[Snort-devel] [DAQ][PATCH 3/3] nfq: add "queuelen" option to set nfqueue length

Russ Combs rcombs at ...402...
Mon Aug 9 17:22:09 EDT 2010


Opened a bug for this.

On Tue, Aug 3, 2010 at 6:49 AM, Florian Westphal <fwestphal at ...2119...>wrote:

> Allow changing the in-kernel netfilter queue length via e.g.
> "--daq-var queuelen=2048"
>
> ---
>  os-daq-modules/daq_nfq.c |   28 ++++++++++++++++++++++++++--
>  1 files changed, 26 insertions(+), 2 deletions(-)
>
> diff --git a/os-daq-modules/daq_nfq.c b/os-daq-modules/daq_nfq.c
> index 2c033d4..b278306 100644
> --- a/os-daq-modules/daq_nfq.c
> +++ b/os-daq-modules/daq_nfq.c
> @@ -48,6 +48,7 @@
>  typedef struct
>  {
>     int protos, sock, qid;
> +    unsigned int qlen;
>
>     struct nfq_handle* nf_handle;
>     struct nfq_q_handle* nf_queue;
> @@ -108,6 +109,7 @@ static int nfq_daq_get_setup (
>
>     impl->protos = 0x1;
>     impl->qid = DEFAULT_Q;
> +    impl->qlen = 0;
>
>     for ( entry = cfg->values; entry; entry = entry->next)
>     {
> @@ -151,6 +153,19 @@ static int nfq_daq_get_setup (
>                 return DAQ_ERROR;
>             }
>         }
> +        else if ( !strcmp(entry->key, "queuelen") )
> +        {
> +            char* end = entry->value;
> +
> +            impl->qlen = (unsigned int)strtol(entry->value, &end, 0);
> +
> +            if ( *end )
> +            {
> +                snprintf(errBuf, errMax, "%s: bad queue length (%s)\n",
> +                    __FUNCTION__, entry->value);
> +                return DAQ_ERROR;
> +            }
> +        }
>         else
>         {
>             snprintf(errBuf, errMax,
> @@ -265,8 +280,17 @@ static int nfq_daq_initialize (
>         nfq_daq_shutdown(impl);
>         return DAQ_ERROR;
>     }
> -
> -    // 6. get the q socket descriptor
> +    // 6. set queue length (optional)
> +    if ( impl->qlen > 0 &&
> +        nfq_set_queue_maxlen(impl->nf_queue, impl->qlen))
> +    {
> +         snprintf(errBuf, errMax, "%s: unable to set queue length\n",
> +            __FUNCTION__);
> +        nfq_daq_shutdown(impl);
> +        return DAQ_ERROR;
> +    }
> +
> +    // 7. get the q socket descriptor
>     //    (after getting not 1 but 2 handles!)
>     impl->sock = nfq_fd(impl->nf_handle);
>
> --
> 1.7.1
>
>
>
> ------------------------------------------------------------------------------
> The Palm PDK Hot Apps Program offers developers who use the
> Plug-In Development Kit to bring their C/C++ apps to Palm for a share
> of $1 Million in cash or HP Products. Visit us here for more details:
> http://p.sf.net/sfu/dev2dev-palm
> _______________________________________________
> Snort-devel mailing list
> Snort-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20100809/4947490d/attachment.html>


More information about the Snort-devel mailing list