From: Victor Julien Date: Wed, 7 May 2014 07:16:46 +0000 (+0200) Subject: flow: take flow pkt & byte count out of debug X-Git-Tag: suricata-2.1beta1~55 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=bd490736c2fc673e3c88ffe256aa43a89d941b48;p=thirdparty%2Fsuricata.git flow: take flow pkt & byte count out of debug Until now the flow packet and byte counters were only available in DEBUG mode. For logging purposes they are now available always. --- diff --git a/src/alert-debuglog.c b/src/alert-debuglog.c index 944aa7a76d..c50a6becdf 100644 --- a/src/alert-debuglog.c +++ b/src/alert-debuglog.c @@ -216,13 +216,11 @@ static TmEcode AlertDebugLogger(ThreadVars *tv, const Packet *p, void *thread_da FLOWLOCK_RDLOCK(p->flow); CreateTimeString(&p->flow->startts, timebuf, sizeof(timebuf)); MemBufferWriteString(aft->buffer, "FLOW Start TS: %s\n", timebuf); -#ifdef DEBUG MemBufferWriteString(aft->buffer, "FLOW PKTS TODST: %"PRIu32"\n" "FLOW PKTS TOSRC: %"PRIu32"\n" "FLOW Total Bytes: %"PRIu64"\n", p->flow->todstpktcnt, p->flow->tosrcpktcnt, p->flow->todstbytecnt + p->flow->tosrcbytecnt); -#endif MemBufferWriteString(aft->buffer, "FLOW IPONLY SET: TOSERVER: %s, TOCLIENT: %s\n" "FLOW ACTION: DROP: %s\n" diff --git a/src/flow-util.h b/src/flow-util.h index df1e588542..afa7cf8a9c 100644 --- a/src/flow-util.h +++ b/src/flow-util.h @@ -29,16 +29,12 @@ #define COPY_TIMESTAMP(src,dst) ((dst)->tv_sec = (src)->tv_sec, (dst)->tv_usec = (src)->tv_usec) -#ifdef DEBUG #define RESET_COUNTERS(f) do { \ (f)->todstpktcnt = 0; \ (f)->tosrcpktcnt = 0; \ (f)->todstbytecnt = 0; \ (f)->tosrcbytecnt = 0; \ } while (0) -#else -#define RESET_COUNTERS(f) -#endif #define FLOW_INITIALIZE(f) do { \ (f)->sp = 0; \ diff --git a/src/flow.c b/src/flow.c index 728e1225db..3ba14d7464 100644 --- a/src/flow.c +++ b/src/flow.c @@ -254,23 +254,17 @@ void FlowHandlePacket(ThreadVars *tv, Packet *p) if (FlowUpdateSeenFlag(p)) { f->flags |= FLOW_TO_DST_SEEN; } -#ifdef DEBUG f->todstpktcnt++; f->todstbytecnt += GET_PKT_LEN(p); -#endif p->flowflags |= FLOW_PKT_TOSERVER; } else { if (FlowUpdateSeenFlag(p)) { f->flags |= FLOW_TO_SRC_SEEN; } -#ifdef DEBUG f->tosrcpktcnt++; f->tosrcbytecnt += GET_PKT_LEN(p); -#endif p->flowflags |= FLOW_PKT_TOCLIENT; } -#ifdef DEBUG -#endif if ((f->flags & FLOW_TO_DST_SEEN) && (f->flags & FLOW_TO_SRC_SEEN)) { SCLogDebug("pkt %p FLOW_PKT_ESTABLISHED", p); diff --git a/src/flow.h b/src/flow.h index a51aa369f3..d1896d2019 100644 --- a/src/flow.h +++ b/src/flow.h @@ -377,12 +377,11 @@ typedef struct Flow_ struct Flow_ *lnext; /* list */ struct Flow_ *lprev; struct timeval startts; -#ifdef DEBUG + uint32_t todstpktcnt; uint32_t tosrcpktcnt; uint64_t todstbytecnt; uint64_t tosrcbytecnt; -#endif } Flow; enum { diff --git a/src/output-json-flow.c b/src/output-json-flow.c index 5ae39ae8cc..3579bb5e76 100644 --- a/src/output-json-flow.c +++ b/src/output-json-flow.c @@ -187,8 +187,6 @@ static void JsonFlowLogJSON(JsonFlowLogThread *aft, json_t *js, Flow *f) json_object_set_new(hjs, "app_proto", json_string(AppProtoToString(f->alproto))); - /* debug until we move this out of the debug wrapper in the flow code */ -#ifdef DEBUG json_object_set_new(hjs, "pkts_toserver", json_integer(f->todstpktcnt)); json_object_set_new(hjs, "pkts_toclient", @@ -198,8 +196,6 @@ static void JsonFlowLogJSON(JsonFlowLogThread *aft, json_t *js, Flow *f) json_object_set_new(hjs, "bytes_toclient", json_integer(f->tosrcbytecnt)); - -#endif char timebuf1[64], timebuf2[64]; CreateIsoTimeString(&f->startts, timebuf1, sizeof(timebuf1));