From: Eric Leblond Date: Mon, 15 Nov 2021 06:40:32 +0000 (+0100) Subject: profiling: socket command to control rules profiling X-Git-Tag: suricata-7.0.0-rc2~144 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8b2313b0ae40989658cb6feb046344cfb6c59c06;p=thirdparty%2Fsuricata.git profiling: socket command to control rules profiling This patch adds unix socket command to start and stop the collection of stats when running in rules profiling mode. --- diff --git a/src/unix-manager.c b/src/unix-manager.c index 0afff751e9..cb3645cd90 100644 --- a/src/unix-manager.c +++ b/src/unix-manager.c @@ -794,6 +794,33 @@ static TmEcode UnixManagerRulesetProfileCommand(json_t *cmd, json_t *server_msg, json_object_set_new(server_msg, "message", js); SCReturnInt(TM_ECODE_OK); } + +static TmEcode UnixManagerRulesetProfileStartCommand(json_t *cmd, json_t *server_msg, void *data) +{ + SCEnter(); + + int ret = SCProfileRuleStartCollection(); + if (ret != TM_ECODE_OK) { + json_object_set_new(server_msg, "message", json_string("NOK")); + SCReturnInt(TM_ECODE_FAILED); + } + json_object_set_new(server_msg, "message", json_string("OK")); + SCReturnInt(TM_ECODE_OK); +} + +static TmEcode UnixManagerRulesetProfileStopCommand(json_t *cmd, json_t *server_msg, void *data) +{ + SCEnter(); + + int ret = SCProfileRuleStopCollection(); + if (ret != TM_ECODE_OK) { + json_object_set_new(server_msg, "message", json_string("NOK")); + SCReturnInt(TM_ECODE_FAILED); + } + json_object_set_new(server_msg, "message", json_string("OK")); + SCReturnInt(TM_ECODE_OK); +} + #endif static TmEcode UnixManagerShowFailedRules(json_t *cmd, @@ -1074,6 +1101,10 @@ int UnixManagerInit(void) UnixManagerRegisterCommand("ruleset-failed-rules", UnixManagerShowFailedRules, NULL, 0); #ifdef PROFILE_RULES UnixManagerRegisterCommand("ruleset-profile", UnixManagerRulesetProfileCommand, NULL, 0); + UnixManagerRegisterCommand( + "ruleset-profile-start", UnixManagerRulesetProfileStartCommand, NULL, 0); + UnixManagerRegisterCommand( + "ruleset-profile-stop", UnixManagerRulesetProfileStopCommand, NULL, 0); #endif UnixManagerRegisterCommand("register-tenant-handler", UnixSocketRegisterTenantHandler, &command, UNIX_CMD_TAKE_ARGS); UnixManagerRegisterCommand("unregister-tenant-handler", UnixSocketUnregisterTenantHandler, &command, UNIX_CMD_TAKE_ARGS); diff --git a/src/util-profiling.c b/src/util-profiling.c index d9ea5535ed..9c531d183c 100644 --- a/src/util-profiling.c +++ b/src/util-profiling.c @@ -1421,6 +1421,7 @@ thread_local int profiling_rules_entered = 0; int profiling_output_to_file = 0; static SC_ATOMIC_DECLARE(uint64_t, samples); static uint64_t rate = 0; +int profiling_rules_active = 0; /** * \brief Initialize profiling. @@ -1450,6 +1451,9 @@ void SCProfilingInit(void) /* see if we want to profile rules for this packet */ int SCProfileRuleStart(Packet *p) { + if (profiling_rules_active != 1) { + return 0; + } uint64_t sample = SC_ATOMIC_ADD(samples, 1); if ((sample & rate) == 0) { p->flags |= PKT_PROFILE; @@ -1461,4 +1465,16 @@ int SCProfileRuleStart(Packet *p) return 0; } +int SCProfileRuleStartCollection(void) +{ + profiling_rules_active = 1; + SCReturnInt(TM_ECODE_OK); +} + +int SCProfileRuleStopCollection(void) +{ + profiling_rules_active = 0; + SCReturnInt(TM_ECODE_OK); +} + #endif /* PROFILING */ diff --git a/src/util-profiling.h b/src/util-profiling.h index 918f4d637a..c53b25b2a1 100644 --- a/src/util-profiling.h +++ b/src/util-profiling.h @@ -401,6 +401,8 @@ void SCProfilingRuleThreadSetup(struct SCProfileDetectCtx_ *, DetectEngineThread void SCProfilingRuleThreadCleanup(DetectEngineThreadCtx *); int SCProfileRuleStart(Packet *p); json_t *SCProfileRuleTriggerDump(DetectEngineCtx *de_ctx); +int SCProfileRuleStartCollection(void); +int SCProfileRuleStopCollection(void); void SCProfilingRuleThreatAggregate(DetectEngineThreadCtx *det_ctx); #define RULE_PROFILING_START(p) \