From: Steve Chew (stechew) Date: Tue, 21 Apr 2020 14:07:23 +0000 (+0000) Subject: Merge pull request #2157 in SNORT/snort3 from ~BBANTWAL/snort3:latency_fixes to master X-Git-Tag: 3.0.1-2~5 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cfea997cd1e60c8f3fc5360be79b093bb4d6b2d7;p=thirdparty%2Fsnort3.git Merge pull request #2157 in SNORT/snort3 from ~BBANTWAL/snort3:latency_fixes to master Squashed commit of the following: commit 58ed84f405600b31ff40e34e584b83ba425a5c80 Author: Bhagya Tholpady Date: Wed Apr 15 10:57:44 2020 -0400 latency: use test_timeout config option to deterministically trigger latency events for ifdef REG_TEST commit f88468caba4dacb779eb722f0a2f706f0a9de5da Author: Bhagya Tholpady Date: Mon Apr 13 08:28:26 2020 -0400 latency: check if ip header is present before deferring it --- diff --git a/src/latency/latency_module.cc b/src/latency/latency_module.cc index 2a5bee245..e0ea9c789 100644 --- a/src/latency/latency_module.cc +++ b/src/latency/latency_module.cc @@ -52,6 +52,11 @@ static const Parameter s_packet_params[] = { "fastpath", Parameter::PT_BOOL, nullptr, "false", "fastpath expensive packets (max_time exceeded)" }, +#ifdef REG_TEST + { "test_timeout", Parameter::PT_BOOL, nullptr, "false", + "timeout on every packet" }, +#endif + { nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr } }; @@ -71,6 +76,11 @@ static const Parameter s_rule_params[] = { "max_suspend_time", Parameter::PT_INT, "0:max32", "30000", "set max time for suspending a rule (ms, 0 means permanently disable rule)" }, +#ifdef REG_TEST + { "test_timeout", Parameter::PT_BOOL, nullptr, "false", + "timeout on every rule evaluation" }, +#endif + { nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr } }; @@ -121,6 +131,10 @@ static inline bool latency_set(Value& v, PacketLatencyConfig& config) } else if ( v.is("fastpath") ) config.fastpath = v.get_bool(); +#ifdef REG_TEST + else if ( v.is("test_timeout") ) + config.test_timeout = v.get_bool(); +#endif else return false; @@ -146,6 +160,10 @@ static inline bool latency_set(Value& v, RuleLatencyConfig& config) long t = clock_ticks(v.get_uint32()); config.max_suspend_time = TO_DURATION(config.max_time, t); } +#ifdef REG_TEST + else if ( v.is("test_timeout") ) + config.test_timeout = v.get_bool(); +#endif else return false; diff --git a/src/latency/packet_latency.cc b/src/latency/packet_latency.cc index 938987beb..93611f81f 100644 --- a/src/latency/packet_latency.cc +++ b/src/latency/packet_latency.cc @@ -88,8 +88,22 @@ static inline std::ostream& operator<<(std::ostream& os, const Event& e) os << "[" << e.packet->dsize << "]"; - os << ", " << e.packet->ptrs.ip_api.get_src() << ":" << e.packet->ptrs.sp; - os << " -> " << e.packet->ptrs.ip_api.get_dst() << ":" << e.packet->ptrs.dp; + if ( e.packet->has_ip() or e.packet->is_data() ) + { + SfIpString src_addr, dst_addr; + unsigned src_port = 0, dst_port = 0; + + e.packet->ptrs.ip_api.get_src()->ntop(src_addr); + e.packet->ptrs.ip_api.get_dst()->ntop(dst_addr); + if ( e.packet->proto_bits & (PROTO_BIT__TCP|PROTO_BIT__UDP) ) + { + src_port = e.packet->ptrs.sp; + dst_port = e.packet->ptrs.dp; + } + + os << ", " << src_addr << ":" << src_port; + os << " -> " << dst_addr << ":" << dst_port; + } return os; } @@ -135,7 +149,13 @@ inline bool Impl::pop(const Packet* p) auto timed_out = timer.marked_as_fastpathed; - if ( timer.timed_out() ) + bool force_timeout = timer.timed_out(); + +#ifdef REG_TEST + force_timeout = config->test_timeout ? true : force_timeout; +#endif + + if ( force_timeout ) { timed_out = true; diff --git a/src/latency/packet_latency_config.h b/src/latency/packet_latency_config.h index 18501dfe6..7814b9874 100644 --- a/src/latency/packet_latency_config.h +++ b/src/latency/packet_latency_config.h @@ -27,8 +27,18 @@ struct PacketLatencyConfig { hr_duration max_time = CLOCK_ZERO; bool fastpath = false; +#ifdef REG_TEST + bool test_timeout = false; +#endif - bool enabled() const { return max_time > CLOCK_ZERO; } + bool enabled() const + { +#ifdef REG_TEST + if ( test_timeout ) + return true; +#endif + return max_time > CLOCK_ZERO; + } }; #endif diff --git a/src/latency/rule_latency.cc b/src/latency/rule_latency.cc index 182f32f2a..c38e5dfa8 100644 --- a/src/latency/rule_latency.cc +++ b/src/latency/rule_latency.cc @@ -110,8 +110,22 @@ static inline std::ostream& operator<<(std::ostream& os, const Event& e) if ( e.root->num_children > 1 ) os << " (of " << e.root->num_children << ")"; - os << ", " << e.packet->ptrs.ip_api.get_src() << ":" << e.packet->ptrs.sp; - os << " -> " << e.packet->ptrs.ip_api.get_dst() << ":" << e.packet->ptrs.dp; + if ( e.packet->has_ip() or e.packet->is_data() ) + { + SfIpString src_addr, dst_addr; + unsigned src_port = 0, dst_port = 0; + + e.packet->ptrs.ip_api.get_src()->ntop(src_addr); + e.packet->ptrs.ip_api.get_dst()->ntop(dst_addr); + if ( e.packet->proto_bits & (PROTO_BIT__TCP|PROTO_BIT__UDP) ) + { + src_port = e.packet->ptrs.sp; + dst_port = e.packet->ptrs.dp; + } + + os << ", " << src_addr << ":" << src_port; + os << " -> " << dst_addr << ":" << dst_port; + } return os; } @@ -235,7 +249,9 @@ inline bool Impl::pop() if ( !RuleTree::is_suspended(*timer.root) ) { timed_out = timer.timed_out(); - +#ifdef REG_TEST + timed_out = config->test_timeout ? true : timed_out; +#endif if ( timed_out ) { auto suspended = RuleTree::timeout_and_suspend(*timer.root, config->suspend_threshold, diff --git a/src/latency/rule_latency_config.h b/src/latency/rule_latency_config.h index e47afd446..818ccdf51 100644 --- a/src/latency/rule_latency_config.h +++ b/src/latency/rule_latency_config.h @@ -29,8 +29,18 @@ struct RuleLatencyConfig bool suspend = false; unsigned suspend_threshold = 0; hr_duration max_suspend_time = 0_ticks; +#ifdef REG_TEST + bool test_timeout = false; +#endif - bool enabled() const { return max_time > 0_ticks; } + bool enabled() const + { +#ifdef REG_TEST + if ( test_timeout ) + return true; +#endif + return max_time > 0_ticks; + } bool allow_reenable() const { return max_suspend_time > 0_ticks; } };