From: Jason Ish Date: Mon, 3 Jun 2024 23:04:10 +0000 (-0600) Subject: lib: take pointer to LiveDevice, not name X-Git-Tag: suricata-8.0.0-beta1~144 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=04b29aa8d353c7b179a9d3f96ce9169018484750;p=thirdparty%2Fsuricata.git lib: take pointer to LiveDevice, not name In the library capture example, show how the packet counter can be updated. Ticket: #7240 --- diff --git a/examples/lib/custom/main.c b/examples/lib/custom/main.c index 11c10ab6ff..3a6a81e44a 100644 --- a/examples/lib/custom/main.c +++ b/examples/lib/custom/main.c @@ -49,13 +49,21 @@ static void *SimpleWorker(void *arg) pthread_exit(NULL); } + LiveDevice *device = LiveGetDevice("lib0"); + assert(device != NULL); + int datalink = pcap_datalink(fp); + int count = 0; struct pcap_pkthdr pkthdr; const u_char *packet; while ((packet = pcap_next(fp, &pkthdr)) != NULL) { - if (TmModuleLibHandlePacket(tv, packet, datalink, pkthdr.ts, pkthdr.len, 0, 0, NULL) != 0) { + if (TmModuleLibHandlePacket(tv, device, packet, datalink, pkthdr.ts, pkthdr.len, 0, 0) != + 0) { pthread_exit(NULL); } + + (void)SC_ATOMIC_ADD(device->pkts, 1); + count++; } pcap_close(fp); @@ -120,6 +128,11 @@ int main(int argc, char **argv) /* Force logging to the current directory. */ ConfSetFromString("default-log-dir=.", 1); + if (LiveRegisterDevice("lib0") < 0) { + fprintf(stderr, "LiveRegisterDevice failed"); + exit(1); + } + SuricataInit(); /* Create and start worker on its own thread, passing the PCAP diff --git a/src/source-lib.c b/src/source-lib.c index 6c304fc300..7e8f55415e 100644 --- a/src/source-lib.c +++ b/src/source-lib.c @@ -122,17 +122,17 @@ TmEcode DecodeLib(ThreadVars *tv, Packet *p, void *data) /** \brief process a single packet. * * \param tv Pointer to the per-thread structure. + * \param device Pionter to LiveDevice instance * \param data Pointer to the raw packet. * \param datalink Datalink type. * \param ts Timeval structure. * \param len Packet length. * \param tenant_id Tenant id of the detection engine to use. * \param flags Packet flags (packet checksum, rule profiling...). - * \param iface Sniffing interface this packet comes from (can be NULL). * \return Error code. */ -int TmModuleLibHandlePacket(ThreadVars *tv, const uint8_t *data, int datalink, struct timeval ts, - uint32_t len, uint32_t tenant_id, uint32_t flags, const char *iface) +int TmModuleLibHandlePacket(ThreadVars *tv, LiveDevice *device, const uint8_t *data, int datalink, + struct timeval ts, uint32_t len, uint32_t tenant_id, uint32_t flags) { /* If the packet is NULL, consider it as a read timeout. */ @@ -159,11 +159,7 @@ int TmModuleLibHandlePacket(ThreadVars *tv, const uint8_t *data, int datalink, s p->datalink = datalink; p->tenant_id = tenant_id; p->flags |= flags; - - /* Set the sniffing interface. */ - if (iface) { - p->livedev = LiveGetDevice(iface); - } + p->livedev = device; if (PacketSetData(p, data, len) == -1) { TmqhOutputPacketpool(tv, p); diff --git a/src/source-lib.h b/src/source-lib.h index 3f0594bd8e..432f12aa50 100644 --- a/src/source-lib.h +++ b/src/source-lib.h @@ -27,6 +27,7 @@ #define SURICATA_SOURCE_LIB_H #include "tm-threads.h" +#include "util-device.h" /** \brief register a "Decode" module for suricata as a library. * @@ -45,7 +46,7 @@ void TmModuleDecodeLibRegister(void); * \param iface Sniffing interface this packet comes from (can be NULL). * \return Error code. */ -int TmModuleLibHandlePacket(ThreadVars *tv, const uint8_t *data, int datalink, struct timeval ts, - uint32_t len, uint32_t tenant_id, uint32_t flags, const char *iface); +int TmModuleLibHandlePacket(ThreadVars *tv, LiveDevice *device, const uint8_t *data, int datalink, + struct timeval ts, uint32_t len, uint32_t tenant_id, uint32_t flags); #endif /* SURICATA_SOURCE_LIB_H */