bool efd_flow : 1; // Indicate that current flow is an elephant flow
bool svc_event_generated : 1; // Set if FLOW_NO_SERVICE_EVENT was generated for this flow
bool retry_queued : 1; // Set if a packet was queued for retry for this flow
+ bool ha_flow : 1; // Set if this flow was created by an HA message
} flags = {};
FlowState flow_state = FlowState::SETUP;
if (flow)
flow = stale_flow_cleanup(cache, flow, p);
+ bool new_ha_flow = false;
if ( !flow )
{
flow = HighAvailabilityManager::import(*p, key);
- if ( !flow )
+ if ( flow )
+ new_ha_flow = true;
+ else
{
if ( !want_flow(type, p) )
return true;
flow->session = get_proto_session[to_utype(type)](flow);
}
- num_flows += process(flow, p);
+ num_flows += process(flow, p, new_ha_flow);
// FIXIT-M refactor to unlink_uni immediately after session
// is processed by inspector manager (all flows)
return true;
}
-unsigned FlowControl::process(Flow* flow, Packet* p)
+unsigned FlowControl::process(Flow* flow, Packet* p, bool new_ha_flow)
{
unsigned news = 0;
if ( flow->flow_state != Flow::FlowState::SETUP )
{
+ if ( new_ha_flow )
+ DataBus::publish(intrinsic_pub_id, IntrinsicEventIds::FLOW_STATE_SETUP, p);
unsigned reload_id = SnortConfig::get_thread_reload_id();
- if (flow->reload_id != reload_id)
+ if ( flow->reload_id != reload_id )
flow->network_policy_id = get_network_policy()->policy_id;
else
{
}
p->filtering_state = flow->filtering_state;
update_stats(flow, p);
- if (p->is_retry())
+ if ( p->is_retry() )
{
RetryPacketEvent retry_event(p);
DataBus::publish(intrinsic_pub_id, IntrinsicEventIds::RETRY_PACKET, retry_event);
else
{
flow->network_policy_id = get_network_policy()->policy_id;
- if (PacketTracer::is_active())
+ if ( PacketTracer::is_active() )
PacketTracer::log("Session: new snort session\n");
init_roles(p, flow);
private:
void set_key(snort::FlowKey*, snort::Packet*);
- unsigned process(snort::Flow*, snort::Packet*);
+ unsigned process(snort::Flow*, snort::Packet*, bool new_ha_flow);
void update_stats(snort::Flow*, snort::Packet*);
private:
if ( (flow = protocol_create_session(key)) == nullptr )
return false;
+ flow->flags.ha_flow = true;
BareDataEvent event;
DataBus::publish(Stream::get_pub_id(), StreamEventIds::HA_NEW_FLOW, event, flow);
}
flow->ssn_state = hac->ssn_state;
+ flow->ssn_state.session_flags &= ~SSNFLAG_ESTABLISHED; // clear flag for tcp established event to be generated
flow->flow_state = hac->flow_state;
if ( !flow->ha_state->check_any(FlowHAState::STANDBY) )
projects / thirdparty / snort3.git / commitdiff
