruneReason::IDLE_PROTOCOL_TIMEOUT) )
++retired;
flow = static_cast<Flow*>(hash_table->lru_current());
bool release(snort::Flow*, PruneReason = PruneReason::NONE, bool do_cleanup = true);
- unsigned prune_stale(uint32_t thetime, const snort::Flow* save_me);
+ unsigned prune_idle(uint32_t thetime, const snort::Flow* save_me);
unsigned prune_excess(const snort::Flow* save_me);
bool prune_one(PruneReason, bool do_cleanup);
unsigned timeout(unsigned num_flows, time_t cur_time);
enum class PruneReason : uint8_t
{
- IDLE,
EXCESS,
UNI,
MEMCAP,
HA,
STALE,
+ IDLE_MAX_FLOWS,
+ IDLE_PROTOCOL_TIMEOUT,
NONE,
MAX
};
{
{ CountType::SUM, "flows", "total sessions" },
{ CountType::SUM, "total_prunes", "total sessions pruned" },
- { CountType::SUM, "idle_prunes", " sessions pruned due to timeout" },
+ { CountType::SUM, "idle_prunes_max_flows", " sessions pruned due to pruning timeout since max flows is reached" },
+ { CountType::SUM, "idle_prunes_proto_timeout", " sessions pruned due to protocol timeout" },
{ CountType::SUM, "excess_prunes", "sessions pruned due to excess" },
{ CountType::SUM, "uni_prunes", "uni sessions pruned" },
{ CountType::SUM, "memcap_prunes", "sessions pruned due to memcap" },
stream_base_stats.flows = flow_con->get_flows();
stream_base_stats.prunes = flow_con->get_total_prunes();
- stream_base_stats.timeout_prunes = flow_con->get_prunes(PruneReason::IDLE);
+ stream_base_stats.max_flow_prunes = flow_con->get_prunes(PruneReason::IDLE_MAX_FLOWS);
+ stream_base_stats.protocol_timeout_prunes = flow_con->get_prunes(PruneReason::IDLE_PROTOCOL_TIMEOUT);
stream_base_stats.excess_prunes = flow_con->get_prunes(PruneReason::EXCESS);
stream_base_stats.uni_prunes = flow_con->get_prunes(PruneReason::UNI);
stream_base_stats.memcap_prunes = flow_con->get_prunes(PruneReason::MEMCAP);
{
PegCount flows;
PegCount prunes;
- PegCount timeout_prunes;
+ PegCount max_flow_prunes;
+ PegCount protocol_timeout_prunes;
PegCount excess_prunes;
PegCount uni_prunes;
PegCount memcap_prunes;