From: Giuseppe Longo <giuseppelng@gmail.com>
Date: Thu, 23 Oct 2014 09:30:38 +0000 (+0200)
Subject: PF_RING: force cluster type if vlan is disabled
X-Git-Tag: suricata-2.1beta2~51
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2d43dae9346c7521e994f8270b62a5ee0fc6561c;p=thirdparty%2Fsuricata.git

PF_RING: force cluster type if vlan is disabled

If vlan is disabled the cluster_flow mode will still take VLAN tags
into account due to using pf_ring's 6-tuple mode.
So this forces to use pf_ring's 5-tuple mode.

Bug #1292
---

diff --git a/src/source-pfring.c b/src/source-pfring.c
index 45527fd99b..753afe7f3b 100644
--- a/src/source-pfring.c
+++ b/src/source-pfring.c
@@ -521,6 +521,19 @@ TmEcode ReceivePfringThreadInit(ThreadVars *tv, void *initdata, void **data)
         ptv->vlan_disabled = 1;
     }
 
+    /* Since VLAN is disabled we force the cluster type to CLUSTER_FLOW_5_TUPLE */
+    if (ptv->vlan_disabled == 1 && ptv->ctype == CLUSTER_FLOW) {
+        SCLogInfo("VLAN disabled, setting cluster type to CLUSTER_FLOW_5_TUPLE");
+        rc = pfring_set_cluster(ptv->pd, ptv->cluster_id, CLUSTER_FLOW_5_TUPLE);
+
+        if (rc != 0) {
+            SCLogError(SC_ERR_PF_RING_SET_CLUSTER_FAILED, "pfring_set_cluster "
+                    "returned %d for cluster-id: %d", rc, ptv->cluster_id);
+            pfconf->DerefFunc(pfconf);
+            return TM_ECODE_FAILED;
+        }
+    }
+
     *data = (void *)ptv;
     pfconf->DerefFunc(pfconf);
 
diff --git a/src/source-pfring.h b/src/source-pfring.h
index 7439828fb5..e0878454e1 100644
--- a/src/source-pfring.h
+++ b/src/source-pfring.h
@@ -60,5 +60,5 @@ void PfringLoadConfig(void);
 /* We don't have to use an enum that sucks in our code */
 #define CLUSTER_FLOW 0
 #define CLUSTER_ROUND_ROBIN 1
-
+#define CLUSTER_FLOW_5_TUPLE 4
 #endif /* __SOURCE_PFRING_H__ */