aconf->ring_size = max_pending_packets * 2 / aconf->threads;
}
+ aconf->block_size = getpagesize() << AFP_BLOCK_SIZE_DEFAULT_ORDER;
+ if ((ConfGetChildValueIntWithDefault(if_root, if_default, "block-size", &value)) == 1) {
+ if (value % getpagesize()) {
+ SCLogError(SC_ERR_INVALID_VALUE, "Block-size must be a multiple of pagesize.");
+ } else {
+ aconf->block_size = value;
+ }
+ }
+
+ if ((ConfGetChildValueIntWithDefault(if_root, if_default, "block-timeout", &value)) == 1) {
+ aconf->block_timeout = value;
+ } else {
+ aconf->block_timeout = 10;
+ }
+
(void)ConfGetChildValueBoolWithDefault(if_root, if_default, "disable-promisc", (int *)&boolval);
if (boolval) {
SCLogInfo("Disabling promiscuous mode on iface %s",
int socket;
int ring_size;
- /* Filter */
- char *bpf_filter;
-
+ int block_size;
/* socket buffer size */
int buffer_size;
+ /* Filter */
+ char *bpf_filter;
int promisc;
static int AFPComputeRingParamsV3(AFPThreadVars *ptv)
{
- ptv->req3.tp_block_size = getpagesize();
+ ptv->req3.tp_block_size = ptv->block_size;
ptv->req3.tp_frame_size = 2048;
int frames_per_block = 0;
int tp_hdrlen = sizeof(struct tpacket3_hdr);
return AFP_FATAL_ERROR;
}
} else {
-#define DEFAULT_ORDER 3
- for (order = DEFAULT_ORDER; order >= 0; order--) {
+ for (order = AFP_BLOCK_SIZE_DEFAULT_ORDER; order >= 0; order--) {
if (AFPComputeRingParams(ptv, order) != 1) {
SCLogInfo("Ring parameter are incorrect. Please correct the devel");
return AFP_FATAL_ERROR;
ptv->buffer_size = afpconfig->buffer_size;
ptv->ring_size = afpconfig->ring_size;
+ ptv->block_size = afpconfig->block_size;
ptv->promisc = afpconfig->promisc;
ptv->checksum_mode = afpconfig->checksum_mode;
#define AFP_FILE_MAX_PKTS 256
#define AFP_IFACE_NAME_LENGTH 48
+#define AFP_BLOCK_SIZE_DEFAULT_ORDER 3
+
typedef struct AFPIfaceConfig_
{
char iface[AFP_IFACE_NAME_LENGTH];
int buffer_size;
/* ring size in number of packets */
int ring_size;
+ /* block size for tpacket_v3 */
+ int block_size;
/* cluster param */
int cluster_id;
int cluster_type;
# intensive single-flow you could want to set the ring-size independantly of the number
# of threads:
#ring-size: 2048
+ # Block size is used by tpacket_v3 only. It should set to a value high enough to contain
+ # a decent number of packets. Size is in bytes so please consider your MTU. It should be
+ # a power of 2 and it must be multiple of page size (usually 4096).
+ #block-size: 32768
# On busy system, this could help to set it to yes to recover from a packet drop
# phase. This will result in some packets (at max a ring flush) being non treated.
#use-emergency-flush: yes
projects / thirdparty / suricata.git / commitdiff
