A-A+

suricata 3.1 源码分析12

2017年09月12日 suricata 暂无评论 阅读 44 次

int engine_retval = EXIT_SUCCESS;
        while(1) {
            if (sigterm_count) {
                suricata_ctl_flags |= SURICATA_KILL;
            } else if (sigint_count) {
                suricata_ctl_flags |= SURICATA_STOP;
            }

        if (suricata_ctl_flags & (SURICATA_KILL | SURICATA_STOP)) {
            SCLogNotice("Signal Received.  Stopping engine.");
            break;
        }

若收到引擎退出信号(SURICATA_KILL或SURICATA_STOP),则退出循环,执行后续退出操作

        TmThreadCheckThreadState();

检查各线程的状态,决定是否进行结束线程、重启线程、终止程序等操作

        if (sighup_count > 0) {
            OutputNotifyFileRotation();

循环设置注册文件的flags

            sighup_count--;
        }

        if (sigusr2_count > 0) {
            if (suri.sig_file != NULL) {
                SCLogWarning(SC_ERR_LIVE_RULE_SWAP, "Live rule reload not "
                        "possible if -s or -S option used at runtime.");
                sigusr2_count--;
            } else {
                if (!(DetectEngineReloadIsStart())) {
                    DetectEngineReloadStart();
                    DetectEngineReload(&suri);
                    DetectEngineReloadSetDone();
                    sigusr2_count--;
                }
            }

        } else if (DetectEngineReloadIsStart()) {
            if (suri.sig_file != NULL) {
                SCLogWarning(SC_ERR_LIVE_RULE_SWAP, "Live rule reload not "
                        "possible if -s or -S option used at runtime.");
                DetectEngineReloadSetDone();
            } else {
                DetectEngineReload(&suri);
                DetectEngineReloadSetDone();
            }
        }

        usleep(10* 1000);
    }
标签:

给我留言

Copyright © 九毛的官方博客 保留所有权利.   Theme  Ality

用户登录