|
|
|
|
@ -4551,60 +4551,8 @@ int StreamTcpPacket (ThreadVars *tv, Packet *p, StreamTcpThread *stt,
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case TCP_CLOSED:
|
|
|
|
|
/* TCP session memory is not returned to pool until timeout.
|
|
|
|
|
* If in the mean time we receive any other session from
|
|
|
|
|
* the same client reusing same port then we switch back to
|
|
|
|
|
* tcp state none, but only on a valid SYN that is not a
|
|
|
|
|
* resend from our previous session.
|
|
|
|
|
*
|
|
|
|
|
* We also check it's not a SYN/ACK, all other SYN pkt
|
|
|
|
|
* validation is done at StreamTcpPacketStateNone();
|
|
|
|
|
*/
|
|
|
|
|
if (PKT_IS_TOSERVER(p) && (p->tcph->th_flags & TH_SYN) &&
|
|
|
|
|
!(p->tcph->th_flags & TH_ACK) &&
|
|
|
|
|
!(SEQ_EQ(ssn->client.isn, TCP_GET_SEQ(p))))
|
|
|
|
|
{
|
|
|
|
|
SCLogDebug("reusing closed TCP session");
|
|
|
|
|
|
|
|
|
|
/* return segments */
|
|
|
|
|
StreamTcpReturnStreamSegments(&ssn->client);
|
|
|
|
|
StreamTcpReturnStreamSegments(&ssn->server);
|
|
|
|
|
/* free SACK list */
|
|
|
|
|
StreamTcpSackFreeList(&ssn->client);
|
|
|
|
|
StreamTcpSackFreeList(&ssn->server);
|
|
|
|
|
/* reset the app layer state */
|
|
|
|
|
FlowCleanupAppLayer(p->flow);
|
|
|
|
|
|
|
|
|
|
ssn->state = 0;
|
|
|
|
|
ssn->flags = 0;
|
|
|
|
|
ssn->client.flags = 0;
|
|
|
|
|
ssn->server.flags = 0;
|
|
|
|
|
|
|
|
|
|
/* set state the NONE, also pulls flow out of closed queue */
|
|
|
|
|
StreamTcpPacketSetState(p, ssn, TCP_NONE);
|
|
|
|
|
|
|
|
|
|
p->flow->alproto_ts = p->flow->alproto_tc = p->flow->alproto = ALPROTO_UNKNOWN;
|
|
|
|
|
p->flow->data_al_so_far[0] = p->flow->data_al_so_far[1] = 0;
|
|
|
|
|
ssn->data_first_seen_dir = 0;
|
|
|
|
|
p->flow->flags &= (~FLOW_TS_PM_ALPROTO_DETECT_DONE &
|
|
|
|
|
~FLOW_TS_PP_ALPROTO_DETECT_DONE &
|
|
|
|
|
~FLOW_TC_PM_ALPROTO_DETECT_DONE &
|
|
|
|
|
~FLOW_TC_PP_ALPROTO_DETECT_DONE);
|
|
|
|
|
p->flow->flags &= ~ FLOW_NO_APPLAYER_INSPECTION;
|
|
|
|
|
if (p->flow->de_state != NULL) {
|
|
|
|
|
SCMutexLock(&p->flow->de_state_m);
|
|
|
|
|
DetectEngineStateReset(p->flow->de_state, (STREAM_TOSERVER | STREAM_TOCLIENT));
|
|
|
|
|
SCMutexUnlock(&p->flow->de_state_m);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (StreamTcpPacketStateNone(tv,p,stt,ssn, &stt->pseudo_queue)) {
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
SCPerfCounterIncr(stt->counter_tcp_reused_ssn, tv->sc_perf_pca);
|
|
|
|
|
} else {
|
|
|
|
|
SCLogDebug("packet received on closed state");
|
|
|
|
|
}
|
|
|
|
|
/* TCP session memory is not returned to pool until timeout. */
|
|
|
|
|
SCLogDebug("packet received on closed state");
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
SCLogDebug("packet received on default state");
|
|
|
|
|
|
Victor Julien
11 years ago