return TM_ECODE_FAILED;
}
+ /* update counters */
+ if ((p->tcph->th_flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)) {
+ StatsIncr(tv, dtv->counter_tcp_synack);
+ } else if (p->tcph->th_flags & (TH_SYN)) {
+ StatsIncr(tv, dtv->counter_tcp_syn);
+ }
+ if (p->tcph->th_flags & (TH_RST)) {
+ StatsIncr(tv, dtv->counter_tcp_rst);
+ }
#ifdef DEBUG
SCLogDebug("TCP sp: %" PRIu32 " -> dp: %" PRIu32 " - HLEN: %" PRIu32 " LEN: %" PRIu32 " %s%s%s%s%s%s",
GET_TCP_SRC_PORT(p), GET_TCP_DST_PORT(p), TCP_GET_HLEN(p), len,
dtv->counter_null = StatsRegisterCounter("decoder.null", tv);
dtv->counter_sll = StatsRegisterCounter("decoder.sll", tv);
dtv->counter_tcp = StatsRegisterCounter("decoder.tcp", tv);
+
+ dtv->counter_tcp_syn = StatsRegisterCounter("tcp.syn", tv);
+ dtv->counter_tcp_synack = StatsRegisterCounter("tcp.synack", tv);
+ dtv->counter_tcp_rst = StatsRegisterCounter("tcp.rst", tv);
+
dtv->counter_udp = StatsRegisterCounter("decoder.udp", tv);
dtv->counter_sctp = StatsRegisterCounter("decoder.sctp", tv);
dtv->counter_esp = StatsRegisterCounter("decoder.esp", tv);
uint16_t counter_ipv4;
uint16_t counter_ipv6;
uint16_t counter_tcp;
+ uint16_t counter_tcp_syn;
+ uint16_t counter_tcp_synack;
+ uint16_t counter_tcp_rst;
uint16_t counter_udp;
uint16_t counter_icmpv4;
uint16_t counter_icmpv6;
}
}
- /* update counters */
- if ((p->tcph->th_flags & (TH_SYN|TH_ACK)) == (TH_SYN|TH_ACK)) {
- StatsIncr(tv, stt->counter_tcp_synack);
- } else if (p->tcph->th_flags & (TH_SYN)) {
- StatsIncr(tv, stt->counter_tcp_syn);
- }
- if (p->tcph->th_flags & (TH_RST)) {
- StatsIncr(tv, stt->counter_tcp_rst);
- }
-
/* broken TCP http://ask.wireshark.org/questions/3183/acknowledgment-number-broken-tcp-the-acknowledge-field-is-nonzero-while-the-ack-flag-is-not-set */
if (!(p->tcph->th_flags & TH_ACK) && TCP_GET_ACK(p) != 0) {
StreamTcpSetEvent(p, STREAM_PKT_BROKEN_ACK);
stt->counter_tcp_pseudo = StatsRegisterCounter("tcp.pseudo", tv);
stt->counter_tcp_pseudo_failed = StatsRegisterCounter("tcp.pseudo_failed", tv);
stt->counter_tcp_invalid_checksum = StatsRegisterCounter("tcp.invalid_checksum", tv);
- stt->counter_tcp_syn = StatsRegisterCounter("tcp.syn", tv);
- stt->counter_tcp_synack = StatsRegisterCounter("tcp.synack", tv);
- stt->counter_tcp_rst = StatsRegisterCounter("tcp.rst", tv);
stt->counter_tcp_midstream_pickups = StatsRegisterCounter("tcp.midstream_pickups", tv);
stt->counter_tcp_wrong_thread = StatsRegisterCounter("tcp.pkt_on_wrong_thread", tv);
stt->counter_tcp_ack_unseen_data = StatsRegisterCounter("tcp.ack_unseen_data", tv);
uint16_t counter_tcp_invalid_checksum;
/** sessions reused */
uint16_t counter_tcp_reused_ssn;
- /** syn pkts */
- uint16_t counter_tcp_syn;
- /** syn/ack pkts */
- uint16_t counter_tcp_synack;
- /** rst pkts */
- uint16_t counter_tcp_rst;
/** midstream pickups */
uint16_t counter_tcp_midstream_pickups;
/** wrong thread */
projects / thirdparty / suricata.git / commitdiff
