]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1869688)
pfring: fix live device counter usage 757/head
authorEric Leblond <eric@regit.org>
Tue, 31 Dec 2013 15:09:43 +0000 (16:09 +0100)
committerVictor Julien <victor@inliniac.net>
Fri, 10 Jan 2014 13:47:44 +0000 (14:47 +0100)
Live device counter was in fact the number of packets seen by suricata
and not the total number of packet reported by pfring. This patch fixes
this by using counter provided by kernel instead.

Pfring kernel counter is per socket and is not cleared after read.
So to get the number of packet on the interface we can add the new
value for this thread and add it to the interface counter.

src/source-pfring.c patch | blob | blame | history

diff --git a/src/source-pfring.c b/src/source-pfring.c
index 92992f99bcde9aca35a55b2d20d5c26a1021868a..09ef215ecd8341e27b66537f27a330997eb8c0b4 100644 (file)
--- a/src/source-pfring.c
+++ b/src/source-pfring.c
@@ -189,9 +189,18 @@ static inline void PfringDumpCounters(PfringThreadVars *ptv)
 {
     pfring_stat pfring_s;
     if (likely((pfring_stats(ptv->pd, &pfring_s) >= 0))) {
+        /* pfring counter is per socket and is not cleared after read.
+         * So to get the number of packet on the interface we can add
+         * the newly seen packets and drops for this thread and add it
+         * to the interface counter */
+        uint64_t th_pkts = SCPerfGetLocalCounterValue(ptv->capture_kernel_packets,
+                                                      ptv->tv->sc_perf_pca);
+        uint64_t th_drops = SCPerfGetLocalCounterValue(ptv->capture_kernel_drops,
+                                                       ptv->tv->sc_perf_pca);
+        SC_ATOMIC_ADD(ptv->livedev->pkts, pfring_s.recv - th_pkts);
+        SC_ATOMIC_ADD(ptv->livedev->drop, pfring_s.drop - th_drops);
         SCPerfCounterSetUI64(ptv->capture_kernel_packets, ptv->tv->sc_perf_pca, pfring_s.recv);
         SCPerfCounterSetUI64(ptv->capture_kernel_drops, ptv->tv->sc_perf_pca, pfring_s.drop);
-        SC_ATOMIC_SET(ptv->livedev->drop, pfring_s.drop);
     }
 }
 
@@ -211,7 +220,6 @@ static inline void PfringProcessPacket(void *user, struct pfring_pkthdr *h, Pack
 
     ptv->bytes += h->caplen;
     ptv->pkts++;
-    (void) SC_ATOMIC_ADD(ptv->livedev->pkts, 1);
     p->livedev = ptv->livedev;
 
     /* PF_RING may fail to set timestamp */
Mirror of https://github.com/OISF/suricata.git