forked from Mirrors/sngrep
Redefine usage of POSIX signals.
Use signal SIGUSR1 instead of SIGHUP to detect when to rotate the pcap dump file. Use signal SIGHUP instead of SIGCONT to detect when the controlling terminal closed. This signal usage provides that sngrep closes cleanly when its controlling (SSH) terminal closes.
This commit is contained in:
parent
71e454c687
commit
ba59a9d18f
|
@ -71,7 +71,8 @@ with bpf filters.
|
|||
.TP
|
||||
.I \-O pcap_dump
|
||||
Save all captured packets to a pcap file. This option can be used
|
||||
with bpf filters.
|
||||
with bpf filters. When receiving a SIGUSR1 signal sngrep will reopen
|
||||
the pcap file in order to facilitate pcap file rotation.
|
||||
|
||||
.TP
|
||||
.I -B buffer
|
||||
|
|
|
@ -67,11 +67,11 @@ typedef volatile sig_atomic_t signal_flag_type;
|
|||
capture_config_t capture_cfg =
|
||||
{ 0 };
|
||||
|
||||
signal_flag_type sighup_received = 0;
|
||||
signal_flag_type sigusr1_received = 0;
|
||||
|
||||
void sighup_handler(int signum)
|
||||
void sigusr1_handler(int signum)
|
||||
{
|
||||
sighup_received = 1;
|
||||
sigusr1_received = 1;
|
||||
}
|
||||
|
||||
#if defined(WITH_ZLIB)
|
||||
|
@ -104,11 +104,11 @@ capture_init(size_t limit, bool rtp_capture, bool rotate, size_t pcap_buffer_siz
|
|||
capture_cfg.paused = 0;
|
||||
capture_cfg.sources = vector_create(1, 1);
|
||||
|
||||
// set up SIGHUP handler
|
||||
// set up SIGUSR1 signal handler for pcap dump file rotation
|
||||
// the handler will be served by any of the running threads
|
||||
// so we just set a flag and check it in dump_packet
|
||||
// so it is only acted upon before then next packed will be dumped
|
||||
if (signal(SIGHUP, sighup_handler) == SIG_ERR)
|
||||
if (signal(SIGUSR1, sigusr1_handler) == SIG_ERR)
|
||||
exit(EXIT_FAILURE);
|
||||
|
||||
// Fixme
|
||||
|
@ -1318,8 +1318,8 @@ capture_set_dumper(pcap_dumper_t *dumper, ino_t dump_inode)
|
|||
void
|
||||
capture_dump_packet(packet_t *packet)
|
||||
{
|
||||
if (sighup_received && capture_cfg.pd) {
|
||||
// we got a SIGHUP: reopen the dump file because it could have been renamed
|
||||
if (sigusr1_received && capture_cfg.pd) {
|
||||
// we got a SIGUSR1: reopen the dump file because it could have been renamed
|
||||
// we don't need to care about locking or other threads accessing in parallel
|
||||
// because dump_open ensures count(capture_cfg.sources) == 1
|
||||
|
||||
|
@ -1333,7 +1333,7 @@ capture_dump_packet(packet_t *packet)
|
|||
capture_cfg.pd = dump_open(capture_cfg.dumpfilename, &capture_cfg.dump_inode);
|
||||
}
|
||||
|
||||
sighup_received = 0;
|
||||
sigusr1_received = 0;
|
||||
|
||||
// error reopening capture file: we can't capture anymore
|
||||
if (!capture_cfg.pd)
|
||||
|
|
|
@ -66,10 +66,9 @@ void setup_sigterm_handler(void)
|
|||
if (signal(SIGQUIT, sigterm_handler) == SIG_ERR)
|
||||
exit(EXIT_FAILURE);
|
||||
|
||||
// Handle SIGCONT signal, received when parent process has died and
|
||||
// kernel requests us to continue running. This prevents running on
|
||||
// dead ssh connections.
|
||||
if (signal(SIGCONT, sigterm_handler) == SIG_ERR)
|
||||
// Handle SIGHUP signal, received when our controlling terminal is closed.
|
||||
// This prevents running on dead ssh connections.
|
||||
if (signal(SIGHUP, sigterm_handler) == SIG_ERR)
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue