git.ipfire.org Git - thirdparty/suricata.git/commit

author	Victor Julien <victor@inliniac.net>
	Sat, 24 Jan 2015 12:18:51 +0000 (13:18 +0100)
committer	Victor Julien <victor@inliniac.net>
	Wed, 4 Feb 2015 10:28:11 +0000 (11:28 +0100)
commit	a0732d3db23538689af9432e012d26241996b99b
tree	b38c100bf315df1be18ad4e14f3bb1222d27429e	tree
parent	9327b08ab16c10807b70a2fb200d5681ed6aea39	commit \| diff

flow: change flow state logic

A flow has 3 states: NEW, ESTABLISHED and CLOSED.

For all protocols except TCP, a flow is in state NEW as long as just one
side of the conversation has been seen. When both sides have been
observed the state is moved to ESTABLISHED.

TCP has a different logic, controlled by the stream engine. Here the TCP
state is leading.

Until now, when parts of the engine needed to know the flow state, it
would invoke a per protocol callback 'GetProtoState'. For TCP this would
return the state based on the TcpSession.

This patch changes this logic. It introduces an atomic variable in the
flow 'flow_state'. It defaults to NEW and is set to ESTABLISHED for non-
TCP protocols when we've seen both sides of the conversation.

For TCP, the state is updated from the TCP engine directly.

The goal is to allow for access to the state without holding the Flow's
main mutex lock. This will later allow the Flow Manager(s) to evaluate
the Flow w/o interupting it.

src/flow-hash.c		diff \| blob \| blame \| history
src/flow-manager.c		diff \| blob \| blame \| history
src/flow-private.h		diff \| blob \| blame \| history
src/flow-util.h		diff \| blob \| blame \| history
src/flow.c		diff \| blob \| blame \| history
src/flow.h		diff \| blob \| blame \| history
src/stream-tcp.c		diff \| blob \| blame \| history