博客主机
A-A+

suricata 3.1 源码分析11

2017年09月07日 suricata 暂无评论
博客主机

/* Wait till all the threads have been initialized */
        if (TmThreadWaitOnThreadInit() == TM_ECODE_FAILED) {
            SCLogError(SC_ERR_INITIALIZATION, "Engine initialization failed, "
                    "aborting...");
            exit(EXIT_FAILURE);
        }

等待子线程初始化完成。检查是否初始化完成的方式是遍历tv_root,调用TmThreadsCheckFlag检查子线程的状态标志。

    (void) SC_ATOMIC_CAS(&engine_stage, SURICATA_INIT, SURICATA_RUNTIME);
    PacketPoolPostRunmodes();


    /* Un-pause all the paused threads */
    TmThreadContinueThreads();

继续运行暂停的线程

    /* registering singal handlers we use.  We register usr2 here, so that one
     * can't call it during the first sig load phase or while threads are still
     * starting up. */
    if (DetectEngineEnabled() && suri.sig_file == NULL &&
            suri.delayed_detect == 0)
        UtilSignalHandlerSetup(SIGUSR2, SignalHandlerSigusr2);

设置Sigusr2信号的处理函数

    if (suri.delayed_detect) {
        /* force 'reload', this will load the rules and swap engines */
        DetectEngineReload(&suri);

重新加载detect engine

        SCLogNotice("Signature(s) loaded, Detect thread(s) activated.");
    }
标签:
博客主机

给我留言

Copyright © 九毛的官方博客 保留所有权利.   Theme  Ality

用户登录

分享到: