From: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Thu, 19 Jan 2023 23:33:13 +0000 (+0000)
Subject: Pull request #3697: memory: Added memusage pegs
X-Git-Tag: 3.1.53.0~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b1f3bd5b54f5fd0f878695f391a96abc7b5caae9;p=thirdparty%2Fsnort3.git

Pull request #3697: memory: Added memusage pegs

Merge in SNORT/snort3 from ~AKAYAMBU/snort3:memusage to master

Squashed commit of the following:

commit 3a41f9cd67876831ce9c501f9fed17675f2e4718
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date:   Fri Dec 9 06:56:16 2022 -0500

    memory: Added memusage pegs
---

diff --git a/src/file_api/file_capture.cc b/src/file_api/file_capture.cc
index 5f6997655..7a3f62e2f 100644
--- a/src/file_api/file_capture.cc
+++ b/src/file_api/file_capture.cc
@@ -539,10 +539,14 @@ void FileCapture::print_mem_usage()
 {
     if (file_mempool)
     {
+        int64_t block_size = get_block_size() + sizeof (FileCapture);
+        if (block_size & 7)
+            block_size += (8 - (block_size & 7));
         LogCount("Max buffers can allocate", file_mempool->total_objects());
         LogCount("Buffers in use", file_mempool->allocated());
         LogCount("Buffers in free list", file_mempool->freed());
         LogCount("Buffers in release list", file_mempool->released());
+        LogCount("Memory usage in bytes", file_mempool->allocated() * block_size);
     }
 }
 
diff --git a/src/network_inspectors/port_scan/ps_detect.cc b/src/network_inspectors/port_scan/ps_detect.cc
index 45c1ce13d..aaba4b82a 100644
--- a/src/network_inspectors/port_scan/ps_detect.cc
+++ b/src/network_inspectors/port_scan/ps_detect.cc
@@ -158,6 +158,15 @@ void ps_reset()
         portscan_hash->clear_hash();
 }
 
+void ps_update_memusage_peg()
+{
+    if (portscan_hash)
+        spstats.bytes_in_use = portscan_hash->get_mem_used();
+    else
+        spstats.bytes_in_use = 0;
+}
+
+
 //  Check scanner and scanned ips to see if we can filter them out.
 bool PortScan::ps_ignore_ip(const SfIp* scanner, uint16_t scanner_port,
     const SfIp* scanned, uint16_t scanned_port)
@@ -310,6 +319,7 @@ static PS_TRACKER* ps_tracker_get(PS_HASH_KEY* key)
 
     ht = (PS_TRACKER*)portscan_hash->get_mru_user_data();
 
+
     if ( ht )
         memset(ht, 0x00, sizeof(PS_TRACKER));
 
diff --git a/src/network_inspectors/port_scan/ps_detect.h b/src/network_inspectors/port_scan/ps_detect.h
index dd6db6c0e..cc3ac55a9 100644
--- a/src/network_inspectors/port_scan/ps_detect.h
+++ b/src/network_inspectors/port_scan/ps_detect.h
@@ -162,6 +162,7 @@ struct PS_PKT
 
 void ps_cleanup();
 void ps_reset();
+void ps_update_memusage_peg();
 
 unsigned ps_node_size();
 bool ps_init_hash(unsigned long);
diff --git a/src/network_inspectors/port_scan/ps_module.cc b/src/network_inspectors/port_scan/ps_module.cc
index bfb0e1077..e6c6ba5a2 100644
--- a/src/network_inspectors/port_scan/ps_module.cc
+++ b/src/network_inspectors/port_scan/ps_module.cc
@@ -204,7 +204,10 @@ const PegInfo* PortScanModule::get_pegs() const
 { return ps_module_pegs; }
 
 PegCount* PortScanModule::get_counts() const
-{ return (PegCount*)&spstats; }
+{
+    ps_update_memusage_peg();
+    return (PegCount*)&spstats;
+}
 
 const RuleMap* PortScanModule::get_rules() const
 { return port_scan_rules; }
diff --git a/src/network_inspectors/port_scan/ps_pegs.h b/src/network_inspectors/port_scan/ps_pegs.h
index 9b14682d0..d37180f00 100644
--- a/src/network_inspectors/port_scan/ps_pegs.h
+++ b/src/network_inspectors/port_scan/ps_pegs.h
@@ -30,6 +30,7 @@ static const PegInfo ps_module_pegs[] =
     { CountType::SUM, "trackers", "number of trackers allocated by port scan" },
     { CountType::SUM, "alloc_prunes", "number of trackers pruned on allocation of new tracking" },
     { CountType::SUM, "reload_prunes", "number of trackers pruned on reload due to reduced memcap" },
+    { CountType::NOW, "bytes_in_use", "number of bytes currently used by portscan" },
     { CountType::END, nullptr, nullptr },
 };
 
@@ -39,6 +40,7 @@ struct PsPegStats
     PegCount trackers;
     PegCount alloc_prunes;
     PegCount reload_prunes;
+    PegCount bytes_in_use;
 };
 
 #endif
diff --git a/src/service_inspectors/netflow/netflow.cc b/src/service_inspectors/netflow/netflow.cc
index ddfacdf47..d3b69a25f 100644
--- a/src/service_inspectors/netflow/netflow.cc
+++ b/src/service_inspectors/netflow/netflow.cc
@@ -1043,6 +1043,8 @@ void NetFlowInspector::tterm()
     }
     delete netflow_cache;
     delete template_cache;
+    netflow_cache = nullptr;
+    template_cache = nullptr;
 }
 
 void NetFlowInspector::install_reload_handler(SnortConfig* sc)
diff --git a/src/service_inspectors/netflow/netflow_module.cc b/src/service_inspectors/netflow/netflow_module.cc
index 785b5d148..55357d5b6 100644
--- a/src/service_inspectors/netflow/netflow_module.cc
+++ b/src/service_inspectors/netflow/netflow_module.cc
@@ -27,12 +27,15 @@
 #include <sstream>
 #include <string>
 
+#include "netflow_cache.h"
 #include "netflow_module.h"
 
 #include "utils/util.h"
 
 using namespace snort;
 
+extern THREAD_LOCAL NetFlowCache* netflow_cache;
+extern THREAD_LOCAL TemplateFieldCache* template_cache;
 // -----------------------------------------------------------------------------
 // static variables
 // -----------------------------------------------------------------------------
@@ -94,6 +97,8 @@ static const PegInfo netflow_pegs[] =
     { CountType::SUM, "v9_templates", "count of total version 9 templates" },
     { CountType::SUM, "version_5", "count of netflow version 5 packets received" },
     { CountType::SUM, "version_9", "count of netflow version 9 packets received" },
+    { CountType::NOW, "netflow_cache_bytes_in_use", "number of bytes used in netflow cache" },
+    { CountType::NOW, "template_cache_bytes_in_use", "number of bytes used in template cache" },
     { CountType::END, nullptr, nullptr},
 };
 
@@ -251,7 +256,19 @@ void NetFlowModule::parse_service_id_file(const std::string& serv_id_file_path)
 }
 
 PegCount* NetFlowModule::get_counts() const
-{ return (PegCount*)&netflow_stats; }
+{
+    if (netflow_cache && template_cache)
+    {
+        netflow_stats.netflow_cache_bytes_in_use = netflow_cache->current_size;
+        netflow_stats.template_cache_bytes_in_use = template_cache->current_size;
+    }
+    else
+    {
+        netflow_stats.netflow_cache_bytes_in_use = 0;
+        netflow_stats.template_cache_bytes_in_use = 0;
+    }
+    return (PegCount*)&netflow_stats;
+}
 
 const PegInfo* NetFlowModule::get_pegs() const
 { return netflow_pegs; }
diff --git a/src/service_inspectors/netflow/netflow_module.h b/src/service_inspectors/netflow/netflow_module.h
index 3cadfc0f0..73f8c2ba0 100644
--- a/src/service_inspectors/netflow/netflow_module.h
+++ b/src/service_inspectors/netflow/netflow_module.h
@@ -137,6 +137,8 @@ struct NetFlowStats : public LruCacheLocalStats
     PegCount v9_templates;
     PegCount version_5;
     PegCount version_9;
+    PegCount netflow_cache_bytes_in_use;
+    PegCount template_cache_bytes_in_use;
 };
 
 extern THREAD_LOCAL NetFlowStats netflow_stats;