From: Victor Julien Date: Mon, 26 May 2014 10:45:59 +0000 (+0200) Subject: nflog: set socket timeout X-Git-Tag: suricata-2.0.2~29 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F978%2Fhead;p=thirdparty%2Fsuricata.git nflog: set socket timeout Set socket timeout so that we can exit if there is no traffic. It would hang after the SIGINT signal, until packets arived. --- diff --git a/src/source-nflog.c b/src/source-nflog.c index 372fad9e36..1bda45b0e5 100644 --- a/src/source-nflog.c +++ b/src/source-nflog.c @@ -289,6 +289,18 @@ TmEcode ReceiveNFLOGThreadInit(ThreadVars *tv, void *initdata, void **data) SCReturnInt(TM_ECODE_FAILED); } + /* set a timeout to the socket so we can check for a signal + * in case we don't get packets for a longer period. */ + struct timeval timev; + timev.tv_sec = 1; + timev.tv_usec = 0; + + int fd = nflog_fd(ntv->h); + if (setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &timev, sizeof(timev)) == -1) { + SCLogWarning(SC_WARN_NFLOG_SETSOCKOPT, "can't set socket " + "timeout: %s", strerror(errno)); + } + #ifdef PACKET_STATISTICS ntv->capture_kernel_packets = SCPerfTVRegisterCounter("capture.kernel_packets", ntv->tv, diff --git a/src/util-error.c b/src/util-error.c index 1c5a1e21fa..99b65ba7b5 100644 --- a/src/util-error.c +++ b/src/util-error.c @@ -166,6 +166,7 @@ const char * SCErrorToString(SCError err) CASE_CODE (SC_ERR_NFLOG_HANDLE_PKT); CASE_CODE (SC_ERR_NFLOG_GROUP); CASE_CODE (SC_ERR_NFLOG_FD); + CASE_CODE (SC_WARN_NFLOG_SETSOCKOPT); CASE_CODE (SC_WARN_NFLOG_RECV); CASE_CODE (SC_WARN_NFLOG_LOSING_EVENTS); CASE_CODE (SC_WARN_NFLOG_MAXBUFSIZ_REACHED); diff --git a/src/util-error.h b/src/util-error.h index 19e79ed438..1e8eba3920 100644 --- a/src/util-error.h +++ b/src/util-error.h @@ -285,6 +285,7 @@ typedef enum { SC_WARN_NFLOG_RECV, SC_WARN_NFLOG_LOSING_EVENTS, SC_WARN_NFLOG_MAXBUFSIZ_REACHED, + SC_WARN_NFLOG_SETSOCKOPT, } SCError; const char *SCErrorToString(SCError);