flow/timeout: no pseudo packets for dropped flows

When a flow is in the drop flow state, don't use pseudo packets
when it is timing out. There should be no work left to do at this
point.

diff --git a/src/flow-manager.c b/src/flow-manager.c
index 0d659ed45bfd07711bf7e6f75d18888887d889cb..71d63760ec1c6e791b7b52ce8b844d938f1a5548 100644 (file)
--- a/src/flow-manager.c
+++ b/src/flow-manager.c
@@ -281,7 +281,8 @@ static uint32_t ProcessAsideQueue(FlowManagerTimeoutThread *td, FlowTimeoutCount
     while ((f = FlowQueuePrivateGetFromTop(&td->aside_queue)) != NULL) {
         /* flow is still locked */
 
-        if (f->proto == IPPROTO_TCP && !(f->flags & FLOW_TIMEOUT_REASSEMBLY_DONE) &&
+        if (f->proto == IPPROTO_TCP &&
+                !(f->flags & (FLOW_TIMEOUT_REASSEMBLY_DONE | FLOW_ACTION_DROP)) &&
                 !FlowIsBypassed(f) && FlowForceReassemblyNeedReassembly(f) == 1) {
             /* Send the flow to its thread */
             FlowForceReassemblyForFlow(f);

diff --git a/src/flow-worker.c b/src/flow-worker.c
index ec9b5344dad43a7458d3e4f98519e23f76c25b69..6a4440dc84a887bafd347465db97307f4f37dccf 100644 (file)
--- a/src/flow-worker.c
+++ b/src/flow-worker.c
@@ -185,8 +185,9 @@ static void CheckWorkQueue(ThreadVars *tv, FlowWorkerThreadData *fw, FlowTimeout
         f->flow_end_flags |= FLOW_END_FLAG_TIMEOUT; //TODO emerg
 
         if (f->proto == IPPROTO_TCP) {
-            if (!(f->flags & FLOW_TIMEOUT_REASSEMBLY_DONE) && !FlowIsBypassed(f) &&
-                    FlowForceReassemblyNeedReassembly(f) == 1 && f->ffr != 0) {
+            if (!(f->flags & (FLOW_TIMEOUT_REASSEMBLY_DONE | FLOW_ACTION_DROP)) &&
+                    !FlowIsBypassed(f) && FlowForceReassemblyNeedReassembly(f) == 1 &&
+                    f->ffr != 0) {
                 /* read detect thread in case we're doing a reload */
                 void *detect_thread = SC_ATOMIC_GET(fw->detect_thread);
                 int cnt = FlowFinish(tv, f, fw, detect_thread);