af-packet: no VLAN id from msg header for old kernel

This patch uses the new function SCKernelVersionIsAtLeast to know
that we've got a old kernel that do not strip the VLAN header from
the message before sending it to userspace.

diff --git a/src/source-af-packet.c b/src/source-af-packet.c
index 5f31b429877cff608711b266506d1567843a2b65..2f3ba822a772c7b8646906483f1c1f478dfcc23f 100644 (file)
--- a/src/source-af-packet.c
+++ b/src/source-af-packet.c
@@ -51,6 +51,7 @@
 #include "util-optimize.h"
 #include "util-checksum.h"
 #include "util-ioctl.h"
+#include "util-host-info.h"
 #include "tmqh-packetpool.h"
 #include "source-af-packet.h"
 #include "runmodes.h"
@@ -1615,6 +1616,13 @@ TmEcode ReceiveAFPThreadInit(ThreadVars *tv, void *initdata, void **data) {
         ptv->vlan_disabled = 1;
     }
 
+    /* If kernel is older than 3.0, VLAN is not stripped so we don't
+     * get the info from packet extended header but we will use a standard
+     * parsing of packet data (See Linux commit bcc6d47903612c3861201cc3a866fb604f26b8b2) */
+    if (! SCKernelVersionIsAtLeast(3, 0)) {
+        ptv->vlan_disabled = 1;
+    }
+
     SCReturnInt(TM_ECODE_OK);
 }