At start up we will set this flag based on "multi-detect.enabled".
static uint8_t DetectEngineCtxLoadConf(DetectEngineCtx *);
-static DetectEngineMasterCtx g_master_de_ctx = { SCMUTEX_INITIALIZER, NULL, NULL, };
+static DetectEngineMasterCtx g_master_de_ctx = { SCMUTEX_INITIALIZER, 0, NULL, NULL, };
static DetectEngineThreadCtx *DetectEngineThreadCtxInitForMT(ThreadVars *tv);
return de_ctx;
}
+/** TODO locking? Not needed if this is a one time setting at startup */
+int DetectEngineMultiTenantEnabled(void)
+{
+ DetectEngineMasterCtx *master = &g_master_de_ctx;
+ return (master->multi_tenant_enabled);
+}
+
+void DetectEngineMultiTenantSetup(void)
+{
+ DetectEngineMasterCtx *master = &g_master_de_ctx;
+ int enabled = 0;
+ (void)ConfGetBool("multi-detect.enabled", &enabled);
+ if (enabled == 1) {
+ master->multi_tenant_enabled = 1;
+ }
+ SCLogInfo("multi-detect is %s (multi tenancy)",
+ master->multi_tenant_enabled ? "enabled" : "disabled");
+}
+
DetectEngineCtx *DetectEngineGetByTenantId(int tenant_id)
{
DetectEngineMasterCtx *master = &g_master_de_ctx;
int DetectEngineReload(const char *filename);
int DetectEngineEnabled(void);
int DetectEngineMTApply(void);
+int DetectEngineMultiTenantEnabled(void);
+void DetectEngineMultiTenantSetup(void);
int DetectEngineReloadStart(void);
int DetectEngineReloadIsStart(void);
typedef struct DetectEngineMasterCtx_ {
SCMutex lock;
+ /** enable multi tenant mode */
+ int multi_tenant_enabled;
+
/** list of active detection engines. This list is used to generate the
* threads det_ctx's */
DetectEngineCtx *list;
struct stat st;
#endif /* OS_WIN32 */
+ if (!(DetectEngineMultiTenantEnabled())) {
+ SCLogInfo("error: multi-tenant support not enabled");
+ json_object_set_new(answer, "message", json_string("multi-tenant support not enabled"));
+ return TM_ECODE_FAILED;
+ }
+
/* 1 get tenant id */
json_t *jarg = json_object_get(cmd, "id");
if (!json_is_integer(jarg)) {
*/
TmEcode UnixSocketUnregisterTenant(json_t *cmd, json_t* answer, void *data)
{
+ if (!(DetectEngineMultiTenantEnabled())) {
+ SCLogInfo("error: multi-tenant support not enabled");
+ json_object_set_new(answer, "message", json_string("multi-tenant support not enabled"));
+ return TM_ECODE_FAILED;
+ }
+
/* 1 get tenant id */
json_t *jarg = json_object_get(cmd, "id");
if (!json_is_integer(jarg)) {
if (!suri.disabled_detect) {
SCClassConfInit();
SCReferenceConfInit();
+ DetectEngineMultiTenantSetup();
SetupDelayedDetect(&suri);
if (!suri.delayed_detect) {
de_ctx = DetectEngineCtxInit();
projects / thirdparty / suricata.git / commitdiff
