Merge in SNORT/snort3 from ~RSHAFIQ/snort3:gcp_perf to master
Squashed commit of the following:
commit
1e3853009369678775c85dc30d7f3669a352dcc2
Author: rshafiq <rshafiq@cisco.com>
Date: Wed Dec 13 17:23:28 2023 -0500
stream_tcp: persist disable_reassembly in Flow
if ( remove_gadget and packet->flow and !packet->is_rebuilt() )
{
Stream::disable_reassembly(packet->flow);
+ packet->flow->flags.disable_reassembly_by_ips = true;
if ( packet->flow->gadget )
packet->flow->clear_gadget();
bool retry_queued : 1; // Set if a packet was queued for retry for this flow
bool ha_flow : 1; // Set if this flow was created by an HA message
bool ips_event_suppressed : 1; // Set if event filters have suppressed ips event
+ bool disable_reassembly_by_ips : 1; // Set if IPS has disabled reassembly for this flow
} flags = {};
FlowState flow_state = FlowState::SETUP;
if ( !splitter_init and tsd.is_data_segment() and
(tcp_init or is_midstream_allowed(tsd)) )
{
- if ( !(tcp_config->flags & STREAM_CONFIG_NO_REASSEMBLY) )
+ if ( !(tcp_config->flags & STREAM_CONFIG_NO_REASSEMBLY) and
+ !(tsd.get_flow()->flags.disable_reassembly_by_ips) )
{
client.set_splitter(tsd.get_flow());
server.set_splitter(tsd.get_flow());
projects / thirdparty / snort3.git / commitdiff
