detect-less: add log only TX handling function

When running w/o detect, TX cleanup handling needs to ignore the
inspect_id as it's only updated by detect.

This patch introduces a new ActiveTx handler for logging only:
AppLayerTransactionGetActiveLogOnly

If --disable-detection is passed on the commandline, this function
is registered.

diff --git a/src/app-layer-parser.c b/src/app-layer-parser.c
index 4d297c80b35f59f60a0922b5cac48f4cba646c41..221a003920803d42709d2409465c78d111247c7f 100644 (file)
--- a/src/app-layer-parser.c
+++ b/src/app-layer-parser.c
@@ -613,9 +613,22 @@ uint64_t AppLayerTransactionGetActiveDetectLog(Flow *f, uint8_t flags) {
     }
 }
 
+/** \brief active TX retrieval for logging only: so NO detection
+ *
+ *  We simply return the log_id here.
+ *
+ *  \todo what if a logger is disabled?
+ **/
+uint64_t AppLayerTransactionGetActiveLogOnly(Flow *f, uint8_t flags) {
+    uint64_t log_id = f->alparser->log_id;
+    SCLogDebug("returning %"PRIu64, log_id);
+    return log_id;
+}
+
 void RegisterAppLayerGetActiveTxIdFunc(GetActiveTxIdFunc FuncPtr) {
-    BUG_ON(AppLayerGetActiveTxIdFuncPtr != NULL);
+    //BUG_ON(AppLayerGetActiveTxIdFuncPtr != NULL);
     AppLayerGetActiveTxIdFuncPtr = FuncPtr;
+    SCLogDebug("AppLayerGetActiveTxIdFuncPtr is now %p", AppLayerGetActiveTxIdFuncPtr);
 }
 
 /**

diff --git a/src/app-layer-parser.h b/src/app-layer-parser.h
index cefd7287ad20bbca46aa3fda573a153eb4fd298d..0f3cc7e885fbe7d04d099a8680ac637d04b35015 100644 (file)
--- a/src/app-layer-parser.h
+++ b/src/app-layer-parser.h
@@ -54,6 +54,13 @@ void RegisterAppLayerGetActiveTxIdFunc(GetActiveTxIdFunc FuncPtr);
  */
 uint64_t AppLayerTransactionGetActiveDetectLog(Flow *f, uint8_t flags);
 
+/** \brief active TX retrieval for logging only ops
+ *
+ *  \retval tx_id lowest tx_id that still needs work
+ */
+uint64_t AppLayerTransactionGetActiveLogOnly(Flow *f, uint8_t flags);
+
+
 int AppLayerParserSetup(void);
 
 int AppLayerParserDeSetup(void);

diff --git a/src/suricata.c b/src/suricata.c
index 6125aa181fdc6efe74830b2d718990a23d2d378f..f09681738e88196e772c2f71181af831f0ce8bc9 100644 (file)
--- a/src/suricata.c
+++ b/src/suricata.c
@@ -119,6 +119,7 @@
 #include "unix-manager.h"
 
 #include "app-layer.h"
+#include "app-layer-parser.h"
 #include "app-layer-htp.h"
 
 #include "util-radix-tree.h"
@@ -2102,6 +2103,9 @@ int main(int argc, char **argv)
         if (ActionInitConfig() < 0) {
             exit(EXIT_FAILURE);
         }
+    } else {
+        /* tell the app layer to consider only the log id */
+        RegisterAppLayerGetActiveTxIdFunc(AppLayerTransactionGetActiveLogOnly);
     }
 
     if (MagicInit() != 0)