Skip to content

Commit

Permalink
runmodes: introduce unknown engine mode
Browse files Browse the repository at this point in the history 
Querying an engine mode with an unknown value signals a bug when
the engine mode has not been determined but is already queried by
other functions.

Ticket: #5959
  • Loading branch information
@lukashino
Lukas Sismis authored and lukashino committed Mar 31, 2023
1 parent b797ce9 commit fcbd923
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 3 deletions.
1 change: 1 addition & 0 deletions src/runmode-unittests.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -232,6 +232,7 @@ void RunUnittests(int list_unittests, const char *regex_arg)
#ifdef UNITTESTS
/* Initializations for global vars, queues, etc (memsets, mutex init..) */
GlobalsInitPreConfig();
EngineModeSetIDS();

#ifdef HAVE_LUAJIT
if (LuajitSetupStatesPool() != 0) {
Expand Down
22 changes: 19 additions & 3 deletions src/suricata.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -168,7 +168,7 @@ int run_mode = RUNMODE_UNKNOWN;

/** Engine mode: inline (ENGINE_MODE_IPS) or just
* detection mode (ENGINE_MODE_IDS by default) */
static enum EngineMode g_engine_mode = ENGINE_MODE_IDS;
static enum EngineMode g_engine_mode = ENGINE_MODE_UNKNOWN;

/** Host mode: set if box is sniffing only
* or is a router */
Expand Down Expand Up @@ -208,13 +208,24 @@ int SuriHasSigFile(void)
return (suricata.sig_file != NULL);
}

int EngineModeIsUnknown(void)
{
return (g_engine_mode == ENGINE_MODE_UNKNOWN);
}

int EngineModeIsIPS(void)
{
#ifdef DEBUG
BUG_ON(g_engine_mode == ENGINE_MODE_UNKNOWN);
#endif
return (g_engine_mode == ENGINE_MODE_IPS);
}

int EngineModeIsIDS(void)
{
#ifdef DEBUG
BUG_ON(g_engine_mode == ENGINE_MODE_UNKNOWN);
#endif
return (g_engine_mode == ENGINE_MODE_IDS);
}

Expand Down Expand Up @@ -2666,13 +2677,18 @@ int PostConfLoadedSetup(SCInstance *suri)

MacSetRegisterFlowStorage();

SetMasterExceptionPolicy();

LiveDeviceFinalize(); // must be after EBPF extension registration

RunModeEngineIsIPS(
suricata.run_mode, suricata.runmode_custom_mode, suricata.capture_plugin_name);

if (EngineModeIsUnknown()) { // if still uninitialized the set the default
SCLogInfo("Setting engine mode to IDS mode by default");
EngineModeSetIDS();
}

SetMasterExceptionPolicy();

AppLayerSetup();

/* Suricata will use this umask if provided. By default it will use the
Expand Down
2 changes: 2 additions & 0 deletions src/suricata.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,12 +99,14 @@ enum {

/* Engine is acting as */
enum EngineMode {
ENGINE_MODE_UNKNOWN,
ENGINE_MODE_IDS,
ENGINE_MODE_IPS,
};

void EngineModeSetIPS(void);
void EngineModeSetIDS(void);
int EngineModeIsUnknown(void);
int EngineModeIsIPS(void);
int EngineModeIsIDS(void);

Expand Down

0 comments on commit fcbd923

Please sign in to comment.