tcp reuse: enable stream handling based on runmode

Add a way for runmodes to state that flow and stream run asynchorously.

In the stream engine, enable the TCP reuse handling only if that flag
is set.

diff --git a/src/flow-hash.c b/src/flow-hash.c
index ea3b13408125ee265f2a1ac4d538576d9c9cd10a..3d609b197754a00a11d433142ee1c695cdac0e08 100644 (file)
--- a/src/flow-hash.c
+++ b/src/flow-hash.c
@@ -410,7 +410,8 @@ static inline int FlowCompare(Flow *f, const Packet *p)
             /* okay, we need to setup a new flow for this packet.
              * Flag the flow that it's been replaced by a new one */
             f->flags |= FLOW_TCP_REUSED;
-            SCLogDebug("flow obsolete: TCP reuse will use a new flow");
+            SCLogDebug("flow obsolete: TCP reuse will use a new flow "
+                    "starting with packet %"PRIu64, p->pcap_cnt);
             return 0;
         }
         return 1;

diff --git a/src/runmode-erf-file.c b/src/runmode-erf-file.c
index dad86caaaa27859b6cd7a131d5405f1ecfe8f14e..50f47669d0170e5cad0c6602af6d0ff7609ad3a9 100644 (file)
--- a/src/runmode-erf-file.c
+++ b/src/runmode-erf-file.c
@@ -137,6 +137,7 @@ int RunModeErfFileAutoFp(DetectEngineCtx *de_ctx)
     int thread;
 
     RunModeInitialize();
+    RunmodeSetFlowStreamAsync();
 
     char *file = NULL;
     if (ConfGet("erf-file.file", &file) == 0) {

diff --git a/src/runmode-pcap-file.c b/src/runmode-pcap-file.c
index 9b2c25010067ba1d6af94f1d043daccc0e89e292..bd0e68e604b5b238c95faf1657bdb09378b90127 100644 (file)
--- a/src/runmode-pcap-file.c
+++ b/src/runmode-pcap-file.c
@@ -154,6 +154,7 @@ int RunModeFilePcapAutoFp(DetectEngineCtx *de_ctx)
     int thread;
 
     RunModeInitialize();
+    RunmodeSetFlowStreamAsync();
 
     char *file = NULL;
     if (ConfGet("pcap-file.file", &file) == 0) {

diff --git a/src/stream-tcp.c b/src/stream-tcp.c
index 97e717e297f42a13407bf7b790902d5d01bfe832..54b76dc2add89d6e23d413892cbe18c2ea42e999 100644 (file)
--- a/src/stream-tcp.c
+++ b/src/stream-tcp.c
@@ -71,6 +71,7 @@
 #include "util-profiling.h"
 #include "util-misc.h"
 #include "util-validate.h"
+#include "util-runmodes.h"
 
 #include "source-pcap-file.h"
 
@@ -4860,6 +4861,9 @@ static void TcpSessionReuseHandle(Packet *p) {
         return;
     }
 
+    SCLogDebug("steam starter packet %"PRIu64", and state "
+            "ready to be reused", p->pcap_cnt);
+
     /* ok, this packet needs a new flow */
 
     /* first, get a reference to the old flow */
@@ -4987,20 +4991,20 @@ TmEcode StreamTcp (ThreadVars *tv, Packet *p, void *data, PacketQueue *pq, Packe
         p->flags |= PKT_IGNORE_CHECKSUM;
     }
 
-// TODO autofp only somehow
-    /* "autofp" handling of TCP session/flow reuse */
-    if (!(p->flags & PKT_PSEUDO_STREAM_END)) {
-        /* apply previous reuses to this packet */
-        TcpSessionReuseHandleApplyToPacket(p);
-        if (p->flow == NULL)
-            return ret;
+    if (stt->runmode_flow_stream_async) {
+        /* "autofp" handling of TCP session/flow reuse */
+        if (!(p->flags & PKT_PSEUDO_STREAM_END)) {
+            /* apply previous reuses to this packet */
+            TcpSessionReuseHandleApplyToPacket(p);
+            if (p->flow == NULL)
+                return ret;
 
-        /* after that, check for 'new' reuse */
-        TcpSessionReuseHandle(p);
-        if (p->flow == NULL)
-            return ret;
+            /* after that, check for 'new' reuse */
+            TcpSessionReuseHandle(p);
+            if (p->flow == NULL)
+                return ret;
+        }
     }
-
     AppLayerProfilingReset(stt->ra_ctx->app_tctx);
 
     FLOWLOCK_WRLOCK(p->flow);
@@ -5110,6 +5114,11 @@ TmEcode StreamTcpThreadInit(ThreadVars *tv, void *initdata, void **data)
     if (stt->ssn_pool_id < 0 || ssn_pool == NULL)
         SCReturnInt(TM_ECODE_FAILED);
 
+    /* see if need to enable the TCP reuse handling in the stream engine */
+    stt->runmode_flow_stream_async = RunmodeGetFlowStreamAsync();
+    SCLogDebug("Flow and Stream engine run %s",
+            stt->runmode_flow_stream_async ? "asynchronous" : "synchronous");
+
     SCReturnInt(TM_ECODE_OK);
 }
 

diff --git a/src/stream-tcp.h b/src/stream-tcp.h
index 113e2e88a135396025123aa9cc694e2930030271..8dfc992a5fee74a457fb08af50be058d5332a2aa 100644 (file)
--- a/src/stream-tcp.h
+++ b/src/stream-tcp.h
@@ -76,6 +76,10 @@ typedef struct TcpStreamCnf_ {
 typedef struct StreamTcpThread_ {
     int ssn_pool_id;
 
+    /** if set to true, we activate the TCP tuple reuse code in the
+     *  stream engine. */
+    int runmode_flow_stream_async;
+
     uint64_t pkts;
 
     /** queue for pseudo packet(s) that were created in the stream

diff --git a/src/util-runmodes.c b/src/util-runmodes.c
index 293ff43f8485adf719db7cdfd9b0e8e90037ae91..8f1c85964939de81bfa090f9e1380388f63c1fbd 100644 (file)
--- a/src/util-runmodes.c
+++ b/src/util-runmodes.c
@@ -47,6 +47,20 @@
 
 #include "util-runmodes.h"
 
+/** set to true if flow engine and stream engine run in different
+ *  threads. */
+static int runmode_flow_stream_async = 0;
+
+void RunmodeSetFlowStreamAsync(void)
+{
+    runmode_flow_stream_async = 1;
+}
+
+int RunmodeGetFlowStreamAsync(void)
+{
+    return runmode_flow_stream_async;
+}
+
 /** \brief create a queue string for autofp to pass to
  *         the flow queue handler.
  *
@@ -103,6 +117,8 @@ int RunModeSetLiveCaptureAutoFp(DetectEngineCtx *de_ctx,
     if (thread_max < 1)
         thread_max = 1;
 
+    RunmodeSetFlowStreamAsync();
+
     queues = RunmodeAutoFpCreatePickupQueuesString(thread_max);
     if (queues == NULL) {
         SCLogError(SC_ERR_RUNMODE, "RunmodeAutoFpCreatePickupQueuesString failed");
@@ -493,6 +509,8 @@ int RunModeSetIPSAutoFp(DetectEngineCtx *de_ctx,
     if (thread_max < 1)
         thread_max = 1;
 
+    RunmodeSetFlowStreamAsync();
+
     queues = RunmodeAutoFpCreatePickupQueuesString(thread_max);
     if (queues == NULL) {
         SCLogError(SC_ERR_RUNMODE, "RunmodeAutoFpCreatePickupQueuesString failed");

diff --git a/src/util-runmodes.h b/src/util-runmodes.h
index 2d562c34727d17580d3c89ee962a5de64d589983..c1852ccd8aac88e4b808bc5357bf9d8b1253f04f 100644 (file)
--- a/src/util-runmodes.h
+++ b/src/util-runmodes.h
@@ -23,6 +23,8 @@
 #ifndef __UTIL_RUNMODES_H__
 #define __UTIL_RUNMODES_H__
 
+void RunmodeSetFlowStreamAsync(void);
+int RunmodeGetFlowStreamAsync(void);
 
 typedef void *(*ConfigIfaceParserFunc) (const char *);
 typedef void *(*ConfigIPSParserFunc) (int);