Snort mailing list archives

Re: [DAQ][PATCH 3/3] nfq: add "queuelen" option to set nfqueue length

From: Russ Combs <rcombs () sourcefire com>
Date: Mon, 9 Aug 2010 17:22:09 -0400

Opened a bug for this.

On Tue, Aug 3, 2010 at 6:49 AM, Florian Westphal <fwestphal () astaro com>wrote:

Allow changing the in-kernel netfilter queue length via e.g.
"--daq-var queuelen=2048"

---
 os-daq-modules/daq_nfq.c |   28 ++++++++++++++++++++++++++--
 1 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/os-daq-modules/daq_nfq.c b/os-daq-modules/daq_nfq.c
index 2c033d4..b278306 100644
--- a/os-daq-modules/daq_nfq.c
+++ b/os-daq-modules/daq_nfq.c
@@ -48,6 +48,7 @@
 typedef struct
 {
    int protos, sock, qid;
+    unsigned int qlen;

    struct nfq_handle* nf_handle;
    struct nfq_q_handle* nf_queue;
@@ -108,6 +109,7 @@ static int nfq_daq_get_setup (

    impl->protos = 0x1;
    impl->qid = DEFAULT_Q;
+    impl->qlen = 0;

    for ( entry = cfg->values; entry; entry = entry->next)
    {
@@ -151,6 +153,19 @@ static int nfq_daq_get_setup (
                return DAQ_ERROR;
            }
        }
+        else if ( !strcmp(entry->key, "queuelen") )
+        {
+            char* end = entry->value;
+
+            impl->qlen = (unsigned int)strtol(entry->value, &end, 0);
+
+            if ( *end )
+            {
+                snprintf(errBuf, errMax, "%s: bad queue length (%s)\n",
+                    __FUNCTION__, entry->value);
+                return DAQ_ERROR;
+            }
+        }
        else
        {
            snprintf(errBuf, errMax,
@@ -265,8 +280,17 @@ static int nfq_daq_initialize (
        nfq_daq_shutdown(impl);
        return DAQ_ERROR;
    }
-
-    // 6. get the q socket descriptor
+    // 6. set queue length (optional)
+    if ( impl->qlen > 0 &&
+        nfq_set_queue_maxlen(impl->nf_queue, impl->qlen))
+    {
+         snprintf(errBuf, errMax, "%s: unable to set queue length\n",
+            __FUNCTION__);
+        nfq_daq_shutdown(impl);
+        return DAQ_ERROR;
+    }
+
+    // 7. get the q socket descriptor
    //    (after getting not 1 but 2 handles!)
    impl->sock = nfq_fd(impl->nf_handle);

--
1.7.1



------------------------------------------------------------------------------
The Palm PDK Hot Apps Program offers developers who use the
Plug-In Development Kit to bring their C/C++ apps to Palm for a share
of $1 Million in cash or HP Products. Visit us here for more details:
http://p.sf.net/sfu/dev2dev-palm
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel

------------------------------------------------------------------------------
This SF.net email is sponsored by 

Make an app they can't live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel

Current thread:

[DAQ][PATCH 1/3] fix --enable-xyz-module options Florian Westphal (Aug 03)
- [DAQ][PATCH 3/3] nfq: add "queuelen" option to set nfqueue length Florian Westphal (Aug 03)
  - Re: [DAQ][PATCH 3/3] nfq: add "queuelen" option to set nfqueue length Russ Combs (Aug 09)
- [DAQ][PATCH 2/3] nfq: fix _acquire return value on select EINTR error Florian Westphal (Aug 03)
  - Re: [DAQ][PATCH 2/3] nfq: fix _acquire return value on select EINTR error Russ Combs (Aug 09)
- Re: [DAQ][PATCH 1/3] fix --enable-xyz-module options Russ Combs (Aug 03)
  - Re: [DAQ][PATCH 1/3] fix --enable-xyz-module options Florian Westphal (Aug 03)
    - Re: [DAQ][PATCH 1/3] fix --enable-xyz-module options Will Metcalf (Aug 03)
    - Re: [DAQ][PATCH 1/3] fix --enable-xyz-module options Russ Combs (Aug 03)
  - Re: [DAQ][PATCH 1/3] fix --enable-xyz-module options Russ Combs (Aug 09)
- Re: [DAQ][PATCH 1/3] fix --enable-xyz-module options Michael Altizer (Aug 03)