Squashed commit of the following:
commit
78dd1cbbc6e4f52c0616652f38855ecdc5054290
Author: Deepak Ramadass <deramada@cisco.com>
Date: Fri May 21 11:06:39 2021 -0400
stream_tcp: populate flow contents in context for non-wire packets
// we need to stay in the current context until rebuild is successful
// any events while rebuilding will be logged against the current packet
// however, rebuild is always in the next context, not current.
-Packet* DetectionEngine::set_next_packet(Packet* parent)
+Packet* DetectionEngine::set_next_packet(Packet* parent, Flow* flow)
{
static THREAD_LOCAL Active shutdown_active;
static THREAD_LOCAL ActiveAction* shutdown_action = nullptr;
wait_for_context();
IpsContext* c = Analyzer::get_switcher()->get_next();
+
+ Packet* p = c->packet;
+
if ( parent )
{
if ( parent->flow )
}
else
{
+ if ( flow )
+ p->context->snapshot_flow(flow);
c->packet_number = get_packet_number();
c->wire_packet = nullptr;
}
- Packet* p = c->packet;
-
p->pkth = c->pkth;
p->data = c->buf;
p->pkt = c->buf;
static Packet* get_current_packet();
static Packet* get_current_wire_packet();
- static Packet* set_next_packet(Packet* parent = nullptr);
+ static Packet* set_next_packet(Packet* parent = nullptr, Flow* flow = nullptr);
static uint8_t* get_next_buffer(unsigned& max);
static bool offload(Packet*);
void DetectionEngine::onload(Flow*) {}
-Packet* DetectionEngine::set_next_packet(Packet*) { return nullptr; }
+Packet* DetectionEngine::set_next_packet(Packet*, Flow*) { return nullptr; }
IpsContext* DetectionEngine::get_context() { return nullptr; }
static Packet* get_packet(Flow* flow, uint32_t flags, bool c2s)
{
- Packet* p = DetectionEngine::set_next_packet();
+ Packet* p = DetectionEngine::set_next_packet(nullptr, flow);
DAQ_PktHdr_t* ph = p->context->pkth;
memset(ph, 0, sizeof(*ph));
projects / thirdparty / snort3.git / commitdiff
