Merge pull request #687 in SNORT/snort3 from fix_129_4_fp to master

author Shawn Turner (shaturne) <shaturne@cisco.com>

Tue, 25 Oct 2016 19:09:39 +0000 (15:09 -0400)

committer Shawn Turner (shaturne) <shaturne@cisco.com>

Tue, 25 Oct 2016 19:09:39 +0000 (15:09 -0400)
author Shawn Turner (shaturne) <shaturne@cisco.com>
Tue, 25 Oct 2016 19:09:39 +0000 (15:09 -0400)
committer Shawn Turner (shaturne) <shaturne@cisco.com>
Tue, 25 Oct 2016 19:09:39 +0000 (15:09 -0400)
diff --git a/src/flow/flow_control.cc b/src/flow/flow_control.cc

index 80a825a0051f4131f2906cb53a80e140636c715f..988233b08dc495015c1d85ec406d469c3a696b60 100644 (file)
--- a/src/flow/flow_control.cc
+++ b/src/flow/flow_control.cc
@@ -407,6 +407,8 @@ unsigned FlowControl::process(Flow* flow, Packet* p)
  
      last_pkt_type = p->type();
      preemptive_cleanup();
+    flow->set_direction(p);
+    flow->session->precheck(p);
  
      if ( flow->flow_state != Flow::FlowState::SETUP )
          set_policies(snort_conf, flow->policy_id);
diff --git a/src/flow/session.h b/src/flow/session.h

index 745c3822675159903ace5d99747de0b37676ae21..535dcc8e9765fa9af6d3425392570c18443ba2ed 100644 (file)
--- a/src/flow/session.h
+++ b/src/flow/session.h
@@ -39,6 +39,7 @@ public:
      virtual int process(Packet*) { return 0; }
  
      virtual void restart(Packet*) { }
+    virtual void precheck(Packet*) { }
      virtual void clear() = 0;
      virtual void cleanup() { clear(); }
  
diff --git a/src/stream/tcp/tcp_session.cc b/src/stream/tcp/tcp_session.cc

index f686dd871c0e4ed651496d55b71fa280ea7fa23a..fd590da874f2d4758f02ebd3ed68b738452d73b1 100644 (file)
--- a/src/stream/tcp/tcp_session.cc
+++ b/src/stream/tcp/tcp_session.cc
@@ -1047,14 +1047,17 @@ void TcpSession::cleanup_session_if_expired(Packet* p)
      }
  }
  
-bool TcpSession::do_packet_analysis_pre_checks(Packet* p, TcpSegmentDescriptor& tsd)
+void TcpSession::precheck(Packet* p)
  {
-    if ( !is_flow_handling_packets(p) )
-        return false;
-
      // Check if the session is expired. Should be done before we do something with
      // the packet...Insert a packet, or handle state change SYN, FIN, RST, etc.
      cleanup_session_if_expired(p);
+}
+
+bool TcpSession::do_packet_analysis_pre_checks(Packet* p, TcpSegmentDescriptor& tsd)
+{
+    if ( !is_flow_handling_packets(p) )
+        return false;
  
      pkt_action_mask = ACTION_NOTHING;
      tel.clear_tcp_events();
diff --git a/src/stream/tcp/tcp_session.h b/src/stream/tcp/tcp_session.h

index 9b8e56fb4f837f43e5f1dd273752f4f9a186cbbb..e9d8dfa3eecebcc3d2c79f36dd5bb71e7cb0dc66 100644 (file)
--- a/src/stream/tcp/tcp_session.h
+++ b/src/stream/tcp/tcp_session.h
@@ -43,6 +43,7 @@ public:
  
      bool setup(Packet*) override;
      void restart(Packet* p) override;
+    void precheck(Packet* p) override;
      int process(Packet*) override;
  
      void flush() override;
diff --git a/src/stream/tcp/test/tcp_normalizer_test.cc b/src/stream/tcp/test/tcp_normalizer_test.cc

index 30bbfe6889742387e019c70bbc268eb900d18a44..17536cf0159a5bfb12794149dfbf6b4df2931b5c 100644 (file)
--- a/src/stream/tcp/test/tcp_normalizer_test.cc
+++ b/src/stream/tcp/test/tcp_normalizer_test.cc
@@ -48,6 +48,7 @@ bool TcpSession::setup(Packet*){ return true; }
  void TcpSession::update_direction(char, sfip_t const*, unsigned short){ }
  int TcpSession::process(Packet*){ return 0; }
  void TcpSession::restart(Packet*){ }
+void TcpSession::precheck(Packet*){ }
  void TcpSession::clear(){ }
  void TcpSession::cleanup(){ }
  bool TcpSession::add_alert(Packet*, unsigned int, unsigned int){ return true; }
author	Shawn Turner (shaturne) <shaturne@cisco.com>
	Tue, 25 Oct 2016 19:09:39 +0000 (15:09 -0400)
committer	Shawn Turner (shaturne) <shaturne@cisco.com>
	Tue, 25 Oct 2016 19:09:39 +0000 (15:09 -0400)
src/flow/flow_control.cc		patch \| blob \| blame \| history
src/flow/session.h		patch \| blob \| blame \| history
src/stream/tcp/tcp_session.cc		patch \| blob \| blame \| history
src/stream/tcp/tcp_session.h		patch \| blob \| blame \| history
src/stream/tcp/test/tcp_normalizer_test.cc		patch \| blob \| blame \| history