From a4231c5725b51d3b8befb8a6e8dcb8e18a564d17 Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Thu, 21 Oct 2010 14:39:10 -0500 Subject: [PATCH] Removed Endace DAG support. --- BuildOptions.cmake | 1 - INSTALL | 3 - config.h.in | 3 - src/CMakeLists.txt | 1 - src/Net.cc | 21 +--- src/PktDagSrc.cc | 294 --------------------------------------------- src/PktDagSrc.h | 54 --------- 7 files changed, 3 insertions(+), 374 deletions(-) delete mode 100644 src/PktDagSrc.cc delete mode 100644 src/PktDagSrc.h diff --git a/BuildOptions.cmake b/BuildOptions.cmake index 2edc7f64c2..3713c1df33 100644 --- a/BuildOptions.cmake +++ b/BuildOptions.cmake @@ -68,5 +68,4 @@ set(BinPAC_SKIP_INSTALL true) # Libmagic # LibGeoIP # Libz -# Endace's DAG tools # Google perftools diff --git a/INSTALL b/INSTALL index c35a1247f1..87d7c6e68a 100644 --- a/INSTALL +++ b/INSTALL @@ -49,9 +49,6 @@ installation time: For decompressing HTTP bodies by the HTTP analyzer, and for compressed Bro-to-Bro communication. - * Endace's DAG tools: - For native support of Endace DAG cards. - Installation ============ diff --git a/config.h.in b/config.h.in index 5691728425..52b444b8b9 100644 --- a/config.h.in +++ b/config.h.in @@ -174,9 +174,6 @@ /* Define to 1 if you can safely include both and . */ #cmakedefine TIME_WITH_SYS_TIME -/* Include Endace DAG support */ -#undef USE_DAG - /* GeoIP geographic lookup functionality */ #undef USE_GEOIP diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index c1d4892932..55f2da01a4 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -295,7 +295,6 @@ set(bro_SRCS PacketFilter.cc PacketSort.cc PersistenceSerializer.cc - PktDagSrc.cc PktSrc.cc PIA.cc PolicyFile.cc diff --git a/src/Net.cc b/src/Net.cc index 87aa5eb03c..80ad234b64 100644 --- a/src/Net.cc +++ b/src/Net.cc @@ -34,10 +34,6 @@ #include "Serializer.h" #include "PacketDumper.h" -#ifdef USE_DAG -#include "PktDagSrc.h" -#endif - extern "C" { #include "setsignal.h" }; @@ -243,12 +239,7 @@ void net_init(name_list& interfaces, name_list& readfiles, for ( int i = 0; i < interfaces.length(); ++i ) { PktSrc* ps; -#ifdef USE_DAG - if ( strncmp(interfaces[i], "dag", 3) == 0 ) - ps = new PktDagSrc(interfaces[i], filter); - else -#endif - ps = new PktInterfaceSrc(interfaces[i], filter); + ps = new PktInterfaceSrc(interfaces[i], filter); if ( ! ps->IsOpen() ) { @@ -265,14 +256,8 @@ void net_init(name_list& interfaces, name_list& readfiles, if ( secondary_filter ) { PktSrc* ps; -#ifdef USE_DAG - if ( strncmp(interfaces[i], "dag", 3) == 0 ) - ps = new PktDagSrc(interfaces[i], - filter, TYPE_FILTER_SECONDARY); - else -#endif - ps = new PktInterfaceSrc(interfaces[i], - filter, TYPE_FILTER_SECONDARY); + ps = new PktInterfaceSrc(interfaces[i], + filter, TYPE_FILTER_SECONDARY); if ( ! ps->IsOpen() ) { diff --git a/src/PktDagSrc.cc b/src/PktDagSrc.cc deleted file mode 100644 index 1a5c6573de..0000000000 --- a/src/PktDagSrc.cc +++ /dev/null @@ -1,294 +0,0 @@ -// $Id: PktDagSrc.cc 6909 2009-09-10 19:42:19Z vern $ -// -// See the file "COPYING" in the main distribution directory for copyright. - -#include "config.h" - -#ifdef USE_DAG - -extern "C" { -#include -#include -} -#include - -#include -#include - -#include "PktDagSrc.h" - -// Length of ERF Header before Ethernet header. -#define DAG_ETH_ERFLEN 18 - -static set used_interfaces; - -PktDagSrc::PktDagSrc(const char* arg_interface, const char* filter, - PktSrc_Filter_Type ft) -: PktSrc() - { - interface = copy_string(fmt("/dev/%s", arg_interface)); - fd = -1; - closed = true; - - if ( used_interfaces.find(interface) != used_interfaces.end() ) - { - Error("DAG interface already in use, can't be used multiple times"); - return; - } - - - // We only support Ethernet. - hdr_size = 14; - datalink = DLT_EN10MB; - filter_type = ft; - netmask = 0xffffff00; // XXX does this make sense? - - current_filter = 0; - - // We open a dummy pcap file to get access to pcap data structures. - // Ideally, Bro's PktSrc would be less dependent on pcap ... - - pd = pcap_open_dead(datalink, snaplen); - if ( ! pd ) - { - // Note: errno not trustworthy, for example it's sometimes - // set by malloc inside pcap_open_dead(). - Error("pcap_open_dead"); - return; - } - - fd = dag_open(interface); - - // XXX Currently, the DAG fd is not selectable :-(. - selectable_fd = -1; - - if ( fd < 0 ) - { - Error("dag_open"); - return; - } - - int dag_recordtype = dag_linktype(fd); - if ( dag_recordtype < TYPE_MIN || dag_recordtype > TYPE_MAX ) - { - Error("dag_linktype"); - return; - } - - if ( dag_recordtype != TYPE_ETH ) - { - sprintf(errbuf, "unsupported DAG link type 0x%x", dag_recordtype); - return; - } - - // long= is needed to prevent the DAG card from truncating jumbo frames. - char* dag_configure_string = - copy_string(fmt("slen=%d varlen long=%d", - snaplen, snaplen > 1500 ? snaplen : 1500)); - - fprintf(stderr, "Configuring %s with options \"%s\"...\n", - interface, dag_configure_string); - - if ( dag_configure(fd, dag_configure_string) < 0 ) - { - Error("dag_configure"); - delete [] dag_configure_string; - return; - } - - delete [] dag_configure_string; - - if ( dag_attach_stream(fd, stream_num, 0, EXTRA_WINDOW_SIZE) < 0 ) - { - Error("dag_attach_stream"); - return; - } - - if ( dag_start_stream(fd, stream_num) < 0 ) - { - Error("dag_start_stream"); - return; - } - - struct timeval maxwait, poll; - maxwait.tv_sec = 0; // arbitrary due to mindata == 0 - maxwait.tv_usec = 0; - poll.tv_sec = 0; // don't wait until more data arrives. - poll.tv_usec = 0; - - // mindata == 0 for non-blocking. - if ( dag_set_stream_poll(fd, stream_num, 0, &maxwait, &poll) < 0 ) - { - Error("dag_set_stream_poll"); - return; - } - - closed = false; - - if ( PrecompileFilter(0, filter) && SetFilter(0) ) - fprintf(stderr, "listening on DAG card on %s\n", interface); - - stats.link = stats.received = stats.dropped = 0; - } - -PktDagSrc::~PktDagSrc() - { - } - - -void PktDagSrc::Close() - { - if ( fd >= 0 ) - { - PktSrc::Close(); - dag_stop_stream(fd, stream_num); - dag_detach_stream(fd, stream_num); - dag_close(fd); - fd = -1; - } - - closed = true; - used_interfaces.erase(interface); - } - -int PktDagSrc::ExtractNextPacket() - { - unsigned link_count = 0; // # packets on link for this call - - // As we can't use select() on the fd, we always have to pretend - // we're busy (in fact this is probably even true; otherwise - // we shouldn't be using such expensive monitoring hardware!). - idle = false; - - struct bpf_insn* fcode = current_filter->bf_insns; - if ( ! fcode ) - { - run_time("filter code not valid when extracting DAG packet"); - return 0; - } - - dag_record_t* r = 0; - - do - { - r = (dag_record_t*) dag_rx_stream_next_record(fd, 0); - - if ( ! r ) - { - data = last_data = 0; // make dataptr invalid - - if ( errno != EAGAIN ) - { - run_time(fmt("dag_rx_stream_next_record: %s", - strerror(errno))); - Close(); - return 0; - } - - else - { // gone dry - idle = true; - return 0; - } - } - - // Return after 20 unwanted packets on the link. - if ( ++link_count > 20 ) - { - data = last_data = 0; - return 0; - } - - hdr.len = ntohs(r->wlen); - hdr.caplen = ntohs(r->rlen) - DAG_ETH_ERFLEN; - - // Locate start of the Ethernet header. - data = last_data = (const u_char*) r->rec.eth.dst; - - ++stats.link; - // lctr_sum += ntohs(r->lctr); - stats.dropped += ntohs(r->lctr); - } - while ( ! bpf_filter(fcode, (u_char*) data, hdr.len, hdr.caplen) ); - - ++stats.received; - - // Timestamp conversion taken from DAG programming manual. - unsigned long long lts = r->ts; - hdr.ts.tv_sec = lts >> 32; - lts = ((lts & 0xffffffffULL) * 1000 * 1000); - lts += (lts & 0x80000000ULL) << 1; - hdr.ts.tv_usec = lts >> 32; - if ( hdr.ts.tv_usec >= 1000000 ) - { - hdr.ts.tv_usec -= 1000000; - hdr.ts.tv_sec += 1; - } - - next_timestamp = hdr.ts.tv_sec + double(hdr.ts.tv_usec) / 1e6; - - return 1; - } - -void PktDagSrc::GetFds(int* read, int* write, int* except) - { - // We don't have a selectable fd, but we take the opportunity to - // reset our idle flag if we have data now. - if ( ! data ) - ExtractNextPacket(); - } - -void PktDagSrc::Statistics(Stats* s) - { - s->received = stats.received; - s->dropped = stats.dropped; - s->link = stats.link + stats.dropped; - } - -int PktDagSrc::SetFilter(int index) - { - // We don't want load-level filters for the secondary path. - if ( filter_type == TYPE_FILTER_SECONDARY && index > 0 ) - return 1; - - HashKey* hash = new HashKey(HashKey(bro_int_t(index))); - BPF_Program* code = filters.Lookup(hash); - delete hash; - - if ( ! code ) - { - sprintf(errbuf, "No precompiled pcap filter for index %d", - index); - return 0; - } - - current_filter = code->GetProgram(); - - // Reset counters. - stats.received = stats.dropped = stats.link = 0; - - return 1; - } - -int PktDagSrc::SetNewFilter(const char* filter) - { - bpf_program* code = 0; - - if ( pcap_compile(pd, code, (char*) filter, 1, netmask) < 0 ) - { - snprintf(errbuf, sizeof(errbuf), "pcap_compile(%s): %s", - filter, pcap_geterr(pd)); - errbuf[sizeof(errbuf) - 1] = '\0'; - return 0; - } - - current_filter = code; - return 1; - } - -void PktDagSrc::Error(const char *s) - { - snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %s", s, strerror(errno)); - Close(); - } -#endif diff --git a/src/PktDagSrc.h b/src/PktDagSrc.h deleted file mode 100644 index c7ea49e106..0000000000 --- a/src/PktDagSrc.h +++ /dev/null @@ -1,54 +0,0 @@ -// $Id: PktDagSrc.h 6219 2008-10-01 05:39:07Z vern $ -// -// See the file "COPYING" in the main distribution directory for copyright. -// -// Support for Endace's DAG interface card. -// -// Caveats: -// - No support for hardware-side filtering yet. -// - No support for secondary filter path yet. -// - No support for other media than Ethernet. -// - Mutex should be per interface -// - No support for multiple rx streams - -#ifndef PKTDAGSRC_H -#define PKTDAGSRC_H - -#ifdef USE_DAG - -extern int snaplen; - -#include "PktSrc.h" - -class PktDagSrc : public PktSrc { -public: - PktDagSrc(const char* interface, const char* filter, - PktSrc_Filter_Type ft = TYPE_FILTER_NORMAL); - virtual ~PktDagSrc(); - - // PktSrc interface: - virtual void Statistics(Stats* stats); - virtual int SetFilter(int index); - virtual int SetNewFilter(const char* filter); - -protected: - virtual int ExtractNextPacket(); - virtual void GetFds(int* read, int* write, int* except); - virtual void Close(); - - void Error(const char* str); - - static const unsigned int EXTRA_WINDOW_SIZE = 4 * 1024 * 1024; - static const int stream_num = 0; // use receive stream 0 - - // Unfortunaly the DAG API has some problems with locking streams, - // so we do our own checks to ensure we don't use more than one - // stream. In particular, the secondary filter won't work. - static int mutex; - - int fd; - bpf_program* current_filter; -}; -#endif - -#endif