From: Victor Julien <victor@inliniac.net>
Date: Wed, 25 Jun 2014 14:16:30 +0000 (+0200)
Subject: capture: warn -i user if faster options are available
X-Git-Tag: suricata-3.0.1~15
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=30410e6900449a7f6d5798d5ac7bb86b7bd2b58d;p=thirdparty%2Fsuricata.git

capture: warn -i user if faster options are available

If af-packet, netmap or pfring are available, users should use those
for best performance.
---

diff --git a/src/suricata.c b/src/suricata.c
index 57e7afdb06..5d8348ccfc 100644
--- a/src/suricata.c
+++ b/src/suricata.c
@@ -1538,6 +1538,44 @@ static TmEcode ParseCommandLine(int argc, char** argv, SCInstance *suri)
                 return TM_ECODE_FAILED;
             }
 
+            /* warn user if af-packet, netmap or pf-ring are available */
+#if defined HAVE_AF_PACKET || HAVE_PFRING || HAVE_NETMAP
+            int i = 0;
+#ifdef HAVE_AF_PACKET
+            i++;
+#endif
+#ifdef HAVE_PFRING
+            i++;
+#endif
+#ifdef HAVE_NETMAP
+            i++;
+#endif
+            SCLogWarning(SC_WARN_FASTER_CAPTURE_AVAILABLE, "faster capture "
+                "option%s %s available:"
+#ifdef HAVE_AF_PACKET
+                " AF_PACKET (--af-packet=%s)"
+#endif
+#ifdef HAVE_PFRING
+                " PF_RING (--pfring-int=%s)"
+#endif
+#ifdef HAVE_NETMAP
+                " NETMAP (--netmap=%s)"
+#endif
+                ". Use --pcap=%s to suppress this warning",
+                i == 1 ? "" : "s", i == 1 ? "is" : "are"
+
+#ifdef HAVE_AF_PACKET
+                , optarg
+#endif
+#ifdef HAVE_PFRING
+                , optarg
+#endif
+#ifdef HAVE_NETMAP
+                , optarg
+#endif
+                , optarg
+                );
+#endif
             /* some windows shells require escaping of the \ in \Device. Otherwise
              * the backslashes are stripped. We put them back here. */
             if (strlen(optarg) > 9 && strncmp(optarg, "DeviceNPF", 9) == 0) {
diff --git a/src/util-error.c b/src/util-error.c
index 5b03c5ad15..3bf695504a 100644
--- a/src/util-error.c
+++ b/src/util-error.c
@@ -315,6 +315,7 @@ const char * SCErrorToString(SCError err)
         CASE_CODE (SC_ERR_STATS_LOG_NEGATED);
         CASE_CODE (SC_ERR_JSON_STATS_LOG_NEGATED);
         CASE_CODE (SC_ERR_DEPRECATED_CONF);
+        CASE_CODE (SC_WARN_FASTER_CAPTURE_AVAILABLE);
     }
 
     return "UNKNOWN_ERROR";
diff --git a/src/util-error.h b/src/util-error.h
index 0dcfb674d1..42fd74f963 100644
--- a/src/util-error.h
+++ b/src/util-error.h
@@ -305,6 +305,7 @@ typedef enum {
     SC_ERR_STATS_LOG_NEGATED, /** When totals and threads are both NO in yaml **/
     SC_ERR_JSON_STATS_LOG_NEGATED, /** When totals and threads are both NO in yaml **/
     SC_ERR_DEPRECATED_CONF, /**< Deprecated configuration parameter. */
+    SC_WARN_FASTER_CAPTURE_AVAILABLE,
 } SCError;
 
 const char *SCErrorToString(SCError);