Pull request #4142: CSCwh95127 - Skip initial seglist holes for midstream flows in IPS mode
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:ips_seglist_hole_cscwh95127 to master
Squashed commit of the following:
commit
24510aba30c9cb8681d8bef03fb9b7d7ba2692f2
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Dec 8 14:46:11 2023 -0500
stream_tcp: on midstream pickup the peer that received the initial midstream packet remains in
MID_STREAM_RECV state until a packet with an ACK is sent by that peer. Data packets received are added
to the seglist but reassembly is not initiated. When the ACK is seen the seglist is scanned for holes
left of the ACK and all packets left of the holes are purged and reassembly started with the first
packet to the right of the hole
set packet direction flag based on direction saved in reassembly state
projects / thirdparty / snort3.git / commit
