PF_RING: force cluster type if vlan is disabled

If vlan is disabled the cluster_flow mode will still take VLAN tags
into account due to using pf_ring's 6-tuple mode.
So this forces to use pf_ring's 5-tuple mode.

Bug #1292

diff --git a/src/source-pfring.c b/src/source-pfring.c
index 45527fd99b30aab45492f231a6ac31cc0b40d459..753afe7f3b15dad16e000479a6d593861bc42395 100644 (file)
--- a/src/source-pfring.c
+++ b/src/source-pfring.c
@@ -521,6 +521,19 @@ TmEcode ReceivePfringThreadInit(ThreadVars *tv, void *initdata, void **data)
         ptv->vlan_disabled = 1;
     }
 
+    /* Since VLAN is disabled we force the cluster type to CLUSTER_FLOW_5_TUPLE */
+    if (ptv->vlan_disabled == 1 && ptv->ctype == CLUSTER_FLOW) {
+        SCLogInfo("VLAN disabled, setting cluster type to CLUSTER_FLOW_5_TUPLE");
+        rc = pfring_set_cluster(ptv->pd, ptv->cluster_id, CLUSTER_FLOW_5_TUPLE);
+
+        if (rc != 0) {
+            SCLogError(SC_ERR_PF_RING_SET_CLUSTER_FAILED, "pfring_set_cluster "
+                    "returned %d for cluster-id: %d", rc, ptv->cluster_id);
+            pfconf->DerefFunc(pfconf);
+            return TM_ECODE_FAILED;
+        }
+    }
+
     *data = (void *)ptv;
     pfconf->DerefFunc(pfconf);
 

diff --git a/src/source-pfring.h b/src/source-pfring.h
index 7439828fb5d327fb29f26b914f9b7ceb1d687754..e0878454e12d6caa3c9942beb0f0d484edc730b1 100644 (file)
--- a/src/source-pfring.h
+++ b/src/source-pfring.h
@@ -60,5 +60,5 @@ void PfringLoadConfig(void);
 /* We don't have to use an enum that sucks in our code */
 #define CLUSTER_FLOW 0
 #define CLUSTER_ROUND_ROBIN 1
-
+#define CLUSTER_FLOW_5_TUPLE 4
 #endif /* __SOURCE_PFRING_H__ */