Merge pull request #2157 in SNORT/snort3 from ~BBANTWAL/snort3:latency_fixes to master

author Steve Chew (stechew) <stechew@cisco.com>

Tue, 21 Apr 2020 14:07:23 +0000 (14:07 +0000)

committer Steve Chew (stechew) <stechew@cisco.com>

Tue, 21 Apr 2020 14:07:23 +0000 (14:07 +0000)
author Steve Chew (stechew) <stechew@cisco.com>
Tue, 21 Apr 2020 14:07:23 +0000 (14:07 +0000)
committer Steve Chew (stechew) <stechew@cisco.com>
Tue, 21 Apr 2020 14:07:23 +0000 (14:07 +0000)
diff --git a/src/latency/latency_module.cc b/src/latency/latency_module.cc

index 2a5bee245dca6192baab13615e4aba3bf16d1ace..e0ea9c7898c46136c7b6fe49dbcc9d299cfe705c 100644 (file)
--- a/src/latency/latency_module.cc
+++ b/src/latency/latency_module.cc
@@ -52,6 +52,11 @@ static const Parameter s_packet_params[] =
      { "fastpath", Parameter::PT_BOOL, nullptr, "false",
          "fastpath expensive packets (max_time exceeded)" },
  
+#ifdef REG_TEST
+    { "test_timeout", Parameter::PT_BOOL, nullptr, "false",
+        "timeout on every packet" },
+#endif
+
      { nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr }
  };
  
@@ -71,6 +76,11 @@ static const Parameter s_rule_params[] =
      { "max_suspend_time", Parameter::PT_INT, "0:max32", "30000",
          "set max time for suspending a rule (ms, 0 means permanently disable rule)" },
  
+#ifdef REG_TEST
+    { "test_timeout", Parameter::PT_BOOL, nullptr, "false",
+        "timeout on every rule evaluation" },
+#endif
+
      { nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr }
  };
  
@@ -121,6 +131,10 @@ static inline bool latency_set(Value& v, PacketLatencyConfig& config)
      }
      else if ( v.is("fastpath") )
          config.fastpath = v.get_bool();
+#ifdef REG_TEST
+    else if ( v.is("test_timeout") )
+        config.test_timeout = v.get_bool();
+#endif
  
      else
          return false;
@@ -146,6 +160,10 @@ static inline bool latency_set(Value& v, RuleLatencyConfig& config)
          long t = clock_ticks(v.get_uint32());
          config.max_suspend_time = TO_DURATION(config.max_time, t);
      }
+#ifdef REG_TEST
+    else if ( v.is("test_timeout") )
+        config.test_timeout = v.get_bool();
+#endif
      else
          return false;
  
diff --git a/src/latency/packet_latency.cc b/src/latency/packet_latency.cc

index 938987beb4af72cb99e25187947c29e279234288..93611f81fe049d4c93f09686a9dd39f3637a34bf 100644 (file)
--- a/src/latency/packet_latency.cc
+++ b/src/latency/packet_latency.cc
@@ -88,8 +88,22 @@ static inline std::ostream& operator<<(std::ostream& os, const Event& e)
  
      os << "[" << e.packet->dsize << "]";
  
-    os << ", " << e.packet->ptrs.ip_api.get_src() << ":" << e.packet->ptrs.sp;
-    os << " -> " << e.packet->ptrs.ip_api.get_dst() << ":" << e.packet->ptrs.dp;
+    if ( e.packet->has_ip() or e.packet->is_data() )
+    {
+        SfIpString src_addr, dst_addr;
+        unsigned src_port = 0, dst_port = 0;
+
+        e.packet->ptrs.ip_api.get_src()->ntop(src_addr);
+        e.packet->ptrs.ip_api.get_dst()->ntop(dst_addr);
+        if ( e.packet->proto_bits & (PROTO_BIT__TCP|PROTO_BIT__UDP) )
+        {
+            src_port = e.packet->ptrs.sp;
+            dst_port = e.packet->ptrs.dp;
+        }
+
+        os << ", " << src_addr << ":" << src_port;
+        os << " -> " << dst_addr << ":" << dst_port;
+    }
  
      return os;
  }
@@ -135,7 +149,13 @@ inline bool Impl<Clock>::pop(const Packet* p)
  
      auto timed_out = timer.marked_as_fastpathed;
  
-    if ( timer.timed_out() )
+    bool force_timeout = timer.timed_out();
+
+#ifdef REG_TEST
+    force_timeout = config->test_timeout ? true : force_timeout;
+#endif
+
+    if ( force_timeout )
      {
          timed_out = true;
  
diff --git a/src/latency/packet_latency_config.h b/src/latency/packet_latency_config.h

index 18501dfe6965cddd7567cc257a3e5afefe71f5d0..7814b98748055187fdabe3883e2a0ac51cb9f2e2 100644 (file)
--- a/src/latency/packet_latency_config.h
+++ b/src/latency/packet_latency_config.h
@@ -27,8 +27,18 @@ struct PacketLatencyConfig
  {
      hr_duration max_time = CLOCK_ZERO;
      bool fastpath = false;
+#ifdef REG_TEST
+    bool test_timeout = false;
+#endif
  
-    bool enabled() const { return max_time > CLOCK_ZERO; }
+    bool enabled() const
+    {
+#ifdef REG_TEST
+        if ( test_timeout )
+            return true;
+#endif
+        return max_time > CLOCK_ZERO;
+    }
  };
  
  #endif
diff --git a/src/latency/rule_latency.cc b/src/latency/rule_latency.cc

index 182f32f2a3300e2cf8ad197f707fc9a7274b9ce7..c38e5dfa8dd45c847a1e6646b0fa47cd00a46a1a 100644 (file)
--- a/src/latency/rule_latency.cc
+++ b/src/latency/rule_latency.cc
@@ -110,8 +110,22 @@ static inline std::ostream& operator<<(std::ostream& os, const Event& e)
      if ( e.root->num_children > 1 )
          os << " (of " << e.root->num_children << ")";
  
-    os << ", " << e.packet->ptrs.ip_api.get_src() << ":" << e.packet->ptrs.sp;
-    os << " -> " << e.packet->ptrs.ip_api.get_dst() << ":" << e.packet->ptrs.dp;
+    if ( e.packet->has_ip() or e.packet->is_data() )
+    {
+        SfIpString src_addr, dst_addr;
+        unsigned src_port = 0, dst_port = 0;
+
+        e.packet->ptrs.ip_api.get_src()->ntop(src_addr);
+        e.packet->ptrs.ip_api.get_dst()->ntop(dst_addr);
+        if ( e.packet->proto_bits & (PROTO_BIT__TCP|PROTO_BIT__UDP) )
+        {
+            src_port = e.packet->ptrs.sp;
+            dst_port = e.packet->ptrs.dp;
+        }
+
+        os << ", " << src_addr << ":" << src_port;
+        os << " -> " << dst_addr << ":" << dst_port;
+    }
  
      return os;
  }
@@ -235,7 +249,9 @@ inline bool Impl<Clock, RuleTree>::pop()
      if ( !RuleTree::is_suspended(*timer.root) )
      {
          timed_out = timer.timed_out();
-
+#ifdef REG_TEST
+        timed_out = config->test_timeout ? true : timed_out;
+#endif
          if ( timed_out )
          {
              auto suspended = RuleTree::timeout_and_suspend(*timer.root, config->suspend_threshold,
diff --git a/src/latency/rule_latency_config.h b/src/latency/rule_latency_config.h

index e47afd446e7b6332618ff9022ca1d2afb21efa37..818ccdf5183243dd2a073e4ec53c30621ba2a07e 100644 (file)
--- a/src/latency/rule_latency_config.h
+++ b/src/latency/rule_latency_config.h
@@ -29,8 +29,18 @@ struct RuleLatencyConfig
      bool suspend = false;
      unsigned suspend_threshold = 0;
      hr_duration max_suspend_time = 0_ticks;
+#ifdef REG_TEST
+    bool test_timeout = false;
+#endif
  
-    bool enabled() const { return max_time > 0_ticks; }
+    bool enabled() const
+    {
+#ifdef REG_TEST
+        if ( test_timeout )
+            return true;
+#endif
+        return max_time > 0_ticks;
+    }
      bool allow_reenable() const { return max_suspend_time > 0_ticks; }
  };
author	Steve Chew (stechew) <stechew@cisco.com>
	Tue, 21 Apr 2020 14:07:23 +0000 (14:07 +0000)
committer	Steve Chew (stechew) <stechew@cisco.com>
	Tue, 21 Apr 2020 14:07:23 +0000 (14:07 +0000)
src/latency/latency_module.cc		patch \| blob \| blame \| history
src/latency/packet_latency.cc		patch \| blob \| blame \| history
src/latency/packet_latency_config.h		patch \| blob \| blame \| history
src/latency/rule_latency.cc		patch \| blob \| blame \| history
src/latency/rule_latency_config.h		patch \| blob \| blame \| history