Merge pull request #2891 in SNORT/snort3 from ~RAMANKS/snort3:ifnat to master

Squashed commit of the following:

commit dc99b72290f72631d5bf16b2a4ea4096e8386fd4
Author: Raman Krishnan <ramanks@cisco.com>
Date:   Mon May 17 14:20:37 2021 -0700

    codecs: support inner flor NAT

diff --git a/cmake/FindDAQ.cmake b/cmake/FindDAQ.cmake
index f9b6f3aa7cbe80358a7c3c2029d5574a7841b437..b92f0003043cfeb94aa3a31b97d38b68f266e084 100644 (file)
--- a/cmake/FindDAQ.cmake
+++ b/cmake/FindDAQ.cmake
@@ -16,7 +16,7 @@ This module defines:
 #]=======================================================================]
 
 find_package(PkgConfig)
-pkg_check_modules(PC_DAQ libdaq>=3.0.2)
+pkg_check_modules(PC_DAQ libdaq>=3.0.4)
 
 # Use DAQ_INCLUDE_DIR_HINT and DAQ_LIBRARIES_DIR_HINT from configure_cmake.sh as primary hints
 # and then package config information after that.

diff --git a/src/codecs/ip/cd_ipv4.cc b/src/codecs/ip/cd_ipv4.cc
index b77bf0caf31cb6af7c3e51aecc8b4366f14c59aa..17cd419971fb41988dda088281e11dc6b0b62f26 100644 (file)
--- a/src/codecs/ip/cd_ipv4.cc
+++ b/src/codecs/ip/cd_ipv4.cc
@@ -243,7 +243,7 @@ bool Ipv4Codec::decode(const RawData& raw, CodecData& codec, DecodeData& snort)
     snort.ip_api.set(iph);
     // update to real IP when needed
     const DAQ_NAPTInfo_t* napti = (const DAQ_NAPTInfo_t*) daq_msg_get_meta(raw.daq_msg, DAQ_PKT_META_NAPT_INFO);
-    if (napti && codec.ip_layer_cnt == 1)
+    if (napti && codec.ip_layer_cnt == napti->ip_layer)
     {
         SfIp real_src;
         SfIp real_dst;

diff --git a/src/codecs/ip/cd_ipv6.cc b/src/codecs/ip/cd_ipv6.cc
index 23bf5c6c648e5ea589b0d1751f1d2a750fe7a935..617939faac41657c13d04bc6fcabd6ea9909857d 100644 (file)
--- a/src/codecs/ip/cd_ipv6.cc
+++ b/src/codecs/ip/cd_ipv6.cc
@@ -204,7 +204,7 @@ bool Ipv6Codec::decode(const RawData& raw, CodecData& codec, DecodeData& snort)
     snort.ip_api.set(ip6h);
     // update to real IP when needed
     const DAQ_NAPTInfo_t* napti = (const DAQ_NAPTInfo_t*) daq_msg_get_meta(raw.daq_msg, DAQ_PKT_META_NAPT_INFO);
-    if (napti && codec.ip_layer_cnt == 1)
+    if (napti && codec.ip_layer_cnt == napti->ip_layer)
     {
         SfIp real_src;
         SfIp real_dst;

diff --git a/src/codecs/ip/cd_tcp.cc b/src/codecs/ip/cd_tcp.cc
index dff5981d1d05809f34951b1c452e2279de57ef7e..6a38242dccee04bfce01fe527dabff307a4449e2 100644 (file)
--- a/src/codecs/ip/cd_tcp.cc
+++ b/src/codecs/ip/cd_tcp.cc
@@ -272,7 +272,7 @@ bool TcpCodec::decode(const RawData& raw, CodecData& codec, DecodeData& snort)
     snort.tcph = tcph;
 
     const DAQ_NAPTInfo_t* napti = (const DAQ_NAPTInfo_t*) daq_msg_get_meta(raw.daq_msg, DAQ_PKT_META_NAPT_INFO);
-    if (napti && codec.ip_layer_cnt == 1)
+    if (napti && codec.ip_layer_cnt == napti->ip_layer)
     {
         snort.sp = ntohs(napti->src_port);
         snort.dp = ntohs(napti->dst_port);

diff --git a/src/codecs/ip/cd_udp.cc b/src/codecs/ip/cd_udp.cc
index 9d8a3822e6b87abeee5f3465623d669352f32d63..f61133ab1e4c5202c10034c5a4bd52792474e2bb 100644 (file)
--- a/src/codecs/ip/cd_udp.cc
+++ b/src/codecs/ip/cd_udp.cc
@@ -392,7 +392,7 @@ bool UdpCodec::decode(const RawData& raw, CodecData& codec, DecodeData& snort)
     uint16_t dst_port;
 
     const DAQ_NAPTInfo_t* napti = (const DAQ_NAPTInfo_t*) daq_msg_get_meta(raw.daq_msg, DAQ_PKT_META_NAPT_INFO);
-    if (napti && codec.ip_layer_cnt == 1)
+    if (napti && codec.ip_layer_cnt == napti->ip_layer)
     {
         src_port = ntohs(napti->src_port);
         dst_port = ntohs(napti->dst_port);