From d6a98aa1c3bcd72d757c884915edadb67121e762 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Antti=20T=C3=B6nkyr=C3=A4?= Date: Mon, 19 Mar 2018 12:18:56 +0200 Subject: [PATCH] stream-tcp: add counters for midstream pickups If midstream pickups are enabled this will help in discovering how many midstream pickups are being done by Suricata. --- src/stream-tcp.c | 3 +++ src/stream-tcp.h | 2 ++ 2 files changed, 5 insertions(+) diff --git a/src/stream-tcp.c b/src/stream-tcp.c index bfa15caf3..c25978e07 100644 --- a/src/stream-tcp.c +++ b/src/stream-tcp.c @@ -921,6 +921,7 @@ static int StreamTcpPacketStateNone(ThreadVars *tv, Packet *p, return -1; } StatsIncr(tv, stt->counter_tcp_sessions); + StatsIncr(tv, stt->counter_tcp_midstream_pickups); } /* set the state */ StreamTcpPacketSetState(p, ssn, TCP_SYN_RECV); @@ -1065,6 +1066,7 @@ static int StreamTcpPacketStateNone(ThreadVars *tv, Packet *p, return -1; } StatsIncr(tv, stt->counter_tcp_sessions); + StatsIncr(tv, stt->counter_tcp_midstream_pickups); } /* set the state */ StreamTcpPacketSetState(p, ssn, TCP_ESTABLISHED); @@ -5040,6 +5042,7 @@ TmEcode StreamTcpThreadInit(ThreadVars *tv, void *initdata, void **data) stt->counter_tcp_syn = StatsRegisterCounter("tcp.syn", tv); stt->counter_tcp_synack = StatsRegisterCounter("tcp.synack", tv); stt->counter_tcp_rst = StatsRegisterCounter("tcp.rst", tv); + stt->counter_tcp_midstream_pickups = StatsRegisterCounter("tcp.midstream_pickups", tv); /* init reassembly ctx */ stt->ra_ctx = StreamTcpReassembleInitThreadCtx(tv); diff --git a/src/stream-tcp.h b/src/stream-tcp.h index 16c6b455b..4c06d93b3 100644 --- a/src/stream-tcp.h +++ b/src/stream-tcp.h @@ -94,6 +94,8 @@ typedef struct StreamTcpThread_ { uint16_t counter_tcp_synack; /** rst pkts */ uint16_t counter_tcp_rst; + /** midstream pickups */ + uint16_t counter_tcp_midstream_pickups; /** tcp reassembly thread data */ TcpReassemblyThreadCtx *ra_ctx; -- 2.47.3