]> git.ipfire.org Git - thirdparty/snort3.git/commitdiff
projects / thirdparty / snort3.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a40900f)
Pull request #4597: stream_tcp: changed asymmetric flows counter increment conditions
authorVolodymyr Shpyrka -X (vshpyrka - SOFTSERVE INC at Cisco) <vshpyrka@cisco.com>
Wed, 19 Feb 2025 19:00:52 +0000 (19:00 +0000)
committerSteven Baigal (sbaigal) <sbaigal@cisco.com>
Wed, 19 Feb 2025 19:00:52 +0000 (19:00 +0000)
Merge in SNORT/snort3 from ~VSHPYRKA/snort3:asymmetric_flows_increment to master

Squashed commit of the following:

commit b39215a709fac5e03c82d424561a169ac622f221
Author: Volodymyr Shpyrka <vshpyrka@cisco.com>
Date:   Mon Feb 3 10:41:07 2025 -0500

    stream_tcp: changed asymmetric flows counter increment conditions

src/stream/tcp/tcp_session.cc patch | blob | blame | history
src/stream/tcp/tcp_session.h patch | blob | blame | history

diff --git a/src/stream/tcp/tcp_session.cc b/src/stream/tcp/tcp_session.cc
index 8540089672397327c8e893d1db7c985e7d9fb376..aa3e22332ac7da3c6215ea42c3bbbda23dcbaa4a 100644 (file)
--- a/src/stream/tcp/tcp_session.cc
+++ b/src/stream/tcp/tcp_session.cc
@@ -174,7 +174,7 @@ void TcpSession::clear_session(bool free_flow_data, bool flush_segments, bool re
     tcp_init = false;
     tcpStats.released++;
 
-    if ( !flow->two_way_traffic() and free_flow_data )
+    if ( is_data_transferred_asymmetrically() and free_flow_data )
         tcpStats.asymmetric_flows++;
 
     client.clear_tracker(flow, p, flush_segments, restart);
@@ -188,6 +188,12 @@ void TcpSession::clear_session(bool free_flow_data, bool flush_segments, bool re
         flow->clear(free_flow_data);
 }
 
+bool TcpSession::is_data_transferred_asymmetrically() const
+{
+    return !flow->two_way_traffic()
+        && (client.seglist.data_was_queued() != server.seglist.data_was_queued());
+}
+
 void TcpSession::update_perf_base_state(char newState)
 {
     uint32_t session_flags = flow->get_session_flags();
diff --git a/src/stream/tcp/tcp_session.h b/src/stream/tcp/tcp_session.h
index 2e428048903a323dc65e48a55cfb245d78ee23b0..cf74001fbed7ebc002e1bea6b3fcd99dd6846ac2 100644 (file)
--- a/src/stream/tcp/tcp_session.h
+++ b/src/stream/tcp/tcp_session.h
@@ -110,6 +110,7 @@ public:
     void set_pseudo_established(snort::Packet*);
     void check_for_pseudo_established(snort::Packet*);
     bool check_for_one_sided_session(snort::Packet*);
+    bool is_data_transferred_asymmetrically() const;
 
     void check_for_repeated_syn(TcpSegmentDescriptor&);
     void check_for_session_hijack(TcpSegmentDescriptor&);
Mirror of https://github.com/snort3/snort3.git