Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

af-packet: Remove support for rollover settings #9148

Merged
merged 4 commits into from
Jul 6, 2023
Merged

af-packet: Remove support for rollover settings #9148

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
cb30b71
detect/stat: Display 0 instead of nan
jlucovsky Jun 23, 2023
29621c7
doc/afpacket: Document rollover deprecation
jlucovsky Jun 23, 2023
ac8f91f
config: Document cluster_rollover deprecation
jlucovsky Jun 23, 2023
b05375f
config/af-packet: Warn/replace rollover usage
jlucovsky Jun 23, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions doc/userguide/upgrade.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,8 @@ Deprecations
- Multiple "include" fields in the configuration file will now issue a
warning and in Suricata 8.0 will not be supported. See
:ref:`includes` for documentation on including multiple files.
- For AF-Packet, the `cluster_rollover` setting is no longer supported. Configuration settings using ``cluster_rollover``
will cause a warning message and act as though `cluster_flow`` was specified. Please update your configuration settings.

Other changes
~~~~~~~~~~~~~
Expand Down
23 changes: 11 additions & 12 deletions src/runmode-af-packet.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -375,7 +375,12 @@ static void *ParseAFPConfig(const char *iface)
SCLogConfig("%s: using round-robin cluster mode for AF_PACKET", aconf->iface);
aconf->cluster_type = PACKET_FANOUT_LB;
cluster_type = PACKET_FANOUT_LB;
} else if (strcmp(tmpctype, "cluster_flow") == 0) {
} else if (strcmp(tmpctype, "cluster_flow") == 0 || strcmp(tmpctype, "cluster_rollover") == 0) {
if (strcmp(tmpctype, "cluster_rollover") == 0) {
SCLogWarning("%s: cluster_rollover deprecated; using \"cluster_flow\" instead. See "
"ticket #6128",
aconf->iface);
}
/* In hash mode, we also ask for defragmentation needed to
* compute the hash */
uint16_t defrag = 0;
Expand All @@ -400,13 +405,6 @@ static void *ParseAFPConfig(const char *iface)
SCLogConfig("%s: using random based cluster mode for AF_PACKET", aconf->iface);
aconf->cluster_type = PACKET_FANOUT_RND;
cluster_type = PACKET_FANOUT_RND;
} else if (strcmp(tmpctype, "cluster_rollover") == 0) {
SCLogConfig("%s: using rollover based cluster mode for AF_PACKET", aconf->iface);
SCLogWarning("%s: rollover mode is causing severe flow "
"tracking issues, use it at your own risk.",
iface);
aconf->cluster_type = PACKET_FANOUT_ROLLOVER;
cluster_type = PACKET_FANOUT_ROLLOVER;
#ifdef HAVE_PACKET_EBPF
} else if (strcmp(tmpctype, "cluster_ebpf") == 0) {
SCLogInfo("%s: using ebpf based cluster mode for AF_PACKET", aconf->iface);
Expand All @@ -420,10 +418,11 @@ static void *ParseAFPConfig(const char *iface)
int conf_val = 0;
ConfGetChildValueBoolWithDefault(if_root, if_default, "rollover", &conf_val);
if (conf_val) {
SCLogConfig("%s: Using rollover kernel functionality for AF_PACKET", aconf->iface);
aconf->cluster_type |= PACKET_FANOUT_FLAG_ROLLOVER;
SCLogWarning("%s: rollover option is causing severe flow "
"tracking issues, use it at your own risk.",
SCLogConfig("%s: Rollover requested for AF_PACKET but ignored -- see ticket #6128.",
aconf->iface);
SCLogWarning("%s: rollover option has been deprecated and will be ignored as it can cause "
"severe flow "
"tracking issues; see ticket #6128.",
iface);
}

Expand Down
4 changes: 3 additions & 1 deletion src/util-device.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -321,7 +321,9 @@ int LiveDeviceListClean(void)
SCLogNotice("%s: packets: %" PRIu64 ", drops: %" PRIu64
" (%.2f%%), invalid chksum: %" PRIu64,
pd->dev, SC_ATOMIC_GET(pd->pkts), SC_ATOMIC_GET(pd->drop),
100 * ((double)SC_ATOMIC_GET(pd->drop)) / (double)SC_ATOMIC_GET(pd->pkts),
SC_ATOMIC_GET(pd->pkts) > 0 ? 100 * ((double)SC_ATOMIC_GET(pd->drop)) /
(double)SC_ATOMIC_GET(pd->pkts)
: 0,
SC_ATOMIC_GET(pd->invalid_checksums));
}

Expand Down
1 change: 1 addition & 0 deletions suricata.yaml.in
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -621,6 +621,7 @@ af-packet:
# more info.
# Recommended modes are cluster_flow on most boxes and cluster_cpu or cluster_qm on system
# with capture card using RSS (requires cpu affinity tuning and system IRQ tuning)
# cluster_rollover has been deprecated; if used, it'll be replaced with cluster_flow.
cluster-type: cluster_flow
# In some fragmentation cases, the hash can not be computed. If "defrag" is set
# to yes, the kernel will do the needed defragmentation before sending the packets.
Expand Down
Loading