bug 508 - List (ack | cwr | ecn) combination to be accepted by our stream engine.

This isn't a perfect solution.  More like we have patched this for the case we
are in tcp's established state.  The right solution would be to accept states
based on the presence(using operator OR) of certain flags in the tcp header,
rather than list out all possible flag combinations.

diff --git a/src/stream-tcp.c b/src/stream-tcp.c
index 2e6f219455cbf4630ce115c96f576dd4cdbe18f3..c40a708188d417d172d04cd6af64b78b196c24a9 100644 (file)
--- a/src/stream-tcp.c
+++ b/src/stream-tcp.c
@@ -1965,14 +1965,15 @@ static int StreamTcpPacketStateEstablished(ThreadVars *tv, Packet *p,
             StreamTcpSetEvent(p, STREAM_EST_SYNACK_RESEND);
             return -1;
             break;
-        case TH_ACK|TH_URG:
         case TH_ACK:
+        case TH_ACK|TH_URG:
         case TH_ACK|TH_CWR:
         case TH_ACK|TH_ECN:
         case TH_ACK|TH_PUSH:
         case TH_ACK|TH_PUSH|TH_ECN:
         case TH_ACK|TH_PUSH|TH_ECN|TH_CWR:
         case TH_ACK|TH_PUSH|TH_URG:
+        case TH_ACK|TH_PUSH|TH_CWR:
             /* Urgent pointer size can be more than the payload size, as it tells
              * the future coming data from the sender will be handled urgently
              * until data of size equal to urgent offset has been processed