#include "config.h"
#endif
+#include <daq.h>
+
#include "codecs/codec_module.h"
#include "framework/codec.h"
#include "log/text_log.h"
const PegInfo pegs[]
{
{ CountType::SUM, "bad_checksum", "non-zero icmp checksums" },
+ { CountType::SUM, "checksum_bypassed", "checksum calculations bypassed" },
{ CountType::END, nullptr, nullptr }
};
struct Stats
{
PegCount bad_ip4_cksum;
+ PegCount cksum_bypassed;
};
static THREAD_LOCAL Stats stats;
void log(TextLog* const, const uint8_t* pkt, const uint16_t len) override;
private:
+ bool valid_checksum_from_daq(const RawData&);
void ICMP4AddrTests(const DecodeData& snort, const CodecData& codec);
void ICMP4MiscTests(const ICMPHdr* const, const CodecData&, const uint16_t);
};
void Icmp4Codec::get_protocol_ids(std::vector<ProtocolId>& v)
{ v.emplace_back(ProtocolId::ICMPV4); }
+inline bool Icmp4Codec::valid_checksum_from_daq(const RawData& raw)
+{
+ const DAQ_PktDecodeData_t* pdd =
+ (const DAQ_PktDecodeData_t*) daq_msg_get_meta(raw.daq_msg, DAQ_PKT_META_DECODE_DATA);
+ if (!pdd || !pdd->flags.bits.l4_checksum || !pdd->flags.bits.icmp || !pdd->flags.bits.l4)
+ return false;
+ // Sanity check to make sure we're talking about the same thing
+ const uint8_t* data = daq_msg_get_data(raw.daq_msg);
+ if (raw.data - data != pdd->l4_offset)
+ return false;
+ stats.cksum_bypassed++;
+ return true;
+}
+
bool Icmp4Codec::decode(const RawData& raw, CodecData& codec,DecodeData& snort)
{
if (raw.len < icmp::ICMP_BASE_LEN)
const ICMPHdr* const icmph = reinterpret_cast<const ICMPHdr*>(raw.data);
uint16_t len = 0;
- if (SnortConfig::icmp_checksums())
+ if (SnortConfig::icmp_checksums() && !valid_checksum_from_daq(raw))
{
uint16_t csum = checksum::cksum_add((const uint16_t*)icmph, raw.len);
#include "config.h"
#endif
+#include <daq.h>
+
#include "codecs/codec_module.h"
#include "framework/codec.h"
#include "log/text_log.h"
const PegInfo pegs[]
{
{ CountType::SUM, "bad_icmp6_checksum", "nonzero icmp6 checksums" },
+ { CountType::SUM, "checksum_bypassed", "checksum calculations bypassed" },
{ CountType::END, nullptr, nullptr }
};
struct Stats
{
PegCount bad_ip6_cksum;
+ PegCount cksum_bypassed;
};
static THREAD_LOCAL Stats stats;
uint16_t lyr_len, uint32_t& updated_len) override;
void format(bool reverse, uint8_t* raw_pkt, DecodeData& snort) override;
void log(TextLog* const, const uint8_t* pkt, const uint16_t len) override;
+
+private:
+ bool valid_checksum_from_daq(const RawData&);
};
} // anonymous namespace
void Icmp6Codec::get_protocol_ids(std::vector<ProtocolId>& v)
{ v.emplace_back(ProtocolId::ICMPV6); }
+inline bool Icmp6Codec::valid_checksum_from_daq(const RawData& raw)
+{
+ const DAQ_PktDecodeData_t* pdd =
+ (const DAQ_PktDecodeData_t*) daq_msg_get_meta(raw.daq_msg, DAQ_PKT_META_DECODE_DATA);
+ if (!pdd || !pdd->flags.bits.l4_checksum || !pdd->flags.bits.icmp || !pdd->flags.bits.l4)
+ return false;
+ // Sanity check to make sure we're talking about the same thing
+ const uint8_t* data = daq_msg_get_data(raw.daq_msg);
+ if (raw.data - data != pdd->l4_offset)
+ return false;
+ stats.cksum_bypassed++;
+ return true;
+}
+
bool Icmp6Codec::decode(const RawData& raw, CodecData& codec, DecodeData& snort)
{
if (raw.len < icmp::ICMP6_HEADER_MIN_LEN)
const icmp::Icmp6Hdr* const icmp6h = reinterpret_cast<const icmp::Icmp6Hdr*>(raw.data);
- if ( SnortConfig::icmp_checksums() )
+ if ( SnortConfig::icmp_checksums() && !valid_checksum_from_daq(raw))
{
checksum::Pseudoheader6 ph6;
COPY4(ph6.sip, snort.ip_api.get_src()->get_ip6_ptr());
const PegInfo pegs[]
{
{ CountType::SUM, "bad_checksum", "nonzero ip checksums" },
+ { CountType::SUM, "checksum_bypassed", "checksum calculations bypassed" },
{ CountType::END, nullptr, nullptr }
};
struct Stats
{
PegCount bad_cksum;
+ PegCount cksum_bypassed;
};
static THREAD_LOCAL Stats stats;
void format(bool reverse, uint8_t* raw_pkt, DecodeData& snort) override;
private:
+ bool valid_checksum_from_daq(const RawData&);
void IP4AddrTests(const ip::IP4Hdr*, const CodecData&, DecodeData&);
void IPMiscTests(const ip::IP4Hdr* const ip4h, const CodecData& codec, uint16_t len);
void DecodeIPOptions(const uint8_t* start, uint8_t& o_len, CodecData& data);
};
} // namespace
+inline bool Ipv4Codec::valid_checksum_from_daq(const RawData& raw)
+{
+ const DAQ_PktDecodeData_t* pdd =
+ (const DAQ_PktDecodeData_t*) daq_msg_get_meta(raw.daq_msg, DAQ_PKT_META_DECODE_DATA);
+ if (!pdd || !pdd->flags.bits.l3_checksum || !pdd->flags.bits.ipv4 || !pdd->flags.bits.l3)
+ return false;
+ // Sanity check to make sure we're talking about the same thing
+ const uint8_t* data = daq_msg_get_data(raw.daq_msg);
+ if (raw.data - data != pdd->l3_offset)
+ return false;
+ stats.cksum_bypassed++;
+ return true;
+}
+
void Ipv4Codec::get_data_link_type(std::vector<int>& v)
{
v.emplace_back(DLT_IPV4);
*/
IP4AddrTests(iph, codec, snort);
- if (snort::SnortConfig::ip_checksums())
+ if (snort::SnortConfig::ip_checksums() && !valid_checksum_from_daq(raw))
{
- /* routers drop packets with bad IP checksums, we don't really
- * need to check them (should make this a command line/config
- * option
- */
+ // routers drop packets with bad IP checksums, we don't really need to check them...
int16_t csum = checksum::ip_cksum((const uint16_t*)iph, hlen);
-
if (csum && !codec.is_cooked())
{
if ( !(codec.codec_flags & CODEC_UNSURE_ENCAP) )
{
{ CountType::SUM, "bad_tcp4_checksum", "nonzero tcp over ip checksums" },
{ CountType::SUM, "bad_tcp6_checksum", "nonzero tcp over ipv6 checksums" },
+ { CountType::SUM, "checksum_bypassed", "checksum calculations bypassed" },
{ CountType::END, nullptr, nullptr }
};
{
PegCount bad_ip4_cksum;
PegCount bad_ip6_cksum;
+ PegCount cksum_bypassed;
};
static THREAD_LOCAL Stats stats;
void format(bool reverse, uint8_t* raw_pkt, DecodeData& snort) override;
private:
+ bool valid_checksum_from_daq(const RawData&);
bool valid_checksum4(const RawData&, DecodeData&);
bool valid_checksum6(const RawData&, const CodecData&, DecodeData&);
v.emplace_back(ProtocolId::TCP);
}
+inline bool TcpCodec::valid_checksum_from_daq(const RawData& raw)
+{
+ const DAQ_PktDecodeData_t* pdd =
+ (const DAQ_PktDecodeData_t*) daq_msg_get_meta(raw.daq_msg, DAQ_PKT_META_DECODE_DATA);
+ if (!pdd || !pdd->flags.bits.l4_checksum || !pdd->flags.bits.tcp || !pdd->flags.bits.l4)
+ return false;
+ // Sanity check to make sure we're talking about the same thing
+ const uint8_t* data = daq_msg_get_data(raw.daq_msg);
+ if (raw.data - data != pdd->l4_offset)
+ return false;
+ stats.cksum_bypassed++;
+ return true;
+}
+
bool TcpCodec::valid_checksum4(const RawData& raw, DecodeData& snort)
{
const ip::IP4Hdr* ip4h = snort.ip_api.get_ip4h();
ph.dip = ip4h->get_dst();
ph.zero = 0;
ph.protocol = ip4h->proto();
- ph.len = htons((uint16_t)raw.len);
+ ph.len = htons((uint16_t) raw.len);
- uint16_t csum = checksum::tcp_cksum((const uint16_t*)raw.data, raw.len, &ph);
-
- if ( csum )
- {
- stats.bad_ip4_cksum++;
- return false;
- }
- return true;
+ return (checksum::tcp_cksum((const uint16_t*) raw.data, raw.len, &ph) == 0);
}
-bool TcpCodec::valid_checksum6(
- const RawData& raw, const CodecData& codec, DecodeData& snort)
+bool TcpCodec::valid_checksum6(const RawData& raw, const CodecData& codec, DecodeData& snort)
{
const ip::IP6Hdr* const ip6h = snort.ip_api.get_ip6h();
COPY4(ph6.dip, ip6h->get_dst()->u6_addr32);
ph6.zero = 0;
ph6.protocol = codec.ip6_csum_proto;
- ph6.len = htons((uint16_t)raw.len);
-
- uint16_t csum = checksum::tcp_cksum((const uint16_t*)raw.data, raw.len, &ph6);
+ ph6.len = htons((uint16_t) raw.len);
- if ( csum )
- {
- stats.bad_ip6_cksum++;
- return false;
- }
- return true;
+ return (checksum::tcp_cksum((const uint16_t*) raw.data, raw.len, &ph6) == 0);
}
bool TcpCodec::decode(const RawData& raw, CodecData& codec, DecodeData& snort)
return false;
}
- if ( SnortConfig::tcp_checksums() )
+ if (SnortConfig::tcp_checksums() && !valid_checksum_from_daq(raw))
{
+ PegCount* bad_cksum_cnt;
bool valid;
if (snort.ip_api.is_ip4())
+ {
valid = valid_checksum4(raw, snort);
+ bad_cksum_cnt = &stats.bad_ip4_cksum;
+ }
else
+ {
valid = valid_checksum6(raw, codec, snort);
+ bad_cksum_cnt = &stats.bad_ip6_cksum;
+ }
if (!valid)
{
- if ( !(codec.codec_flags & CODEC_UNSURE_ENCAP) )
+ if (!(codec.codec_flags & CODEC_UNSURE_ENCAP))
+ {
+ (*bad_cksum_cnt)++;
snort.decode_flags |= DECODE_ERR_CKSUM_TCP;
-
+ }
return false;
}
}
{
{ CountType::SUM, "bad_udp4_checksum", "nonzero udp over ipv4 checksums" },
{ CountType::SUM, "bad_udp6_checksum", "nonzero udp over ipv6 checksums" },
+ { CountType::SUM, "checksum_bypassed", "checksum calculations bypassed" },
{ CountType::END, nullptr, nullptr }
};
{
PegCount bad_ip4_cksum;
PegCount bad_ip6_cksum;
+ PegCount cksum_bypassed;
};
static THREAD_LOCAL Stats stats;
private:
+ bool valid_checksum_from_daq(const RawData&);
+ bool valid_checksum4(const RawData&, const DecodeData&);
+ bool valid_checksum6(const RawData&, const CodecData&, const DecodeData&);
+
void UDPMiscTests(const DecodeData&, const CodecData&, uint32_t pay_len);
};
} // anonymous namespace
+inline bool UdpCodec::valid_checksum_from_daq(const RawData& raw)
+{
+ const DAQ_PktDecodeData_t* pdd =
+ (const DAQ_PktDecodeData_t*) daq_msg_get_meta(raw.daq_msg, DAQ_PKT_META_DECODE_DATA);
+ if (!pdd || !pdd->flags.bits.l4_checksum || !pdd->flags.bits.udp || !pdd->flags.bits.l4)
+ return false;
+ // Sanity check to make sure we're talking about the same thing
+ const uint8_t* data = daq_msg_get_data(raw.daq_msg);
+ if (raw.data - data != pdd->l4_offset)
+ return false;
+ stats.cksum_bypassed++;
+ return true;
+}
+
+bool UdpCodec::valid_checksum4(const RawData& raw, const DecodeData& snort)
+{
+ const ip::IP4Hdr* const ip4h = snort.ip_api.get_ip4h();
+
+ checksum::Pseudoheader ph;
+ ph.sip = ip4h->get_src();
+ ph.dip = ip4h->get_dst();
+ ph.zero = 0;
+ ph.protocol = ip4h->proto();
+ ph.len = htons((uint16_t) raw.len);
+
+ return (checksum::udp_cksum((const uint16_t*) raw.data, raw.len, &ph) == 0);
+}
+
+bool UdpCodec::valid_checksum6(const RawData& raw, const CodecData& codec, const DecodeData& snort)
+{
+ const ip::IP6Hdr* const ip6h = snort.ip_api.get_ip6h();
+
+ checksum::Pseudoheader6 ph6;
+ COPY4(ph6.sip, ip6h->ip6_src.u6_addr32);
+ COPY4(ph6.dip, ip6h->ip6_dst.u6_addr32);
+ ph6.zero = 0;
+ ph6.protocol = codec.ip6_csum_proto;
+ ph6.len = htons((uint16_t) raw.len);
+
+ return (checksum::udp_cksum((const uint16_t*) raw.data, raw.len, &ph6) == 0);
+}
+
void UdpCodec::get_protocol_ids(std::vector<ProtocolId>& v)
{
v.emplace_back(ProtocolId::UDP);
return false;
}
- if (SnortConfig::udp_checksums())
+ if (SnortConfig::udp_checksums() && !valid_checksum_from_daq(raw))
{
- /* look at the UDP checksum to make sure we've got a good packet */
- uint16_t csum;
PegCount* bad_cksum_cnt;
+ bool valid;
+ /* look at the UDP checksum to make sure we've got a good packet */
if (snort.ip_api.is_ip4())
{
- bad_cksum_cnt = &(stats.bad_ip4_cksum);
-
/* Don't do checksum calculation if
* 1) Fragmented, OR
* 2) UDP header chksum value is 0.
*/
- if ( !fragmented_udp_flag && udph->uh_chk )
- {
- checksum::Pseudoheader ph;
- const ip::IP4Hdr* const ip4h = snort.ip_api.get_ip4h();
- ph.sip = ip4h->get_src();
- ph.dip = ip4h->get_dst();
- ph.zero = 0;
- ph.protocol = ip4h->proto();
- ph.len = udph->uh_len;
-
- csum = checksum::udp_cksum((const uint16_t*)(udph), uhlen, &ph);
- }
+ if (!fragmented_udp_flag && udph->uh_chk)
+ valid = valid_checksum4(raw, snort);
else
- {
- csum = 0;
- }
+ valid = true;
+ bad_cksum_cnt = &stats.bad_ip4_cksum;
}
else
{
- bad_cksum_cnt = &(stats.bad_ip6_cksum);
-
/* Alert on checksum value 0 for ipv6 packets */
if (!udph->uh_chk)
{
- csum = 1;
+ valid = false;
codec_event(codec, DECODE_UDP_IPV6_ZERO_CHECKSUM);
}
/* Don't do checksum calculation if
* 1) Fragmented
* (UDP checksum is not optional in IP6)
*/
- else if ( !fragmented_udp_flag )
- {
- checksum::Pseudoheader6 ph6;
- const ip::IP6Hdr* const ip6h = snort.ip_api.get_ip6h();
- COPY4(ph6.sip, ip6h->ip6_src.u6_addr32);
- COPY4(ph6.dip, ip6h->ip6_dst.u6_addr32);
- ph6.zero = 0;
- ph6.protocol = codec.ip6_csum_proto;
- ph6.len = htons((unsigned short)raw.len);
-
- csum = checksum::udp_cksum((const uint16_t*)(udph), uhlen, &ph6);
- }
+ else if (!fragmented_udp_flag)
+ valid = valid_checksum6(raw, codec, snort);
else
- {
- csum = 0;
- }
+ valid = true;
+ bad_cksum_cnt = &stats.bad_ip6_cksum;
}
- if (csum && !codec.is_cooked())
+
+ if (!valid && !codec.is_cooked())
{
- if ( !(codec.codec_flags & CODEC_UNSURE_ENCAP) )
+ if (!(codec.codec_flags & CODEC_UNSURE_ENCAP))
{
(*bad_cksum_cnt)++;
snort.decode_flags |= DECODE_ERR_CKSUM_UDP;
return false;
}
}
+
uint16_t src_port;
uint16_t dst_port;
else
{
src_port = udph->src_port();
- dst_port = udph->dst_port();
+ dst_port = udph->dst_port();
}
/* fill in the printout data structs */
THREAD_LOCAL PacketTracer* snort::s_pkt_trace = nullptr;
-PacketTracer::PacketTracer() { }
-PacketTracer::~PacketTracer() { }
-void PacketTracer::log(const char* format, ...) { }
+PacketTracer::PacketTracer() = default;
+PacketTracer::~PacketTracer() = default;
+void PacketTracer::log(const char*, ...) { }
void PacketTracer::open_file() { }
-void PacketTracer::dump_to_daq(Packet* p) { }
+void PacketTracer::dump_to_daq(Packet*) { }
void PacketTracer::reset() { }
Packet::Packet(bool) { }
-Packet::~Packet() { }
+Packet::~Packet() = default;
FlowCache::FlowCache(const FlowCacheConfig& cfg) : config(cfg) { }
-FlowCache::~FlowCache() { }
+FlowCache::~FlowCache() = default;
Flow::Flow() = default;
-Flow::~Flow() { }
-DetectionEngine::DetectionEngine() { }
-ExpectCache::~ExpectCache() { }
-DetectionEngine::~DetectionEngine() { }
+Flow::~Flow() = default;
+DetectionEngine::DetectionEngine() = default;
+DetectionEngine::~DetectionEngine() = default;
+ExpectCache::~ExpectCache() = default;
unsigned FlowCache::purge() { return 1; }
-Flow* FlowCache::find(const FlowKey* key) { return nullptr; }
-Flow* FlowCache::get(const FlowKey* key) { return nullptr; }
-void FlowCache::push(Flow* flow) { }
-bool FlowCache::prune_one(PruneReason reason, bool do_cleanup) { return true; }
-unsigned FlowCache::timeout(unsigned num_flows, time_t thetime) { return 1; }
-void Flow::init(PktType type) { }
-void set_network_policy(SnortConfig* sc, unsigned i) { }
-void DataBus::publish(const char* key, const uint8_t* buf, unsigned len, Flow* f) { }
-void DataBus::publish(const char* key, Packet* p, Flow* f) { }
+Flow* FlowCache::find(const FlowKey*) { return nullptr; }
+Flow* FlowCache::get(const FlowKey*) { return nullptr; }
+void FlowCache::push(Flow*) { }
+bool FlowCache::prune_one(PruneReason, bool) { return true; }
+unsigned FlowCache::timeout(unsigned, time_t) { return 1; }
+void Flow::init(PktType) { }
+void set_network_policy(SnortConfig*, unsigned) { }
+void DataBus::publish(const char*, const uint8_t*, unsigned, Flow*) { }
+void DataBus::publish(const char*, Packet*, Flow*) { }
SnortConfig* SnortConfig::get_conf() { return nullptr; }
-void FlowCache::unlink_uni(Flow* flow) { }
-void Flow::set_direction(Packet* p) { }
-void set_inspection_policy(SnortConfig* sc, unsigned i) { }
-void set_ips_policy(SnortConfig* sc, unsigned i) { }
-void Flow::set_mpls_layer_per_dir(Packet* p) { }
-void DetectionEngine::disable_all(Packet* p) { }
-void Stream::drop_traffic(const Packet* p, char dir) { }
-bool Stream::blocked_flow(Packet* p) { return true; }
-ExpectCache::ExpectCache(uint32_t max) { }
-bool ExpectCache::check(Packet* p, Flow* lws) { return true; }
-bool ExpectCache::is_expected(Packet* p) { return true; }
-Flow* HighAvailabilityManager::import(Packet& p, FlowKey& key) { }
-
-namespace memory
+void FlowCache::unlink_uni(Flow*) { }
+void Flow::set_direction(Packet*) { }
+void set_inspection_policy(SnortConfig*, unsigned) { }
+void set_ips_policy(SnortConfig*, unsigned) { }
+void Flow::set_mpls_layer_per_dir(Packet*) { }
+void DetectionEngine::disable_all(Packet*) { }
+void Stream::drop_traffic(const Packet*, char) { }
+bool Stream::blocked_flow(Packet*) { return true; }
+ExpectCache::ExpectCache(uint32_t) { }
+bool ExpectCache::check(Packet*, Flow*) { return true; }
+bool ExpectCache::is_expected(Packet*) { return true; }
+Flow* HighAvailabilityManager::import(Packet&, FlowKey&) { return nullptr; }
+
+namespace memory
{
bool MemoryCap::over_threshold() { return true; }
}
{
namespace layer
{
-const vlan::VlanTagHdr* get_vlan_layer(const Packet* const p) { return nullptr; }
+const vlan::VlanTagHdr* get_vlan_layer(const Packet* const) { return nullptr; }
}
}
}
bool FlowKey::init(
- PktType type, IpProtocol ip_proto,
- const SfIp *srcIP, uint16_t srcPort,
- const SfIp *dstIP, uint16_t dstPort,
- uint16_t vlanId, uint32_t mplsId, uint16_t addrSpaceId)
+ PktType, IpProtocol,
+ const SfIp*, uint16_t,
+ const SfIp*, uint16_t,
+ uint16_t, uint32_t, uint16_t)
{
return true;
}
bool FlowKey::init(
- PktType type, IpProtocol ip_proto,
- const SfIp *srcIP, const SfIp *dstIP,
- uint32_t id, uint16_t vlanId,
- uint32_t mplsId, uint16_t addrSpaceId)
+ PktType, IpProtocol,
+ const SfIp*, const SfIp*,
+ uint32_t, uint16_t,
+ uint32_t, uint16_t)
{
return true;
}
-void Stream::stop_inspection(
- Flow* flow, Packet* p, char dir,
- int32_t /*bytes*/, int /*response*/) { }
+void Stream::stop_inspection(Flow*, Packet*, char, int32_t, int) { }
-int ExpectCache::add_flow(const Packet *ctrlPkt,
- PktType type, IpProtocol ip_proto,
- const SfIp* cliIP, uint16_t cliPort,
- const SfIp* srvIP, uint16_t srvPort,
- char direction, FlowData* fd, SnortProtocolId snort_protocol_id)
-{
- return 1;
+int ExpectCache::add_flow(const Packet*,
+ PktType, IpProtocol,
+ const SfIp*, uint16_t,
+ const SfIp*, uint16_t,
+ char, FlowData*, SnortProtocolId)
+{
+ return 1;
}
-int FlowCache::release(Flow* flow, PruneReason reason, bool do_cleanup)
-{
- return 1;
+int FlowCache::release(Flow*, PruneReason, bool)
+{
+ return 1;
}
TEST_GROUP(stale_flow) { };
int main(int argc, char** argv)
{
return CommandLineTestRunner::RunAllTests(argc, argv);
-}
+}
using namespace snort;
Packet::Packet(bool) { }
-Packet::~Packet() { }
+Packet::~Packet() = default;
void Inspector::rem_ref() {}
void Inspector::add_ref() {}
-void memory::MemoryCap::update_allocations(size_t n) {}
+void memory::MemoryCap::update_allocations(size_t) {}
-void memory::MemoryCap::update_deallocations(size_t n) {}
+void memory::MemoryCap::update_deallocations(size_t) {}
-bool memory::MemoryCap::free_space(size_t n) { return false; }
+bool memory::MemoryCap::free_space(size_t) { return false; }
bool HighAvailabilityManager::active() { return false; }
void FlowHAState::reset() {}
-snort::FlowStash::~FlowStash() {}
+snort::FlowStash::~FlowStash() = default;
void FlowStash::reset() {}
-void DetectionEngine::onload(Flow* flow) {}
+void DetectionEngine::onload(Flow*) {}
-Packet* DetectionEngine::set_next_packet(Packet* parent) { return nullptr; }
+Packet* DetectionEngine::set_next_packet(Packet*) { return nullptr; }
IpsContext* DetectionEngine::get_context() { return nullptr; }
DetectionEngine::~DetectionEngine() {}
-bool snort::layer::set_outer_ip_api(const Packet* const p,
- ip::IpApi& api,
- int8_t& curr_layer)
+bool snort::layer::set_outer_ip_api(const Packet* const, ip::IpApi&, int8_t&)
{ return false; }
uint8_t ip::IpApi::ttl() const { return 0; }
-const Layer* snort::layer::get_mpls_layer(const Packet* const p) { return nullptr; }
+const Layer* snort::layer::get_mpls_layer(const Packet* const) { return nullptr; }
-void snort::DataBus::publish(const char* key, Packet* p, Flow* f) {}
+void snort::DataBus::publish(const char*, Packet*, Flow*) {}
TEST_GROUP(nondefault_timeout)
{
const char* sipstr, uint16_t sport, const char* dipstr, uint16_t dport,
AppIdDebugSessionConstraints& constraints)
{
- SfIp sip, dip;
if (sipstr)
{
constraints.sip.set(sipstr);
pkth->ingress_group = phdr->ingress_group;
pkth->egress_index = phdr->egress_index;
pkth->egress_group = phdr->egress_group;
- pkth->flags = phdr->flags & (~DAQ_PKT_FLAG_HW_TCP_CS_GOOD);
+ pkth->flags = phdr->flags;
pkth->address_space_id = phdr->address_space_id;
pkth->opaque = opaque;
}
projects / thirdparty / snort3.git / commitdiff
