#include "suricata-common.h"#include "suricata.h"#include "conf.h"#include "conf-yaml-loader.h"#include "decode.h"#include "defrag.h"#include "flow.h"#include "stream-tcp.h"#include "ippair.h"#include "detect.h"#include "detect-parse.h"#include "detect-engine.h"#include "detect-engine-address.h"#include "detect-engine-alert.h"#include "detect-engine-port.h"#include "detect-engine-tag.h"#include "detect-engine-threshold.h"#include "detect-fast-pattern.h"#include "datasets.h"#include "feature.h"#include "flow-bypass.h"#include "flow-manager.h"#include "flow-timeout.h"#include "flow-worker.h"#include "flow-bit.h"#include "host-bit.h"#include "ippair-bit.h"#include "app-layer.h"#include "app-layer-parser.h"#include "app-layer-htp.h"#include "app-layer-htp-range.h"#include "output.h"#include "output-filestore.h"#include "respond-reject.h"#include "runmode-af-packet.h"#include "runmode-af-xdp.h"#include "runmode-netmap.h"#include "runmode-unittests.h"#include "source-nfq.h"#include "source-nfq-prototypes.h"#include "source-nflog.h"#include "source-ipfw.h"#include "source-lib.h"#include "source-pcap.h"#include "source-pcap-file.h"#include "source-pcap-file-helper.h"#include "source-erf-file.h"#include "source-erf-dag.h"#include "source-af-packet.h"#include "source-af-xdp.h"#include "source-netmap.h"#include "source-dpdk.h"#include "source-windivert.h"#include "source-windivert-prototypes.h"#include "unix-manager.h"#include "util-classification-config.h"#include "util-threshold-config.h"#include "util-reference-config.h"#include "tmqh-packetpool.h"#include "tm-queuehandlers.h"#include "util-affinity.h"#include "util-byte.h"#include "util-conf.h"#include "util-coredump-config.h"#include "util-cpu.h"#include "util-daemon.h"#include "util-device-private.h"#include "util-dpdk.h"#include "util-ebpf.h"#include "util-exception-policy.h"#include "util-host-os-info.h"#include "util-hugepages.h"#include "util-ioctl.h"#include "util-landlock.h"#include "util-macset.h"#include "util-flow-rate.h"#include "util-misc.h"#include "util-mpm-hs.h"#include "util-path.h"#include "util-pidfile.h"#include "util-plugin.h"#include "util-privs.h"#include "util-profiling.h"#include "util-proto-name.h"#include "util-running-modes.h"#include "util-signal.h"#include "util-time.h"#include "util-validate.h"#include "util-var-name.h"#include "build-info.h"Go to the source code of this file.
Macros | |
| #define | DEFAULT_MAX_PENDING_PACKETS 1024 |
Functions | |
| SC_ATOMIC_DECLARE (unsigned int, engine_stage) | |
| int | SuriHasSigFile (void) |
| int | EngineModeIsUnknown (void) |
| bool | EngineModeIsFirewall (void) |
| int | EngineModeIsIPS (void) |
| int | EngineModeIsIDS (void) |
| void | EngineModeSetFirewall (void) |
| void | EngineModeSetIPS (void) |
| void | EngineModeSetIDS (void) |
| int | RunmodeIsUnittests (void) |
| SCRunMode | SCRunmodeGet (void) |
| Get the current run mode. | |
| void | SCRunmodeSet (SCRunMode run_mode) |
| Set the current run mode. | |
| void | SCEnableDefaultSignalHandlers (void) |
| Enable default signal handlers. | |
| void | GlobalsInitPreConfig (void) |
| void | GlobalsDestroy (void) |
| void | EngineStop (void) |
| make sure threads can stop the engine by calling this function. Purpose: pcap file mode needs to be able to tell the engine the file eof is reached. | |
| void | EngineDone (void) |
| Used to indicate that the current task is done. | |
| void | RegisterAllModules (void) |
| TmEcode | SCLoadYamlConfig (void) |
| const char * | GetDocURL (void) |
| const char * | GetProgramVersion (void) |
| get string with program version | |
| TmEcode | SCParseCommandLine (int argc, char **argv) |
| void | PreRunInit (const int runmode) |
| void | PreRunPostPrivsDropInit (const int runmode) |
| void | PostRunDeinit (const int runmode, struct timeval *start_time) |
| clean up / shutdown code for packet modes | |
| int | SCStartInternalRunMode (int argc, char **argv) |
| int | SCFinalizeRunMode (void) |
| void | PostConfLoadedDetectSetup (SCInstance *suri) |
| int | PostConfLoadedSetup (SCInstance *suri) |
| void | SuricataMainLoop (void) |
| int | InitGlobal (void) |
| Global initialization common to all runmodes. | |
| void | SuricataPreInit (const char *progname) |
| void | SuricataInit (void) |
| void | SuricataShutdown (void) |
| void | SuricataPostInit (void) |
Variables | |
| volatile sig_atomic_t | sigint_count = 0 |
| volatile sig_atomic_t | sighup_count = 0 |
| volatile sig_atomic_t | sigterm_count = 0 |
| volatile sig_atomic_t | sigusr2_count = 0 |
| volatile uint8_t | suricata_ctl_flags = 0 |
| uint8_t | host_mode = SURI_HOST_IS_SNIFFER_ONLY |
| uint32_t | max_pending_packets |
| int | g_detect_disabled = 0 |
| bool | sc_set_caps = false |
| bool | g_system = false |
| int | g_disable_randomness = 0 |
| uint16_t | g_vlan_mask = 0xffff |
| uint16_t | g_livedev_mask = 0xffff |
| uint8_t | g_recurlvl_mask = 0xff |
| bool | g_disable_hashing = false |
| SystemHugepageSnapshot * | prerun_snap = NULL |
| bool | g_stats_eps_per_app_proto_errors = false |
| SCInstance | suricata |
| int | coverage_unittests |
| int | g_ut_modules |
| int | g_ut_covered |
| int | g_skip_prefilter |
Detailed Description
Definition in file suricata.c.
Macro Definition Documentation
◆ DEFAULT_MAX_PENDING_PACKETS
| #define DEFAULT_MAX_PENDING_PACKETS 1024 |
Definition at line 169 of file suricata.c.
Function Documentation
◆ EngineDone()
| void EngineDone | ( | void | ) |
Used to indicate that the current task is done.
This is mainly used by pcap-file to tell it has finished to treat a pcap files when running in unix-socket mode.
Definition at line 481 of file suricata.c.
References suricata_ctl_flags, and SURICATA_DONE.
◆ EngineModeIsFirewall()
| bool EngineModeIsFirewall | ( | void | ) |
Definition at line 235 of file suricata.c.
References DEBUG_VALIDATE_BUG_ON, ENGINE_MODE_FIREWALL, and ENGINE_MODE_UNKNOWN.
Referenced by SigGroupBuild().
◆ EngineModeIsIDS()
| int EngineModeIsIDS | ( | void | ) |
Definition at line 248 of file suricata.c.
References DEBUG_VALIDATE_BUG_ON, ENGINE_MODE_IDS, and ENGINE_MODE_UNKNOWN.
◆ EngineModeIsIPS()
| int EngineModeIsIPS | ( | void | ) |
Definition at line 242 of file suricata.c.
References DEBUG_VALIDATE_BUG_ON, ENGINE_MODE_IPS, and ENGINE_MODE_UNKNOWN.
Referenced by AlertFastLogger(), AlertJsonHeader(), CaptureStatsSetup(), CaptureStatsUpdate(), DetectEngineMultiTenantSetup(), EveAddVerdict(), ExceptionPolicyApply(), ExceptionPolicyMidstreamParse(), FlowHandlePacketUpdate(), and StreamTcpInitConfig().
◆ EngineModeIsUnknown()
| int EngineModeIsUnknown | ( | void | ) |
Definition at line 230 of file suricata.c.
References ENGINE_MODE_UNKNOWN.
Referenced by PostConfLoadedSetup().
◆ EngineModeSetFirewall()
| void EngineModeSetFirewall | ( | void | ) |
Definition at line 254 of file suricata.c.
References ENGINE_MODE_FIREWALL.
Referenced by PostConfLoadedSetup().
◆ EngineModeSetIDS()
| void EngineModeSetIDS | ( | void | ) |
Definition at line 264 of file suricata.c.
References ENGINE_MODE_IDS.
Referenced by ListAppLayerHooks(), ListAppLayerProtocols(), ListKeywords(), LLVMFuzzerTestOneInput(), PostConfLoadedSetup(), and RunUnittests().
◆ EngineModeSetIPS()
| void EngineModeSetIPS | ( | void | ) |
Definition at line 259 of file suricata.c.
References ENGINE_MODE_IPS.
Referenced by SCParseCommandLine().
◆ EngineStop()
| void EngineStop | ( | void | ) |
make sure threads can stop the engine by calling this function. Purpose: pcap file mode needs to be able to tell the engine the file eof is reached.
Definition at line 470 of file suricata.c.
References suricata_ctl_flags, and SURICATA_STOP.
Referenced by ReceiveErfFileLoop().
◆ GetDocURL()
| const char * GetDocURL | ( | void | ) |
Definition at line 1165 of file suricata.c.
References DOC_URL, GetProgramVersion(), and PROG_VER.
Referenced by SigTableList().
◆ GetProgramVersion()
| const char * GetProgramVersion | ( | void | ) |
get string with program version
Get the program version as passed to us from AC_INIT
Add 'RELEASE' is no '-dev' in the version. Add the REVISION if passed to us.
Possible outputs: release: '5.0.1 RELEASE' dev with rev: '5.0.1-dev (64a789bbf 2019-10-18)' dev w/o rev: '5.0.1-dev'
Definition at line 1186 of file suricata.c.
References PROG_VER, REVISION, and xstr.
Referenced by GetDocURL().
◆ GlobalsDestroy()
| void GlobalsDestroy | ( | void | ) |
Definition at line 390 of file suricata.c.
References AFPPeersListClean(), AppLayerDeSetup(), AppLayerHtpPrintStats(), DatalinkTableDeinit(), DatasetsDestroy(), DatasetsSave(), de_ctx, DetectEngineClearMaster(), DetectEngineDeReference(), DetectEngineGetCurrent(), DetectEngineMoveToFreeList(), DetectParseFreeRegexes(), DPDKCleanupEAL(), FeatureTrackingRelease(), HostShutdown(), HTPAtExitPrintStats(), HTPFreeConfig(), LiveDeviceListClean(), MpmHSGlobalCleanup(), NFQContextsClean(), OutputDeregisterAll(), OutputTxShutdown(), ParseSizeDeinit(), SCInstance_::pid_filename, SCConfDeInit(), SCFree, SCLogDeInitLogModule(), SCPidfileRemove(), SCProtoNameRelease(), SigTableCleanup(), suricata, TagDestroyCtx(), ThresholdDestroy(), TimeDeinit(), TmModuleRunDeInit(), TmqhCleanup(), and VarNameStoreDestroy().
Referenced by main(), and SuricataInit().
◆ GlobalsInitPreConfig()
| void GlobalsInitPreConfig | ( | void | ) |
Definition at line 382 of file suricata.c.
References SCProtoNameInit(), SCThresholdConfGlobalInit(), SupportFastPatternForSigMatchTypes(), and TimeInit().
Referenced by LLVMFuzzerTestOneInput(), RunUnittests(), and SuricataInit().
◆ InitGlobal()
| int InitGlobal | ( | void | ) |
Global initialization common to all runmodes.
This can be used by fuzz targets.
Definition at line 2965 of file suricata.c.
References DatalinkTableInit(), ParseSizeInit(), RunModeRegisterRunModes(), SC_ATOMIC_INIT, SCConfInit(), SCLogError, SCLogInitLogModule(), SCSetThreadName, suricata_context, tmm_modules, TMM_SIZE, UtilSignalBlock(), UtilSignalHandlerSetup(), and VarNameStoreInit().
Referenced by LLVMFuzzerTestOneInput(), and SuricataPreInit().
◆ PostConfLoadedDetectSetup()
| void PostConfLoadedDetectSetup | ( | SCInstance * | suri | ) |
Definition at line 2625 of file suricata.c.
References de_ctx, SCInstance_::delayed_detect, DETECT_ENGINE_TYPE_NORMAL, DetectEngineAddToMaster(), DetectEngineBumpVersion(), DetectEngineCtxInit(), DetectEngineCtxInitStubForDD(), DetectEngineCtxInitStubForMT(), DetectEngineMultiTenantSetup(), SCInstance_::disabled_detect, FatalError, DetectEngineCtx_::last_reload, SCInstance_::run_mode, RUNMODE_CONF_TEST, SCConfGetBool(), TM_ECODE_OK, DetectEngineCtx_::type, and SCInstance_::unix_socket_enabled.
Referenced by LLVMFuzzerTestOneInput(), and SuricataInit().
◆ PostConfLoadedSetup()
| int PostConfLoadedSetup | ( | SCInstance * | suri | ) |
This function is meant to contain code that needs to be run once the configuration has been loaded.
Definition at line 2716 of file suricata.c.
References AppLayerHtpNeedFileInspection(), AppLayerSetup(), SCInstance_::capture_plugin_args, SCInstance_::capture_plugin_name, SCInstance_::checksum_validation, SCInstance_::conf_filename, ConfigCheckLogDirectoryExists(), CoredumpLoadConfig(), DecodeGlobalConfig(), DetectAddressTestConfVars(), DetectPortTestConfVars(), SCInstance_::disabled_detect, EngineModeIsUnknown(), EngineModeSetFirewall(), EngineModeSetIDS(), FatalError, FeatureTrackingRegister(), FlowRateRegisterFlowStorage(), g_stats_eps_per_app_proto_errors, HOST_VERBOSE, HostBitInitCtx(), HostInitConfig(), SCInstance_::install_signal_handlers, IPPairBitInitCtx(), SCInstance_::is_firewall, LiveDeviceFinalize(), LiveDevRegisterExtension(), LiveSetOffloadDisable(), LiveSetOffloadWarn(), SCInstance_::log_dir, MacSetRegisterFlowStorage(), MpmTableSetup(), NFQInitConfig(), PacketAlertTagInit(), PreRunInit(), RegisterAllModules(), RegisterFlowBypassInfo(), SCInstance_::run_mode, RUNMODE_AFP_DEV, SCInstance_::runmode_custom_mode, RUNMODE_ENGINE_ANALYSIS, RUNMODE_NFQ, RunModeEngineIsIPS(), SCConfGet(), SCConfGetBool(), SCConfGetNode(), SCConfigGetLogDirectory(), SCConfNodeChildValueIsTrue(), SCConfSet(), SCConfSetFinal(), SCHInfoLoadFromConfig(), SCLogConfig, SCLogError, SCLogInfo, SCLogWarning, SCPluginsLoad(), SCReturnInt, SetMasterExceptionPolicy(), SigTableApplyStrictCommandLineOption(), SigTableInit(), SigTableSetup(), SpmTableSetup(), StorageFinalize(), StorageInit(), SCInstance_::strict_rule_parsing_string, StringParseUint16(), suricata, TagInitCtx(), ThresholdInit(), TM_ECODE_FAILED, TM_ECODE_OK, TmModuleRunInit(), and TmqhSetup().
Referenced by LLVMFuzzerTestOneInput(), and SuricataInit().
◆ PostRunDeinit()
| void PostRunDeinit | ( | const int | runmode, |
| struct timeval * | start_time | ||
| ) |
clean up / shutdown code for packet modes
Shuts down packet modes, so regular packet runmodes and the per pcap mode in the unix socket.
Definition at line 2331 of file suricata.c.
References DecodeUnregisterCounters(), DefragDestroy(), FlowDisableFlowManagerThread(), FlowDisableFlowRecyclerThread(), FlowShutdown(), FlowWorkToDoCleanup(), HostCleanup(), HttpRangeContainersDestroy(), IPPairShutdown(), PacketPoolDestroy(), PacketPoolInit(), profiling_packets_enabled, RUNMODE_UNIX_SOCKET, RunModeShutDown(), SCProfilingDestroy(), SCProfilingDump(), StatsReleaseResources(), STREAM_VERBOSE, StreamTcpFreeConfig(), THV_FLOW_LOOP, THV_KILL, THV_REQ_FLOW_LOOP, THV_RUNNING_DONE, TM_FLAG_FLOWWORKER_TM, TM_FLAG_PACKET_ALL, TM_FLAG_RECEIVE_TM, TmqResetQueues(), TmThreadClearThreadsFamily(), TmThreadDisablePacketThreads(), TmThreadDisableReceiveThreads(), TmThreadKillThreadsFamily(), TmThreadsUnsealThreads(), TopologyDestroy(), TVT_MGMT, and TVT_PPT.
Referenced by SuricataShutdown().
◆ PreRunInit()
| void PreRunInit | ( | const int | runmode | ) |
Definition at line 2286 of file suricata.c.
References AppLayerParserPostStreamSetup(), AppLayerRegisterGlobalCounters(), DefragInit(), FLOW_QUIET, FlowInitConfig(), HttpRangeContainersInit(), IPPairInitConfig(), OutputFilestoreRegisterGlobalCounters(), RUNMODE_UNIX_SOCKET, SCProfilingInit(), SCProfilingKeywordsGlobalInit(), SCProfilingPrefilterGlobalInit(), SCProfilingSghsGlobalInit(), StatsInit(), STREAM_VERBOSE, and StreamTcpInitConfig().
Referenced by PostConfLoadedSetup().
◆ PreRunPostPrivsDropInit()
| void PreRunPostPrivsDropInit | ( | const int | runmode | ) |
Definition at line 2315 of file suricata.c.
References DatasetsInit(), RUNMODE_UNIX_SOCKET, RunModeInitializeOutputs(), StatsSetupPostConfigPostOutput(), and StatsSetupPostConfigPreOutput().
Referenced by LLVMFuzzerTestOneInput(), and SuricataInit().
◆ RegisterAllModules()
| void RegisterAllModules | ( | void | ) |
Definition at line 947 of file suricata.c.
References TmModuleBypassedFlowManagerRegister(), TmModuleDebugList(), TmModuleDecodeAFPRegister(), TmModuleDecodeAFXDPRegister(), TmModuleDecodeDPDKRegister(), TmModuleDecodeErfDagRegister(), TmModuleDecodeErfFileRegister(), TmModuleDecodeIPFWRegister(), TmModuleDecodeLibRegister(), TmModuleDecodeNetmapRegister(), TmModuleDecodeNFLOGRegister(), TmModuleDecodeNFQRegister(), TmModuleDecodePcapFileRegister(), TmModuleDecodePcapRegister(), TmModuleDecodeWinDivertRegister(), TmModuleFlowManagerRegister(), TmModuleFlowRecyclerRegister(), TmModuleFlowWorkerRegister(), TmModuleLoggerRegister(), TmModuleReceiveAFPRegister(), TmModuleReceiveAFXDPRegister(), TmModuleReceiveDPDKRegister(), TmModuleReceiveErfDagRegister(), TmModuleReceiveErfFileRegister(), TmModuleReceiveIPFWRegister(), TmModuleReceiveNetmapRegister(), TmModuleReceiveNFLOGRegister(), TmModuleReceiveNFQRegister(), TmModuleReceivePcapFileRegister(), TmModuleReceivePcapRegister(), TmModuleReceiveWinDivertRegister(), TmModuleRespondRejectRegister(), TmModuleStatsLoggerRegister(), TmModuleUnixManagerRegister(), TmModuleVerdictIPFWRegister(), TmModuleVerdictNFQRegister(), and TmModuleVerdictWinDivertRegister().
Referenced by PostConfLoadedSetup(), and RunUnittests().
◆ RunmodeIsUnittests()
| int RunmodeIsUnittests | ( | void | ) |
Definition at line 270 of file suricata.c.
References SCInstance_::run_mode, RUNMODE_UNITTEST, and suricata.
Referenced by AppLayerRegisterProtocolDetection(), DetectEngineThreadCtxInit(), RegisterDNP3Parsers(), RegisterSSHParsers(), RegisterSSLParsers(), RegisterTFTPParsers(), SCAppLayerParserConfParserEnabled(), SCAppLayerProtoDetectConfProtoDetectionEnabledDefault(), SCClassConfLoadClassificationConfigFile(), SCRConfLoadReferenceConfigFile(), StreamTcpDecrMemuse(), StreamTcpInitConfig(), StreamTcpThreadCacheReturnSegment(), StreamTcpThreadCacheReturnSession(), and TimeGet().
◆ SC_ATOMIC_DECLARE()
| SC_ATOMIC_DECLARE | ( | unsigned int | , |
| engine_stage | |||
| ) |
◆ SCEnableDefaultSignalHandlers()
| void SCEnableDefaultSignalHandlers | ( | void | ) |
Enable default signal handlers.
Definition at line 289 of file suricata.c.
References SCInstance_::install_signal_handlers, and suricata.
Referenced by main().
◆ SCFinalizeRunMode()
| int SCFinalizeRunMode | ( | void | ) |
Definition at line 2451 of file suricata.c.
References CheckValidDaemonModes(), SCInstance_::daemon, SCInstance_::progname, SCInstance_::run_mode, RUNMODE_UNKNOWN, suricata, TM_ECODE_FAILED, and TM_ECODE_OK.
Referenced by main().
◆ SCLoadYamlConfig()
| TmEcode SCLoadYamlConfig | ( | void | ) |
Definition at line 1012 of file suricata.c.
References SCInstance_::additional_configs, SCInstance_::conf_filename, DEFAULT_CONF_FILE, SCConfGetRootNode(), SCConfYamlHandleInclude(), SCConfYamlLoadFile(), SCEnter, SCLogConfig, SCReturnInt, suricata, TM_ECODE_FAILED, and TM_ECODE_OK.
Referenced by main().
◆ SCParseCommandLine()
| TmEcode SCParseCommandLine | ( | int | argc, |
| char ** | argv | ||
| ) |
Definition at line 1369 of file suricata.c.
References SCInstance_::additional_configs, SCInstance_::aux_run_mode, BUG_ON, SCInstance_::capture_plugin_args, SCInstance_::capture_plugin_name, SCInstance_::checksum_validation, SCInstance_::conf_filename, ConfigCheckDataDirectory(), ConfigCheckLogDirectoryExists(), ConfigSetDataDirectory(), ConfigSetLogDirectory(), coverage_unittests, SCInstance_::daemon, SCInstance_::disabled_detect, SCInstance_::do_setgid, SCInstance_::do_setuid, engine_analysis, EngineModeSetIPS(), ExceptionSimulationCommandLineParser(), FatalError, SCInstance_::firewall_rule_file, SCInstance_::firewall_rule_file_exclusive, g_detect_disabled, g_disable_hashing, g_disable_randomness, g_skip_prefilter, g_system, g_ut_covered, g_ut_modules, GetIfaceMTU(), SCInstance_::group_name, IPFWRegisterQueue(), SCInstance_::is_firewall, IsRunModeOffline(), IsRunModeSystem(), SCInstance_::keyword_info, LiveBuildDeviceListCustom(), LiveRegisterDeviceName(), name, NFQParseAndRegisterQueues(), SCInstance_::offline, SCInstance_::pcap_dev, SCInstance_::pid_filename, SCInstance_::regex_arg, SCInstance_::run_mode, RUNMODE_CONF_TEST, SCInstance_::runmode_custom_mode, RUNMODE_DAG, RUNMODE_DUMP_CONFIG, RUNMODE_DUMP_FEATURES, RUNMODE_ENGINE_ANALYSIS, RUNMODE_ERF_FILE, RUNMODE_IPFW, RUNMODE_LIST_APP_LAYER_HOOKS, RUNMODE_LIST_APP_LAYERS, RUNMODE_LIST_KEYWORDS, RUNMODE_LIST_RUNMODES, RUNMODE_LIST_UNITTEST, RUNMODE_NETMAP, RUNMODE_NFLOG, RUNMODE_NFQ, RUNMODE_PCAP_FILE, RUNMODE_PLUGIN, RUNMODE_PRINT_BUILDINFO, RUNMODE_PRINT_USAGE, RUNMODE_PRINT_VERSION, RUNMODE_UNITTEST, RUNMODE_UNIX_SOCKET, RUNMODE_UNKNOWN, RUNMODE_WINDIVERT, SCCalloc, SCConfSetFinal(), SCConfSetFromString(), SCLogError, SCLogInfo, SCLogWarning, SCRealloc, SCStatFn, SCStrdup, SCInstance_::set_datadir, SCInstance_::set_logdir, SCInstance_::sig_file, SCInstance_::sig_file_exclusive, SCInstance_::strict_rule_parsing_string, strlcpy(), suricata, SCInstance_::system, TM_ECODE_FAILED, TM_ECODE_OK, unittests_fatal, SCInstance_::user_name, and SCInstance_::verbose.
Referenced by main().
◆ SCRunmodeGet()
| SCRunMode SCRunmodeGet | ( | void | ) |
Get the current run mode.
Definition at line 279 of file suricata.c.
References SCInstance_::run_mode, and suricata.
Referenced by ConfUnixSocketIsEnable(), DPDKCleanupEAL(), DPDKCloseDevice(), DPDKFreeDevice(), LLVMFuzzerTestOneInput(), OutputJsonInitCtx(), RunModeGetMainMode(), SCConfLogOpenGeneric(), SCThresholdConfInitContext(), SCThresholdConfParseFile(), and SigLoadSignatures().
◆ SCRunmodeSet()
| void SCRunmodeSet | ( | SCRunMode | run_mode | ) |
Set the current run mode.
Mainly exposed outside of suricata.c as a unit-test helper.
Definition at line 284 of file suricata.c.
References SCInstance_::run_mode, and suricata.
Referenced by LLVMFuzzerTestOneInput(), and main().
◆ SCStartInternalRunMode()
| int SCStartInternalRunMode | ( | int | argc, |
| char ** | argv | ||
| ) |
Definition at line 2389 of file suricata.c.
References SCInstance_::conf_filename, DEFAULT_CONF_FILE, SCInstance_::keyword_info, ListAppLayerHooks(), ListAppLayerProtocols(), ListKeywords(), SCInstance_::regex_arg, SCInstance_::run_mode, RUNMODE_LIST_APP_LAYER_HOOKS, RUNMODE_LIST_APP_LAYERS, RUNMODE_LIST_KEYWORDS, RUNMODE_LIST_RUNMODES, RUNMODE_LIST_UNITTEST, RUNMODE_PRINT_BUILDINFO, RUNMODE_PRINT_USAGE, RUNMODE_PRINT_VERSION, RUNMODE_UNITTEST, RunModeListRunmodes(), RunUnittests(), SCLogInfo, suricata, TM_ECODE_DONE, TM_ECODE_FAILED, and TM_ECODE_OK.
Referenced by main().
◆ SuricataInit()
| void SuricataInit | ( | void | ) |
Definition at line 3012 of file suricata.c.
References SCInstance_::aux_run_mode, SCInstance_::capture_plugin_args, SCInstance_::capture_plugin_name, ConfUnixSocketIsEnable(), CoredumpEnable(), SCInstance_::daemon, SCInstance_::disabled_detect, FeatureDump(), g_livedev_mask, g_recurlvl_mask, g_vlan_mask, GlobalsDestroy(), GlobalsInitPreConfig(), SCInstance_::groupid, LandlockSandboxing(), SCInstance_::pcap_dev, PostConfLoadedDetectSetup(), PostConfLoadedSetup(), prerun_snap, PreRunPostPrivsDropInit(), SCInstance_::run_mode, RUNMODE_CONF_TEST, SCInstance_::runmode_custom_mode, RUNMODE_DPDK, RUNMODE_DUMP_CONFIG, RUNMODE_DUMP_FEATURES, RUNMODE_ENGINE_ANALYSIS, RUNMODE_UNIX_SOCKET, RunModeDispatch(), RunModeInitializeThreadSettings(), SCConfDump(), SCConfGetBool(), SCDropMainThreadCaps, SCLogDebug, SCLogInfo, SCLogLoadConfig(), SCLogNotice, SCOnLoggingReady(), suricata, SystemHugepageSnapshotCreate(), TM_ECODE_OK, SCInstance_::unix_socket_enabled, UnixManagerThreadSpawnNonRunmode(), SCInstance_::userid, UtilCpuPrintSummary(), and SCInstance_::verbose.
Referenced by main().
◆ SuricataMainLoop()
| void SuricataMainLoop | ( | void | ) |
Definition at line 2922 of file suricata.c.
References DetectEngineReload(), DetectEngineReloadIsStart(), DetectEngineReloadSetIdle(), DetectEngineReloadStart(), OutputNotifyFileRotation(), SCLogNotice, sighup_count, sigint_count, sigterm_count, sigusr2_count, suricata, suricata_ctl_flags, SURICATA_STOP, and TmThreadCheckThreadState().
Referenced by main().
◆ SuricataPostInit()
| void SuricataPostInit | ( | void | ) |
Definition at line 3111 of file suricata.c.
References FatalError, geteuid, PacketPoolPostRunmodes(), prerun_snap, SCInstance_::run_mode, RUNMODE_DPDK, SC_ATOMIC_SET, SCConfGetBool(), SCLogWarning, SCPledge, suricata, SURICATA_RUNTIME, SystemHugepageEvaluateHugepages(), SystemHugepageSnapshotCreate(), SystemHugepageSnapshotDestroy(), TM_ECODE_FAILED, TM_ECODE_OK, TmThreadContinueThreads(), TmThreadWaitOnThreadInit(), and TmThreadWaitOnThreadRunning().
Referenced by main().
◆ SuricataPreInit()
| void SuricataPreInit | ( | const char * | progname | ) |
Definition at line 3003 of file suricata.c.
References InitGlobal(), and suricata.
Referenced by main().
◆ SuricataShutdown()
| void SuricataShutdown | ( | void | ) |
Definition at line 3100 of file suricata.c.
References PostRunDeinit(), SCInstance_::run_mode, SC_ATOMIC_SET, SCInstance_::start_time, suricata, SURICATA_DEINIT, TmThreadKillThreads(), and UnixSocketKillSocketThread().
Referenced by main().
◆ SuriHasSigFile()
| int SuriHasSigFile | ( | void | ) |
Definition at line 225 of file suricata.c.
References SCInstance_::sig_file, and suricata.
Variable Documentation
◆ coverage_unittests
| int coverage_unittests |
Definition at line 943 of file suricata.c.
Referenced by MpmRegisterTests(), SCParseCommandLine(), SigTableRegisterTests(), and TmModuleRegisterTests().
◆ g_detect_disabled
| int g_detect_disabled = 0 |
global indicating if detection is enabled
Definition at line 186 of file suricata.c.
Referenced by AppLayerParserTransactionsCleanup(), SCParseCommandLine(), and StreamTcpPacket().
◆ g_disable_hashing
| bool g_disable_hashing = false |
Definition at line 214 of file suricata.c.
Referenced by EveEmailLogJson(), FileForceHashParseCfg(), RegisterSSLParsers(), SCParseCommandLine(), SSLEnableJA3(), and SSLEnableJA4().
◆ g_disable_randomness
| int g_disable_randomness = 0 |
disable randomness to get reproducible results across runs
Definition at line 195 of file suricata.c.
Referenced by RandomGet(), and SCParseCommandLine().
◆ g_livedev_mask
| uint16_t g_livedev_mask = 0xffff |
determine (without branching) if we include the livedev ids when hashing or comparing flows
Definition at line 206 of file suricata.c.
Referenced by FlowKeyGetHash(), RunModeEngineIsIPS(), and SuricataInit().
◆ g_recurlvl_mask
| uint8_t g_recurlvl_mask = 0xff |
determine (without branching) if we include the recursion levels when hashing or comparing flows
Definition at line 210 of file suricata.c.
Referenced by FlowGetIpPairProtoHash(), FlowKeyGetHash(), and SuricataInit().
◆ g_skip_prefilter
|
extern |
Definition at line 1071 of file detect-engine-mpm.c.
Referenced by RetrieveFPForSig(), and SCParseCommandLine().
◆ g_stats_eps_per_app_proto_errors
| bool g_stats_eps_per_app_proto_errors = false |
add per-proto app-layer error counters for exception policies stats? disabled by default
Definition at line 220 of file suricata.c.
Referenced by AppLayerRegisterThreadCounters(), and PostConfLoadedSetup().
◆ g_system
| bool g_system = false |
Definition at line 191 of file suricata.c.
Referenced by SCParseCommandLine().
◆ g_ut_covered
| int g_ut_covered |
Definition at line 945 of file suricata.c.
Referenced by MpmRegisterTests(), SCParseCommandLine(), SigTableRegisterTests(), and TmModuleRegisterTests().
◆ g_ut_modules
| int g_ut_modules |
Definition at line 944 of file suricata.c.
Referenced by MpmRegisterTests(), SCParseCommandLine(), SigTableRegisterTests(), and TmModuleRegisterTests().
◆ g_vlan_mask
| uint16_t g_vlan_mask = 0xffff |
determine (without branching) if we include the vlan_ids when hashing or comparing flows
Definition at line 202 of file suricata.c.
Referenced by FlowGetIpPairProtoHash(), FlowKeyGetHash(), and SuricataInit().
◆ host_mode
| uint8_t host_mode = SURI_HOST_IS_SNIFFER_ONLY |
Host mode: set if box is sniffing only or is a router
Definition at line 180 of file suricata.c.
◆ prerun_snap
| SystemHugepageSnapshot* prerun_snap = NULL |
Definition at line 217 of file suricata.c.
Referenced by SuricataInit(), and SuricataPostInit().
◆ sc_set_caps
| bool sc_set_caps = false |
set caps or not
Definition at line 189 of file suricata.c.
◆ sighup_count
| volatile sig_atomic_t sighup_count = 0 |
Definition at line 157 of file suricata.c.
Referenced by SuricataMainLoop().
◆ sigint_count
| volatile sig_atomic_t sigint_count = 0 |
Definition at line 156 of file suricata.c.
Referenced by SuricataMainLoop().
◆ sigterm_count
| volatile sig_atomic_t sigterm_count = 0 |
Definition at line 158 of file suricata.c.
Referenced by SuricataMainLoop().
◆ sigusr2_count
| volatile sig_atomic_t sigusr2_count = 0 |
Definition at line 159 of file suricata.c.
Referenced by SuricataMainLoop().
◆ suricata
| SCInstance suricata |
Suricata instance
Definition at line 223 of file suricata.c.
Referenced by GlobalsDestroy(), PostConfLoadedSetup(), RunmodeIsUnittests(), SCEnableDefaultSignalHandlers(), SCFinalizeRunMode(), SCLoadYamlConfig(), SCParseCommandLine(), SCRunmodeGet(), SCRunmodeSet(), SCStartInternalRunMode(), SuricataInit(), SuricataMainLoop(), SuricataPostInit(), SuricataPreInit(), SuricataShutdown(), and SuriHasSigFile().
◆ suricata_ctl_flags
| volatile uint8_t suricata_ctl_flags = 0 |
suricata engine control flags
Definition at line 172 of file suricata.c.
Referenced by EngineDone(), EngineStop(), LLVMFuzzerTestOneInput(), PcapFileDispatch(), ReceiveErfDagLoop(), ReceiveErfFileLoop(), and SuricataMainLoop().
