decode: make PacketDrop use action as parameter

A Packet may be dropped due to several different reasons. This change
adds action as a parameter, so we can update the packet action when we
drop it, instead of setting it to drop.

Related to
Bug #5458

(cherry picked from commit 1774ff18a6ab28233f7b31e0fb6b799d81abf34d)

diff --git a/src/decode.h b/src/decode.h
index 53fc0fe43e05679e9a3235a4b3bac71c20c2c57d..14e8ae014a7b9f38b29326d7d06365f4c8c49bda 100644 (file)
--- a/src/decode.h
+++ b/src/decode.h
@@ -906,12 +906,22 @@ void CaptureStatsSetup(ThreadVars *tv, CaptureStats *s);
 
 #define PACKET_TEST_ACTION_DO(p, a) (p)->action &(a)
 
-static inline void PacketDrop(Packet *p, enum PacketDropReason r)
+#define PACKET_UPDATE_ACTION(p, a) (p)->action |= (a)
+static inline void PacketUpdateAction(Packet *p, const uint8_t a)
+{
+    if (likely(p->root == NULL)) {
+        PACKET_UPDATE_ACTION(p, a);
+    } else {
+        PACKET_UPDATE_ACTION(p->root, a);
+    }
+}
+
+static inline void PacketDrop(Packet *p, const uint8_t action, enum PacketDropReason r)
 {
     if (p->drop_reason == PKT_DROP_REASON_NOT_SET)
         p->drop_reason = (uint8_t)r;
 
-    PACKET_SET_ACTION(p, ACTION_DROP);
+    PACKET_UPDATE_ACTION(p, action);
 }
 #define PACKET_DROP(p) PacketDrop((p), PKT_DROP_REASON_NOT_SET)
 
@@ -925,12 +935,6 @@ static inline uint8_t PacketTestAction(const Packet *p, const uint8_t a)
 }
 #define PACKET_TEST_ACTION(p, a) PacketTestAction((p), (a))
 
-#define PACKET_UPDATE_ACTION(p, a) do { \
-    ((p)->root ? \
-     ((p)->root->action |= a) : \
-     ((p)->action |= a)); \
-} while (0)
-
 #define TUNNEL_INCR_PKT_RTV_NOLOCK(p) do {                                          \
         ((p)->root ? (p)->root->tunnel_rtv_cnt++ : (p)->tunnel_rtv_cnt++);          \
     } while (0)

diff --git a/src/detect-engine-alert.c b/src/detect-engine-alert.c
index 84bab6ec34a96fca22cde63eb16211bede74faa7..ec362932e0b0d9dfbfa494b8a6012f4d95294047 100644 (file)
--- a/src/detect-engine-alert.c
+++ b/src/detect-engine-alert.c
@@ -180,7 +180,7 @@ static void PacketApplySignatureActions(Packet *p, const Signature *s, const uin
             s->action, alert_flags);
 
     if (s->action & ACTION_DROP) {
-        PacketDrop(p, PKT_DROP_REASON_RULES);
+        PacketDrop(p, s->action, PKT_DROP_REASON_RULES);
 
         if (p->alerts.drop.action == 0) {
             p->alerts.drop.num = s->num;

diff --git a/src/detect-engine-threshold.c b/src/detect-engine-threshold.c
index 132867578d8e1d73abf04e3dc67063229854162c..8400c93912609b0ed82a8ddd6b8bf4a97dd1470d 100644 (file)
--- a/src/detect-engine-threshold.c
+++ b/src/detect-engine-threshold.c
@@ -300,7 +300,7 @@ static inline void RateFilterSetAction(Packet *p, PacketAlert *pa, uint8_t new_a
             pa->flags |= PACKET_ALERT_RATE_FILTER_MODIFIED;
             break;
         case TH_ACTION_DROP:
-            PacketDrop(p, PKT_DROP_REASON_RULES_THRESHOLD);
+            PacketDrop(p, new_action, PKT_DROP_REASON_RULES_THRESHOLD);
             pa->flags |= PACKET_ALERT_RATE_FILTER_MODIFIED;
             break;
         case TH_ACTION_REJECT:

diff --git a/src/detect.c b/src/detect.c
index b57d3aa7a18cceaf03bcfb4025a21044c11d1b6a..af8e9870733d10e5caf05f0e14fbd522fb01709b 100644 (file)
--- a/src/detect.c
+++ b/src/detect.c
@@ -1560,7 +1560,7 @@ static void DetectFlow(ThreadVars *tv,
 
     /* if flow is set to drop, we enforce that here */
     if (p->flow->flags & FLOW_ACTION_DROP) {
-        PacketDrop(p, PKT_DROP_REASON_FLOW_DROP);
+        PacketDrop(p, ACTION_DROP, PKT_DROP_REASON_FLOW_DROP);
         SCReturn;
     }
 

diff --git a/src/stream-tcp.c b/src/stream-tcp.c
index 37805eedaabe6149c37a1d620c095c15a1519f00..a1d0ee3c3745a6c33d7ec63c9121db2a9aca77b4 100644 (file)
--- a/src/stream-tcp.c
+++ b/src/stream-tcp.c
@@ -4874,7 +4874,7 @@ int StreamTcpPacket (ThreadVars *tv, Packet *p, StreamTcpThread *stt,
         FlowSetNoPacketInspectionFlag(p->flow);
         DecodeSetNoPacketInspectionFlag(p);
         StreamTcpDisableAppLayer(p->flow);
-        PacketDrop(p, PKT_DROP_REASON_FLOW_DROP);
+        PacketDrop(p, ACTION_DROP, PKT_DROP_REASON_FLOW_DROP);
         /* return the segments to the pool */
         StreamTcpSessionPktFree(p);
         SCReturnInt(0);
@@ -5033,7 +5033,7 @@ error:
          * anyway. Doesn't disable all detection, so we can still
          * match on the stream event that was set. */
         DecodeSetNoPayloadInspectionFlag(p);
-        PacketDrop(p, PKT_DROP_REASON_STREAM_ERROR);
+        PacketDrop(p, ACTION_DROP, PKT_DROP_REASON_STREAM_ERROR);
     }
     SCReturnInt(-1);
 }

diff --git a/src/util-exception-policy.c b/src/util-exception-policy.c
index 0f54cf0787a76d0f7bcb50894ded01313f2d3ee2..6f4dd5e5f2b03b1e2be1462f33469b426a4dec15 100644 (file)
--- a/src/util-exception-policy.c
+++ b/src/util-exception-policy.c
@@ -40,7 +40,7 @@ void ExceptionPolicyApply(Packet *p, enum ExceptionPolicy policy, enum PacketDro
                 SCLogDebug("EXCEPTION_POLICY_DROP_PACKET");
                 DecodeSetNoPayloadInspectionFlag(p);
                 DecodeSetNoPacketInspectionFlag(p);
-                PacketDrop(p, drop_reason);
+                PacketDrop(p, ACTION_DROP, drop_reason);
                 break;
             case EXCEPTION_POLICY_BYPASS_FLOW:
                 PacketBypassCallback(p);