--- /dev/null
+/* Copyright (C) 2007-2013 Open Information Security Foundation
+ *
+ * You can copy, redistribute or modify this Program under the terms of
+ * the GNU General Public License version 2 as published by the Free
+ * Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * version 2 along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ */
+
+/**
+ * \file
+ *
+ * \author Victor Julien <victor@inliniac.net>
+ *
+ * Flow Logger Output registration functions
+ */
+
+#include "suricata-common.h"
+#include "tm-modules.h"
+#include "output-flow.h"
+#include "util-profiling.h"
+
+typedef struct OutputLoggerThreadStore_ {
+ void *thread_data;
+ struct OutputLoggerThreadStore_ *next;
+} OutputLoggerThreadStore;
+
+/** per thread data for this module, contains a list of per thread
+ * data for the packet loggers. */
+typedef struct OutputLoggerThreadData_ {
+ OutputLoggerThreadStore *store;
+} OutputLoggerThreadData;
+
+/* logger instance, a module + a output ctx,
+ * it's perfectly valid that have multiple instances of the same
+ * log module (e.g. http.log) with different output ctx'. */
+typedef struct OutputFlowLogger_ {
+ FlowLogger LogFunc;
+ OutputCtx *output_ctx;
+ struct OutputFlowLogger_ *next;
+ const char *name;
+ TmmId module_id;
+} OutputFlowLogger;
+
+static OutputFlowLogger *list = NULL;
+
+int OutputRegisterFlowLogger(const char *name, FlowLogger LogFunc, OutputCtx *output_ctx)
+{
+ int module_id = TmModuleGetIdByName(name);
+ if (module_id < 0)
+ return -1;
+
+ OutputFlowLogger *op = SCMalloc(sizeof(*op));
+ if (op == NULL)
+ return -1;
+ memset(op, 0x00, sizeof(*op));
+
+ op->LogFunc = LogFunc;
+ op->output_ctx = output_ctx;
+ op->name = name;
+ op->module_id = (TmmId) module_id;
+
+ if (list == NULL)
+ list = op;
+ else {
+ OutputFlowLogger *t = list;
+ while (t->next)
+ t = t->next;
+ t->next = op;
+ }
+
+ SCLogDebug("OutputRegisterFlowLogger happy");
+ return 0;
+}
+
+/** \brief Run flow logger(s)
+ * \note flow is already write locked
+ */
+TmEcode OutputFlowLog(ThreadVars *tv, void *thread_data, Flow *f) {
+ BUG_ON(thread_data == NULL);
+ BUG_ON(list == NULL);
+
+ OutputLoggerThreadData *op_thread_data = (OutputLoggerThreadData *)thread_data;
+ OutputFlowLogger *logger = list;
+ OutputLoggerThreadStore *store = op_thread_data->store;
+
+ BUG_ON(logger == NULL && store != NULL);
+ BUG_ON(logger != NULL && store == NULL);
+ BUG_ON(logger == NULL && store == NULL);
+
+ logger = list;
+ store = op_thread_data->store;
+ while (logger && store) {
+ BUG_ON(logger->LogFunc == NULL);
+
+ SCLogDebug("logger %p", logger);
+ //PACKET_PROFILING_TMM_START(p, logger->module_id);
+ logger->LogFunc(tv, store->thread_data, f);
+ //PACKET_PROFILING_TMM_END(p, logger->module_id);
+
+ logger = logger->next;
+ store = store->next;
+
+ BUG_ON(logger == NULL && store != NULL);
+ BUG_ON(logger != NULL && store == NULL);
+ }
+
+ return TM_ECODE_OK;
+}
+
+/** \brief thread init for the flow logger
+ * This will run the thread init functions for the individual registered
+ * loggers */
+TmEcode OutputFlowLogThreadInit(ThreadVars *tv, void *initdata, void **data) {
+ OutputLoggerThreadData *td = SCMalloc(sizeof(*td));
+ if (td == NULL)
+ return TM_ECODE_FAILED;
+ memset(td, 0x00, sizeof(*td));
+
+ *data = (void *)td;
+
+ SCLogDebug("OutputFlowLogThreadInit happy (*data %p)", *data);
+
+ OutputFlowLogger *logger = list;
+ while (logger) {
+ TmModule *tm_module = TmModuleGetByName((char *)logger->name);
+ if (tm_module == NULL) {
+ SCLogError(SC_ERR_INVALID_ARGUMENT,
+ "TmModuleGetByName for %s failed", logger->name);
+ exit(EXIT_FAILURE);
+ }
+
+ if (tm_module->ThreadInit) {
+ void *retptr = NULL;
+ if (tm_module->ThreadInit(tv, (void *)logger->output_ctx, &retptr) == TM_ECODE_OK) {
+ OutputLoggerThreadStore *ts = SCMalloc(sizeof(*ts));
+/* todo */ BUG_ON(ts == NULL);
+ memset(ts, 0x00, sizeof(*ts));
+
+ /* store thread handle */
+ ts->thread_data = retptr;
+
+ if (td->store == NULL) {
+ td->store = ts;
+ } else {
+ OutputLoggerThreadStore *tmp = td->store;
+ while (tmp->next != NULL)
+ tmp = tmp->next;
+ tmp->next = ts;
+ }
+
+ SCLogDebug("%s is now set up", logger->name);
+ }
+ }
+
+ logger = logger->next;
+ }
+
+ return TM_ECODE_OK;
+}
+
+TmEcode OutputFlowLogThreadDeinit(ThreadVars *tv, void *thread_data) {
+ OutputLoggerThreadData *op_thread_data = (OutputLoggerThreadData *)thread_data;
+ OutputLoggerThreadStore *store = op_thread_data->store;
+ OutputFlowLogger *logger = list;
+
+ while (logger && store) {
+ TmModule *tm_module = TmModuleGetByName((char *)logger->name);
+ if (tm_module == NULL) {
+ SCLogError(SC_ERR_INVALID_ARGUMENT,
+ "TmModuleGetByName for %s failed", logger->name);
+ exit(EXIT_FAILURE);
+ }
+
+ if (tm_module->ThreadDeinit) {
+ tm_module->ThreadDeinit(tv, store->thread_data);
+ }
+
+ OutputLoggerThreadStore *next_store = store->next;
+ SCFree(store);
+ store = next_store;
+ logger = logger->next;
+ }
+
+ SCFree(op_thread_data);
+ return TM_ECODE_OK;
+}
+
+void OutputFlowLogExitPrintStats(ThreadVars *tv, void *thread_data) {
+ OutputLoggerThreadData *op_thread_data = (OutputLoggerThreadData *)thread_data;
+ OutputLoggerThreadStore *store = op_thread_data->store;
+ OutputFlowLogger *logger = list;
+
+ while (logger && store) {
+ TmModule *tm_module = TmModuleGetByName((char *)logger->name);
+ if (tm_module == NULL) {
+ SCLogError(SC_ERR_INVALID_ARGUMENT,
+ "TmModuleGetByName for %s failed", logger->name);
+ exit(EXIT_FAILURE);
+ }
+
+ if (tm_module->ThreadExitPrintStats) {
+ tm_module->ThreadExitPrintStats(tv, store->thread_data);
+ }
+
+ logger = logger->next;
+ store = store->next;
+ }
+}
+
+void OutputFlowShutdown(void)
+{
+ OutputFlowLogger *logger = list;
+ while (logger) {
+ OutputFlowLogger *next_logger = logger->next;
+ SCFree(logger);
+ logger = next_logger;
+ }
+ list = NULL;
+}
--- /dev/null
+/* Copyright (C) 2007-2013 Open Information Security Foundation
+ *
+ * You can copy, redistribute or modify this Program under the terms of
+ * the GNU General Public License version 2 as published by the Free
+ * Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * version 2 along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ */
+
+/**
+ * \file
+ *
+ * \author Victor Julien <victor@inliniac.net>
+ *
+ * Flow Logger Output registration functions
+ */
+
+#ifndef __OUTPUT_FLOW_H__
+#define __OUTPUT_FLOW_H__
+
+#include "decode.h"
+
+/** flow logger function pointer type */
+typedef int (*FlowLogger)(ThreadVars *, void *thread_data, Flow *f);
+
+/** packet logger condition function pointer type,
+ * must return true for packets that should be logged
+ */
+//typedef int (*TxLogCondition)(ThreadVars *, const Packet *);
+
+int OutputRegisterFlowLogger(const char *name, FlowLogger LogFunc, OutputCtx *);
+
+void OutputFlowShutdown(void);
+
+
+TmEcode OutputFlowLog(ThreadVars *tv, void *thread_data, Flow *f);
+TmEcode OutputFlowLogThreadInit(ThreadVars *tv, void *initdata, void **data);
+TmEcode OutputFlowLogThreadDeinit(ThreadVars *tv, void *thread_data);
+void OutputFlowLogExitPrintStats(ThreadVars *tv, void *thread_data);
+
+
+#endif /* __OUTPUT_FLOW_H__ */
projects / thirdparty / suricata.git / commitdiff
