Currently only the ICMP Unreachable message is handled by the ICMP session
module.
+The module icmp_ha.cc (and icmp_ha.h) implements the per-protocol hooks into
+the stream logic for HA. IcmpHAManager is a static class that interfaces
+to a per-packet thread instance of the class IcmpHA. IcmpHA is sub-class
+of ProtocolHA, declared in the stream/base area. Thus each protocol
+within 'stream' can have specific HA logic and interfaces.
+
+IcmpHAManager::process_deletion() is called when an ICMP stream is being
+destroyed and indicates to the stream & flow HA logic that a flow
+deletion HA message needs to be emitted for the flow in question.
+Icmp streams are closed due to timeout or puning actions which lead
+to the invocation of process_deletion().
+
+IcmpHA::create_session() is called from the stream & flow HA logic and
+handles the creation of new flow upon receiving an HA update message.
packet eval method is not used as the base Stream Inspector delegates
packets directly to the IP session packet processing method.
+The module ip_ha.cc (and ip_ha.h) implements the per-protocol hooks into
+the stream logic for HA. IpHAManager is a static class that interfaces
+to a per-packet thread instance of the class IpHA. IpHA is sub-class
+of ProtocolHA, declared in the stream/base area. Thus each protocol
+within 'stream' can have specific HA logic and interfaces.
+
+IpHAManager::process_deletion() is called when an IP stream is being
+destroyed and indicates to the stream & flow HA logic that a flow
+deletion HA message needs to be emitted for the flow in question.
+Ip streams are closed due to timeout or puning actions which lead
+to the invocation of process_deletion().
+
+IpHA::create_session() is called from the stream & flow HA logic and
+handles the creation of new flow upon receiving an HA update message.
* TCP State Machine - this class is the engine that dispatches processing to the correct
event handling method of the handler for the current TCP state of the flow.
+Most of the TCP HA processing is contained in the ../tcp area and one needed to refer
+to ../tcp/dev_notes.txt for a description.
+
+One HA state transition is implemented within this TCP library. In
+TcpStreamSession::clear(), TcpHAManager::process_deletion() is invoked to
+cause HA to generate a Deletion message for the target flow. This handles
+the case where a TCP session is being removed from from the flow cache due
+to a timeout or pruning function. Other normal TCP stream closure actions
+are handled in the ../tcp/tcp_session.cc module.
An instance of this data structure is allocated and managed for each end of
the connection.
-
+The module tcp_ha.cc (and tcp_ha.h) implements the per-protocol hooks into
+the stream logic for HA. TcpHAManager is a static class that interfaces
+to a per-packet thread instance of the class TcpHA. TcpHA is sub-class
+of ProtocolHA, declared in the stream/base area. Thus each protocol
+within 'stream' can have specific HA logic and interfaces.
+
+TcpHAManager::process_deletion() is called when an TCP stream is being
+destroyed and indicates to the stream & flow HA logic that a flow
+deletion HA message needs to be emitted for the flow in question.
+Tcp streams are both closed internally (e.g. FIN) and externally due
+to cache timeout or pruning. The calls to TcpHAManager::process_deletion()
+in tcp/tcp_session.cc indicate a normal closure of a stream/flow.
+
+TcpHA::create_session() is called from the stream & flow HA logic and
+handles the creation of new flow upon receiving an HA update message.
+
+TcpHA::deactivate_session() is called from the stream & flow HA logic to
+place a session into standby mode. Upon receiving an HA Update message,
+the flow is first created if necessary, and is then placed into Standby
+state. deactivate_session() sets the TCP specific state for Standy mode.
packet eval method is not used as the base Stream Inspector delegates
packets directly to the UDP session packet processing method.
+The module udp_ha.cc (and udp_ha.h) implements the per-protocol hooks into
+the stream logic for HA. UdpHAManager is a static class that interfaces
+to a per-packet thread instance of the class UdpHA. UdpHA is sub-class
+of ProtocolHA, declared in the stream/base area. Thus each protocol
+within 'stream' can have specific HA logic and interfaces.
+
+UdpHAManager::process_deletion() is called when an UDP stream is being
+destroyed and indicates to the stream & flow HA logic that a flow
+deletion HA message needs to be emitted for the flow in question.
+Udp streams are closed due to timeout or puning actions which lead
+to the invocation of process_deletion().
+
+UdpHA::create_session() is called from the stream & flow HA logic and
+handles the creation of new flow upon receiving an HA update message.
projects / thirdparty / snort3.git / commitdiff
