aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

function to set packet flags

Browse Source
remotes/origin/master-1.0.x
Gurvinder Singh 16 years ago committed by Victor Julien
parent cc0b4f7181
commit bbb385422d
7 changed files with 63 additions and 79 deletions
Show Stats Download Patch File Download Diff File

5
src/decode.h
Unescape Escape View File

@ -225,7 +225,10 @@ typedef struct Packet_
/* flow */
struct Flow_ *flow;
uint16_t flowflags;
uint8_t flowflags;
/*Pkt Flags*/
uint8_t flags;
/* pkt vars */
PktVar *pktvar;

4
src/detect.c
Unescape Escape View File

@ -341,7 +341,7 @@ int SigMatchSignatures(ThreadVars *th_v, DetectEngineCtx *de_ctx, DetectEngineTh
}
/* if we don't need any pattern matcher or other content inspection, then return*/
if (p->flowflags & FLOW_PKT_NOPAYLOAD_INSPECTION)
if (p->flags & PKT_NOPAYLOAD_INSPECTION)
return 1;
/* we assume we don't have an uri when we start inspection */
@ -519,7 +519,7 @@ int SigMatchSignatures(ThreadVars *th_v, DetectEngineCtx *de_ctx, DetectEngineTh
int Detect(ThreadVars *tv, Packet *p, void *data, PacketQueue *pq) {
/*No need to perform any detection on this packet, if the the given flag is set.*/
if (p->flowflags & FLOW_PKT_NOPACKET_INSPECTION)
if (p->flags & PKT_NOPACKET_INSPECTION)
return 0;
DetectEngineThreadCtx *det_ctx = (DetectEngineThreadCtx *)data;

2
src/flow-private.h
Unescape Escape View File

@ -19,8 +19,6 @@
#define FLOW_NOPACKET_INSPECTION 0x0080
#define FLOW_NOPAYLOAD_INSPECTION 0x0100
#define FLOW_NOCLIENT_REASSEMBLY 0x0200
#define FLOW_NOSERVER_REASSEMBLY 0x0400
/* global flow flags */
#define FLOW_EMERGENCY 0x01

46
src/flow.c
Unescape Escape View File

@ -42,6 +42,8 @@ int FlowSetProtoEmergencyTimeout(uint8_t , uint32_t ,uint32_t ,uint32_t);
static int FlowClearMemory(Flow *,uint8_t );
int FlowSetProtoFreeFunc(uint8_t, void (*Free)(void *));
int FlowSetFlowStateFunc (uint8_t , int (*GetProtoState)(void *));
void FlowSetPktNoPacketInspectionFlag(Packet *);
void FlowSetPktNoPayloadInspectionFlag(Packet *);
/** \brief Update the flows position in the queue's
* \param f Flow to requeue.
@ -343,13 +345,9 @@ void FlowHandlePacket (ThreadVars *tv, Packet *p)
/*set the detection bypass flags*/
if (f->flags & FLOW_NOPACKET_INSPECTION)
p->flowflags |= FLOW_PKT_NOPACKET_INSPECTION;
FlowSetPktNoPacketInspectionFlag(p);
if (f->flags & FLOW_NOPAYLOAD_INSPECTION)
p->flowflags |= FLOW_PKT_NOPAYLOAD_INSPECTION;
if (f->flags & FLOW_NOCLIENT_REASSEMBLY)
p->flowflags |= FLOW_PKT_NOCLIENT_REASSEMBLY;
if (f->flags & FLOW_NOSERVER_REASSEMBLY)
p->flowflags |= FLOW_PKT_NOSERVER_REASSEMBLY;
FlowSetPktNoPayloadInspectionFlag(p);
/* set the flow in the packet */
p->flow = f;
@ -750,26 +748,6 @@ int FlowSetProtoEmergencyTimeout(uint8_t proto, uint32_t emerg_new_timeout, uint
return 1;
}
/** \brief Set the No stream reassembly flag for 'direction'. This function
* handles the locking too.
* \param f Flow to set the flag in
* \param direction direction to set the flag in
*/
void FlowLockSetNoStreamReassemblyFlag(Flow *f, char direction) {
mutex_lock(&f->m);
direction ? (f->flags |= FLOW_NOSERVER_REASSEMBLY) : (f->flags |= FLOW_NOCLIENT_REASSEMBLY);
mutex_unlock(&f->m);
}
/** \brief Set the No stream reassembly flag for 'direction' without any lock.
*
* \param f Flow to set the flag in
* \param direction direction to set the flag in
*/
void FlowSetNoStreamReassemblyFlag(Flow *f, char direction) {
direction ? (f->flags |= FLOW_NOSERVER_REASSEMBLY) : (f->flags |= FLOW_NOCLIENT_REASSEMBLY);
}
/** \brief Set the No Packet Inspection Flag after locking the flow.
*
* \param f Flow to set the flag in
@ -806,6 +784,22 @@ void FlowSetNoPayloadInspectionFlag(Flow *f) {
f->flags |= FLOW_NOPAYLOAD_INSPECTION;
}
/** \brief Set the No payload inspection Flag for the packet.
*
* \param p Packet to set the flag in
*/
void FlowSetPktNoPayloadInspectionFlag(Packet *p) {
p->flags |= PKT_NOPAYLOAD_INSPECTION;
}
/** \brief Set the No packet inspection Flag for the packet.
*
* \param p Packet to set the flag in
*/
void FlowSetPktNoPacketInspectionFlag(Packet *p) {
p->flags |= PKT_NOPACKET_INSPECTION;
}
#ifdef UNITTESTS
#include "stream-tcp-private.h"

24
src/flow.h
Unescape Escape View File

@ -10,18 +10,18 @@
#define FLOW_VERBOSE FALSE
/* pkt flow flags */
#define FLOW_PKT_TOSERVER 0x0001
#define FLOW_PKT_TOCLIENT 0x0002
#define FLOW_PKT_ESTABLISHED 0x0004
#define FLOW_PKT_STATELESS 0x0008
#define FLOW_PKT_TOSERVER_IPONLY_SET 0x0010
#define FLOW_PKT_TOCLIENT_IPONLY_SET 0x0020
#define FLOW_PKT_NOSTREAM 0x0040
#define FLOW_PKT_STREAMONLY 0x0080
#define FLOW_PKT_NOPACKET_INSPECTION 0x0100
#define FLOW_PKT_NOPAYLOAD_INSPECTION 0x0200
#define FLOW_PKT_NOCLIENT_REASSEMBLY 0x0400
#define FLOW_PKT_NOSERVER_REASSEMBLY 0x0800
#define FLOW_PKT_TOSERVER 0x01
#define FLOW_PKT_TOCLIENT 0x02
#define FLOW_PKT_ESTABLISHED 0x04
#define FLOW_PKT_STATELESS 0x08
#define FLOW_PKT_TOSERVER_IPONLY_SET 0x10
#define FLOW_PKT_TOCLIENT_IPONLY_SET 0x20
#define FLOW_PKT_NOSTREAM 0x40
#define FLOW_PKT_STREAMONLY 0x80
/*Packet Flags*/
#define PKT_NOPACKET_INSPECTION 0x01
#define PKT_NOPAYLOAD_INSPECTION 0x02
/* global flow config */
typedef struct FlowCnf_

4
src/stream-tcp-private.h
Unescape Escape View File

@ -52,8 +52,10 @@ enum
#define STREAMTCP_FLAG_TIMESTAMP 0x04 /**< Flag for TCP Timestamp option*/
#define STREAMTCP_FLAG_SERVER_WSCALE 0x08 /**< Server supports wscale (even though it can be 0) */
#define STREAMTCP_FLAG_ZERO_TIMESTAMP 0x10 /**< Flag to indicate the zero value of timestamp*/
#define STREAMTCP_FLAG_NO_REASSEMBLY 0x20 /**< Flag to avoid stream reassembly / application layer
#define STREAMTCP_FLAG_NOCLIENT_REASSEMBLY 0x20 /**< Flag to avoid stream reassembly / application layer
inspection for the client stream.*/
#define STREAMTCP_FLAG_NOSERVER_REASSEMBLY 0x40 /**< Flag to avoid stream reassembly / application layer
inspection for the server stream.*/
#define PAWS_24DAYS 2073600 /* 24 days in seconds */

57
src/stream-tcp.c
Unescape Escape View File

@ -316,8 +316,6 @@ static int StreamTcpPacketStateNone(ThreadVars *tv, Packet *p, StreamTcpThread *
SCLogDebug("ssn %p: ssn->client.isn %" PRIu32 ", ssn->client.next_seq %" PRIu32 ", ssn->client.last_ack %"PRIu32"",
ssn, ssn->client.isn, ssn->client.next_seq, ssn->client.last_ack);
if ( p->flowflags & FLOW_PKT_NOCLIENT_REASSEMBLY)
ssn->client.flags |= STREAMTCP_FLAG_NO_REASSEMBLY;
break;
}
case TH_SYN|TH_ACK:
@ -379,9 +377,6 @@ static int StreamTcpPacketStateNone(ThreadVars *tv, Packet *p, StreamTcpThread *
ssn->client.last_ts = 0;
}
if (p->flowflags & FLOW_PKT_NOSERVER_REASSEMBLY)
ssn->server.flags |= STREAMTCP_FLAG_NO_REASSEMBLY;
break;
/* Handle SYN/ACK and 3WHS shake missed together as it is almost similar. */
case TH_ACK:
@ -446,14 +441,10 @@ static int StreamTcpPacketStateNone(ThreadVars *tv, Packet *p, StreamTcpThread *
ssn->client.last_ts = 0;
}
if ( p->flowflags & FLOW_PKT_NOCLIENT_REASSEMBLY)
ssn->client.flags |= STREAMTCP_FLAG_NO_REASSEMBLY;
if (p->flowflags & FLOW_PKT_NOSERVER_REASSEMBLY)
ssn->server.flags |= STREAMTCP_FLAG_NO_REASSEMBLY;
/*If no stream reassembly/application layer protocol inspection, then simple return*/
if (ssn->client.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (! (ssn->flags & STREAMTCP_FLAG_NOCLIENT_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->client, p);
break;
case TH_RST:
case TH_RST|TH_ACK:
@ -547,8 +538,6 @@ static int StreamTcpPacketStateSynSent(ThreadVars *tv, Packet *p, StreamTcpThrea
SCLogDebug("ssn %p: ssn->client.next_win %" PRIu32 "", ssn, ssn->client.next_win);
SCLogDebug("ssn %p: ssn->server.isn %" PRIu32 ", ssn->server.next_seq %" PRIu32 ", ssn->server.last_ack %" PRIu32 " (ssn->client.last_ack %" PRIu32 ")",
ssn, ssn->server.isn, ssn->server.next_seq, ssn->server.last_ack, ssn->client.last_ack);
if (p->flowflags & FLOW_PKT_NOSERVER_REASSEMBLY)
ssn->server.flags |= STREAMTCP_FLAG_NO_REASSEMBLY;
break;
case TH_RST:
@ -628,8 +617,6 @@ static int StreamTcpPacketStateSynRecv(ThreadVars *tv, Packet *p, StreamTcpThrea
ssn->server.next_win = ssn->server.last_ack + ssn->server.window;
SCLogDebug("ssn %p: ssn->server.next_win %" PRIu32 ", ssn->server.last_ack %"PRIu32"", ssn, ssn->server.next_win, ssn->server.last_ack);
if ( p->flowflags & FLOW_PKT_NOCLIENT_REASSEMBLY)
ssn->client.flags |= STREAMTCP_FLAG_NO_REASSEMBLY;
break;
case TH_RST:
@ -715,7 +702,7 @@ static int StreamTcpPacketStateEstablished(ThreadVars *tv, Packet *p, StreamTcpT
}
/*If no stream reassembly/application layer protocol inspection, then simple return*/
if (ssn->client.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (!(ssn->flags & STREAMTCP_FLAG_NOCLIENT_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->client, p);
} else {
SCLogDebug("ssn %p: server => SEQ out of window, packet SEQ %" PRIu32 ", payload size %" PRIu32 " (%" PRIu32 "), ssn->client.last_ack %" PRIu32 ", ssn->client.next_win %" PRIu32 "(%"PRIu32") (ssn->client.ra_base_seq %"PRIu32")", ssn, TCP_GET_SEQ(p), p->payload_len, TCP_GET_SEQ(p) + p->payload_len, ssn->client.last_ack, ssn->client.next_win, TCP_GET_SEQ(p) + p->payload_len - ssn->client.next_win, ssn->client.ra_base_seq);
@ -762,7 +749,7 @@ static int StreamTcpPacketStateEstablished(ThreadVars *tv, Packet *p, StreamTcpT
}
/*If no stream reassembly/application layer protocol inspection, then simple return*/
if (ssn->server.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (!(ssn->flags & STREAMTCP_FLAG_NOSERVER_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->server, p);
} else {
SCLogDebug("ssn %p: client => SEQ out of window, packet SEQ %" PRIu32 ", payload size %" PRIu32 " (%" PRIu32 "), ssn->server.last_ack %" PRIu32 ", ssn->server.next_win %" PRIu32 "(%"PRIu32") (ssn->server.ra_base_seq %"PRIu32")", ssn, TCP_GET_SEQ(p), p->payload_len, TCP_GET_SEQ(p) + p->payload_len, ssn->server.last_ack, ssn->server.next_win, TCP_GET_SEQ(p) + p->payload_len - ssn->server.next_win, ssn->server.ra_base_seq);
@ -804,7 +791,7 @@ static int StreamTcpPacketStateEstablished(ThreadVars *tv, Packet *p, StreamTcpT
if (SEQ_GT(TCP_GET_ACK(p),ssn->server.last_ack))
ssn->server.last_ack = TCP_GET_ACK(p);
if (ssn->client.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (! (ssn->flags & STREAMTCP_FLAG_NOCLIENT_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->client, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
ssn, ssn->client.next_seq, ssn->server.last_ack);
@ -821,7 +808,7 @@ static int StreamTcpPacketStateEstablished(ThreadVars *tv, Packet *p, StreamTcpT
if (SEQ_GT(TCP_GET_ACK(p),ssn->client.last_ack))
ssn->client.last_ack = TCP_GET_ACK(p);
if (ssn->server.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (!(ssn->flags & STREAMTCP_FLAG_NOSERVER_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->server, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
ssn, ssn->server.next_seq, ssn->client.last_ack);
@ -868,7 +855,7 @@ static int StreamTcpHandleFin(StreamTcpThread *stt, TcpSession *ssn, Packet *p)
if (SEQ_GT(TCP_GET_ACK(p),ssn->server.last_ack))
ssn->server.last_ack = TCP_GET_ACK(p);
if (ssn->client.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (! (ssn->flags & STREAMTCP_FLAG_NOCLIENT_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->client, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
@ -893,7 +880,7 @@ static int StreamTcpHandleFin(StreamTcpThread *stt, TcpSession *ssn, Packet *p)
if (SEQ_GT(TCP_GET_ACK(p),ssn->client.last_ack))
ssn->client.last_ack = TCP_GET_ACK(p);
if (ssn->server.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (!(ssn->flags & STREAMTCP_FLAG_NOSERVER_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->server, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
@ -936,7 +923,7 @@ static int StreamTcpPacketStateFinWait1(ThreadVars *tv, Packet *p, StreamTcpThre
if (SEQ_GT(TCP_GET_ACK(p),ssn->server.last_ack))
ssn->server.last_ack = TCP_GET_ACK(p);
if (ssn->client.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (! (ssn->flags & STREAMTCP_FLAG_NOCLIENT_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->client, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
ssn, ssn->client.next_seq, ssn->server.last_ack);
@ -950,7 +937,7 @@ static int StreamTcpPacketStateFinWait1(ThreadVars *tv, Packet *p, StreamTcpThre
if (SEQ_GT(TCP_GET_ACK(p),ssn->client.last_ack))
ssn->client.last_ack = TCP_GET_ACK(p);
if (ssn->server.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (!(ssn->flags & STREAMTCP_FLAG_NOSERVER_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->server, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
ssn, ssn->server.next_seq, ssn->client.last_ack);
@ -983,7 +970,7 @@ static int StreamTcpPacketStateFinWait1(ThreadVars *tv, Packet *p, StreamTcpThre
if (SEQ_GT(TCP_GET_ACK(p),ssn->server.last_ack))
ssn->server.last_ack = TCP_GET_ACK(p);
if (ssn->client.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (! (ssn->flags & STREAMTCP_FLAG_NOCLIENT_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->client, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
ssn, ssn->client.next_seq, ssn->server.last_ack);
@ -1005,7 +992,7 @@ static int StreamTcpPacketStateFinWait1(ThreadVars *tv, Packet *p, StreamTcpThre
if (SEQ_GT(TCP_GET_ACK(p),ssn->client.last_ack))
ssn->client.last_ack = TCP_GET_ACK(p);
if (ssn->server.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (!(ssn->flags & STREAMTCP_FLAG_NOSERVER_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->server, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
ssn, ssn->server.next_seq, ssn->client.last_ack);
@ -1067,7 +1054,7 @@ static int StreamTcpPacketStateFinWait2(ThreadVars *tv, Packet *p, StreamTcpThre
if (SEQ_GT(TCP_GET_ACK(p),ssn->server.last_ack))
ssn->server.last_ack = TCP_GET_ACK(p);
if (ssn->client.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (! (ssn->flags & STREAMTCP_FLAG_NOCLIENT_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->client, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
ssn, ssn->client.next_seq, ssn->server.last_ack);
@ -1088,7 +1075,7 @@ static int StreamTcpPacketStateFinWait2(ThreadVars *tv, Packet *p, StreamTcpThre
if (SEQ_GT(TCP_GET_ACK(p),ssn->client.last_ack))
ssn->client.last_ack = TCP_GET_ACK(p);
if (ssn->server.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (!(ssn->flags & STREAMTCP_FLAG_NOSERVER_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->server, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
ssn, ssn->server.next_seq, ssn->client.last_ack);
@ -1127,7 +1114,7 @@ static int StreamTcpPacketStateFinWait2(ThreadVars *tv, Packet *p, StreamTcpThre
if (SEQ_GT(TCP_GET_ACK(p),ssn->server.last_ack))
ssn->server.last_ack = TCP_GET_ACK(p);
if (ssn->client.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (! (ssn->flags & STREAMTCP_FLAG_NOCLIENT_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->client, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
@ -1149,7 +1136,7 @@ static int StreamTcpPacketStateFinWait2(ThreadVars *tv, Packet *p, StreamTcpThre
if (SEQ_GT(TCP_GET_ACK(p),ssn->client.last_ack))
ssn->client.last_ack = TCP_GET_ACK(p);
if (ssn->server.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (!(ssn->flags & STREAMTCP_FLAG_NOSERVER_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->server, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
ssn, ssn->server.next_seq, ssn->client.last_ack);
@ -1203,7 +1190,7 @@ static int StreamTcpPacketStateClosing(ThreadVars *tv, Packet *p, StreamTcpThrea
if (SEQ_GT(TCP_GET_ACK(p),ssn->server.last_ack))
ssn->server.last_ack = TCP_GET_ACK(p);
if (ssn->client.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (! (ssn->flags & STREAMTCP_FLAG_NOCLIENT_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->client, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
ssn, ssn->client.next_seq, ssn->server.last_ack);
@ -1224,7 +1211,7 @@ static int StreamTcpPacketStateClosing(ThreadVars *tv, Packet *p, StreamTcpThrea
if (SEQ_GT(TCP_GET_ACK(p),ssn->client.last_ack))
ssn->client.last_ack = TCP_GET_ACK(p);
if (ssn->server.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (!(ssn->flags & STREAMTCP_FLAG_NOSERVER_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->server, p);
SCLogDebug("StreamTcpPacketStateClosing (%p): =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
ssn, ssn->server.next_seq, ssn->client.last_ack);
@ -1276,7 +1263,7 @@ static int StreamTcpPacketStateCloseWait(ThreadVars *tv, Packet *p, StreamTcpThr
if (SEQ_GT(TCP_GET_ACK(p),ssn->client.last_ack))
ssn->client.last_ack = TCP_GET_ACK(p);
if (ssn->server.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (!(ssn->flags & STREAMTCP_FLAG_NOSERVER_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->server, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
ssn, ssn->server.next_seq, ssn->client.last_ack);
@ -1329,7 +1316,7 @@ static int StreamTcpPakcetStateLastAck(ThreadVars *tv, Packet *p, StreamTcpThrea
if (SEQ_GT(TCP_GET_ACK(p),ssn->server.last_ack))
ssn->server.last_ack = TCP_GET_ACK(p);
if (ssn->client.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (! (ssn->flags & STREAMTCP_FLAG_NOCLIENT_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->client, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
ssn, ssn->client.next_seq, ssn->server.last_ack);
@ -1382,7 +1369,7 @@ static int StreamTcpPacketStateTimeWait(ThreadVars *tv, Packet *p, StreamTcpThre
if (SEQ_GT(TCP_GET_ACK(p),ssn->server.last_ack))
ssn->server.last_ack = TCP_GET_ACK(p);
if (ssn->client.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (! (ssn->flags & STREAMTCP_FLAG_NOCLIENT_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->client, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
ssn, ssn->client.next_seq, ssn->server.last_ack);
@ -1403,7 +1390,7 @@ static int StreamTcpPacketStateTimeWait(ThreadVars *tv, Packet *p, StreamTcpThre
if (SEQ_GT(TCP_GET_ACK(p),ssn->client.last_ack))
ssn->client.last_ack = TCP_GET_ACK(p);
if (ssn->server.flags & STREAMTCP_FLAG_NO_REASSEMBLY)
if (!(ssn->flags & STREAMTCP_FLAG_NOSERVER_REASSEMBLY))
StreamTcpReassembleHandleSegment(stt->ra_ctx, ssn, &ssn->server, p);
SCLogDebug("ssn %p: =+ next SEQ %" PRIu32 ", last ACK %" PRIu32 "",
ssn, ssn->server.next_seq, ssn->client.last_ack);

Write Preview
Loading…
Cancel
Save