From fe6e41e3efd3c97f4fbf947bb37a484bf84e668a Mon Sep 17 00:00:00 2001
From: Anoop Saldanha <poonaatsoc@gmail.com>
Date: Thu, 28 Apr 2011 10:38:34 +0530
Subject: [PATCH] Removed FLOW_AL_NO_APPLAYER_INSPECTION. Moved it as
 FLOW_NO_APPLAYER_INSPECTION in Flow->flags. Turned Flow->flags into uint32_t
 and removed Flow->alflags

---
 src/alert-debuglog.c   |  4 ++--
 src/app-layer-parser.c |  2 +-
 src/app-layer.c        |  8 ++++----
 src/flow-util.h        |  3 ---
 src/flow.h             | 44 ++++++++++++++++++++----------------------
 5 files changed, 28 insertions(+), 33 deletions(-)

diff --git a/src/alert-debuglog.c b/src/alert-debuglog.c
index 08c3f10af7..714ed473df 100644
--- a/src/alert-debuglog.c
+++ b/src/alert-debuglog.c
@@ -221,7 +221,7 @@ TmEcode AlertDebugLogIPv4(ThreadVars *tv, Packet *p, void *data, PacketQueue *pq
         fprintf(aft->file_ctx->fp, "FLOW NOINSPECTION: PACKET: %s, PAYLOAD: %s, APP_LAYER: %s\n",
                 p->flow->flags & FLOW_NOPACKET_INSPECTION ? "TRUE" : "FALSE",
                 p->flow->flags & FLOW_NOPAYLOAD_INSPECTION ? "TRUE" : "FALSE",
-                p->flow->alflags & FLOW_AL_NO_APPLAYER_INSPECTION ? "TRUE" : "FALSE");
+                p->flow->flags & FLOW_NO_APPLAYER_INSPECTION ? "TRUE" : "FALSE");
         fprintf(aft->file_ctx->fp, "FLOW APP_LAYER:    DETECTED: %s, PROTO %"PRIu16"\n",
                 (p->flow->alproto != ALPROTO_UNKNOWN) ? "TRUE" : "FALSE", p->flow->alproto);
         AlertDebugLogFlowVars(aft, p);
@@ -315,7 +315,7 @@ TmEcode AlertDebugLogIPv6(ThreadVars *tv, Packet *p, void *data, PacketQueue *pq
         fprintf(aft->file_ctx->fp, "FLOW NOINSPECTION: PACKET: %s, PAYLOAD: %s, APP_LAYER: %s\n",
         p->flow->flags & FLOW_NOPACKET_INSPECTION ? "TRUE" : "FALSE",
         p->flow->flags & FLOW_NOPAYLOAD_INSPECTION ? "TRUE" : "FALSE",
-        p->flow->alflags & FLOW_AL_NO_APPLAYER_INSPECTION ? "TRUE" : "FALSE");
+        p->flow->flags & FLOW_NO_APPLAYER_INSPECTION ? "TRUE" : "FALSE");
         fprintf(aft->file_ctx->fp, "FLOW APP_LAYER:    DETECTED: %s, PROTO %"PRIu16"\n",
                 (p->flow->alproto != ALPROTO_UNKNOWN) ? "TRUE" : "FALSE", p->flow->alproto);
         AlertDebugLogFlowVars(aft, p);
diff --git a/src/app-layer-parser.c b/src/app-layer-parser.c
index f6b37a2cfe..e862ff1ac1 100644
--- a/src/app-layer-parser.c
+++ b/src/app-layer-parser.c
@@ -1404,7 +1404,7 @@ static int AppLayerParserTest01 (void)
         goto end;
     }
 
-    if (!(f.alflags & FLOW_AL_NO_APPLAYER_INSPECTION))
+    if (!(f.flags & FLOW_NO_APPLAYER_INSPECTION))
     {
         printf("flag should have been set, but is not: ");
         goto end;
diff --git a/src/app-layer.c b/src/app-layer.c
index f7be83b9d4..95187f3c08 100644
--- a/src/app-layer.c
+++ b/src/app-layer.c
@@ -133,7 +133,7 @@ int AppLayerHandleTCPData(AlpProtoDetectThreadCtx *dp_ctx, Flow *f,
     alproto = f->alproto;
 
     SCLogDebug("data_len %u flags %02X", data_len, flags);
-    if (!(f->alflags & FLOW_AL_NO_APPLAYER_INSPECTION)) {
+    if (!(f->flags & FLOW_NO_APPLAYER_INSPECTION)) {
         /* if we don't know the proto yet and we have received a stream
          * initializer message, we run proto detection.
          * We receive 2 stream init msgs (one for each direction) but we
@@ -313,7 +313,7 @@ int AppLayerHandleMsg(AlpProtoDetectThreadCtx *dp_ctx, StreamMsg *smsg)
     if (ssn != NULL) {
         alproto = smsg->flow->alproto;
 
-        if (!(smsg->flow->alflags & FLOW_AL_NO_APPLAYER_INSPECTION)) {
+        if (!(smsg->flow->flags & FLOW_NO_APPLAYER_INSPECTION)) {
             /* if we don't know the proto yet and we have received a stream
              * initializer message, we run proto detection.
              * We receive 2 stream init msgs (one for each direction) but we
@@ -488,7 +488,7 @@ int AppLayerHandleUdp(AlpProtoDetectThreadCtx *dp_ctx, Flow *f, Packet *p)
             f->alproto = alproto;
             f->flags |= FLOW_ALPROTO_DETECT_DONE;
 
-            r = AppLayerParse(f, alproto, f->alflags,
+            r = AppLayerParse(f, alproto, flags,
                            p->payload, p->payload_len);
         } else {
             f->flags |= FLOW_ALPROTO_DETECT_DONE;
@@ -505,7 +505,7 @@ int AppLayerHandleUdp(AlpProtoDetectThreadCtx *dp_ctx, Flow *f, Packet *p)
         /* if we don't have a data object here we are not getting it
          * a start msg should have gotten us one */
         if (alproto != ALPROTO_UNKNOWN) {
-            r = AppLayerParse(f, alproto, f->alflags,
+            r = AppLayerParse(f, alproto, flags,
                         p->payload, p->payload_len);
         } else {
             SCLogDebug(" udp session not start, but no l7 data? Weird");
diff --git a/src/flow-util.h b/src/flow-util.h
index bd46ca0dde..263d8fb521 100644
--- a/src/flow-util.h
+++ b/src/flow-util.h
@@ -50,7 +50,6 @@
         (f)->sgh_toserver = NULL; \
         (f)->sgh_toclient = NULL; \
         (f)->aldata = NULL; \
-        (f)->alflags = 0; \
         (f)->alproto = 0; \
         (f)->tag_list = NULL; \
     } while (0)
@@ -84,7 +83,6 @@
             SCFree((f)->aldata); \
             (f)->aldata = NULL; \
         } \
-        (f)->alflags = 0; \
         (f)->alproto = 0; \
         DetectTagDataListFree((f)->tag_list); \
         (f)->tag_list = NULL; \
@@ -107,7 +105,6 @@
             SCFree((f)->aldata); \
             (f)->aldata = NULL; \
         } \
-        (f)->alflags = 0; \
         (f)->alproto = 0; \
         DetectTagDataListFree((f)->tag_list); \
         (f)->tag_list = NULL; \
diff --git a/src/flow.h b/src/flow.h
index 84ba6520fb..85b7a1ad31 100644
--- a/src/flow.h
+++ b/src/flow.h
@@ -38,43 +38,44 @@
 /* per flow flags */
 
 /** At least on packet from the source address was seen */
-#define FLOW_TO_SRC_SEEN            0x0001
+#define FLOW_TO_SRC_SEEN            0x00000001
 /** At least on packet from the destination address was seen */
-#define FLOW_TO_DST_SEEN            0x0002
+#define FLOW_TO_DST_SEEN            0x00000002
 
 /** Flow lives in the flow-state-NEW list */
-#define FLOW_NEW_LIST               0x0004
+#define FLOW_NEW_LIST               0x00000004
 /** Flow lives in the flow-state-EST (established) list */
-#define FLOW_EST_LIST               0x0008
+#define FLOW_EST_LIST               0x00000008
 /** Flow lives in the flow-state-CLOSED list */
-#define FLOW_CLOSED_LIST            0x0010
+#define FLOW_CLOSED_LIST            0x00000010
 
 /** Flow was inspected against IP-Only sigs in the toserver direction */
-#define FLOW_TOSERVER_IPONLY_SET    0x0020
+#define FLOW_TOSERVER_IPONLY_SET    0x00000020
 /** Flow was inspected against IP-Only sigs in the toclient direction */
-#define FLOW_TOCLIENT_IPONLY_SET    0x0040
+#define FLOW_TOCLIENT_IPONLY_SET    0x00000040
 
 /** Packet belonging to this flow should not be inspected at all */
-#define FLOW_NOPACKET_INSPECTION    0x0080
+#define FLOW_NOPACKET_INSPECTION    0x00000080
 /** Packet payloads belonging to this flow should not be inspected */
-#define FLOW_NOPAYLOAD_INSPECTION   0x0100
+#define FLOW_NOPAYLOAD_INSPECTION   0x00000100
 
 /** All packets in this flow should be dropped */
-#define FLOW_ACTION_DROP            0x0200
+#define FLOW_ACTION_DROP            0x00000200
 /** All packets in this flow should be accepted */
-#define FLOW_ACTION_PASS            0x0400
+#define FLOW_ACTION_PASS            0x00000400
 
 /** Sgh for toserver direction set (even if it's NULL) */
-#define FLOW_SGH_TOSERVER           0x0800
+#define FLOW_SGH_TOSERVER           0x00000800
 /** Sgh for toclient direction set (even if it's NULL) */
-#define FLOW_SGH_TOCLIENT           0x1000
+#define FLOW_SGH_TOCLIENT           0x00001000
 
 /** packet to server direction has been logged in drop file (only in IPS mode) */
-#define FLOW_TOSERVER_DROP_LOGGED   0x2000
+#define FLOW_TOSERVER_DROP_LOGGED   0x00002000
 /** packet to client direction has been logged in drop file (only in IPS mode) */
-#define FLOW_TOCLIENT_DROP_LOGGED   0x4000
+#define FLOW_TOCLIENT_DROP_LOGGED   0x00004000
 /** alproto detect done.  Right now we need it only for udp */
-#define FLOW_ALPROTO_DETECT_DONE    0x8000
+#define FLOW_ALPROTO_DETECT_DONE    0x00008000
+#define FLOW_NO_APPLAYER_INSPECTION 0x00010000
 
 /* pkt flow flags */
 #define FLOW_PKT_TOSERVER               0x01
@@ -151,7 +152,7 @@ typedef struct Flow_
 
     /* end of flow "header" */
 
-    uint16_t flags;
+    uint32_t flags;
 
     /* ts of flow init and last update */
     struct timeval lastts;
@@ -164,8 +165,8 @@ typedef struct Flow_
     /** mapping to Flow's protocol specific protocols for timeouts
         and state and free functions. */
     uint8_t protomap;
+    uint8_t pad0;
 
-    uint8_t alflags; /**< application level specific flags */
     uint16_t alproto; /**< application level protocol */
 
     /** how many pkts and stream msgs are using the flow *right now*. This
@@ -176,7 +177,7 @@ typedef struct Flow_
      */
     SC_ATOMIC_DECLARE(unsigned short, use_cnt);
 
-    uint16_t pad0;
+    uint16_t pad1;
 
     void **aldata; /**< application level storage ptrs */
 
@@ -214,9 +215,6 @@ typedef struct Flow_
 
 } Flow;
 
-/** Flow Application Level flags */
-#define FLOW_AL_NO_APPLAYER_INSPECTION  0x04 /** \todo move to flow flags later */
-
 enum {
     FLOW_STATE_NEW = 0,
     FLOW_STATE_ESTABLISHED,
@@ -331,7 +329,7 @@ static inline void FlowSetNoPayloadInspectionFlag(Flow *f) {
  *  \param f *LOCKED* flow
  */
 static inline void FlowSetSessionNoApplayerInspectionFlag(Flow *f) {
-    f->alflags |= FLOW_AL_NO_APPLAYER_INSPECTION;
+    f->flags |= FLOW_NO_APPLAYER_INSPECTION;
 }