From: Alexander Gozman <goal81@gmail.com>
Date: Sun, 20 Aug 2017 12:22:34 +0000 (+0300)
Subject: Bug #2201: af_packet - treat BPF filter error as fatal
X-Git-Tag: suricata-4.0.1~37
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F2880%2Fhead;p=thirdparty%2Fsuricata.git

Bug #2201: af_packet - treat BPF filter error as fatal

There is no need to try to set erroneous BPF filter again and again. Such attempts
lead to constant mmap() calls without corresponding munmap() when 'use-mmap' is enabled.
---

diff --git a/src/source-af-packet.c b/src/source-af-packet.c
index 791a51025d..b225057fbf 100644
--- a/src/source-af-packet.c
+++ b/src/source-af-packet.c
@@ -2045,21 +2045,14 @@ static int AFPCreateSocket(AFPThreadVars *ptv, char *devname, int verbose)
     rc = AFPSetBPFFilter(ptv);
     if (rc == TM_ECODE_FAILED) {
         SCLogError(SC_ERR_AFP_CREATE, "Set AF_PACKET bpf filter \"%s\" failed.", ptv->bpf_filter);
-        goto frame_err;
+        ret = AFP_FATAL_ERROR;
+        goto socket_err;
     }
 
     /* Init is ok */
     AFPSwitchState(ptv, AFP_STATE_UP);
     return 0;
 
-frame_err:
-    if (ptv->flags & AFP_TPACKET_V3) {
-        if (ptv->ring_v3)
-            SCFree(ptv->ring_v3);
-    } else {
-        if (ptv->ring_v2)
-            SCFree(ptv->ring_v2);
-    }
 socket_err:
     close(ptv->socket);
     ptv->socket = -1;
@@ -2112,7 +2105,6 @@ TmEcode AFPSetBPFFilter(AFPThreadVars *ptv)
     return TM_ECODE_OK;
 }
 
-
 /**
  * \brief Init function for ReceiveAFP.
  *