stream/tcp: update ack handling logic

author Eric Leblond <el@stamus-networks.com>

Fri, 28 May 2021 10:19:19 +0000 (12:19 +0200)

committer Victor Julien <vjulien@oisf.net>

Wed, 1 Mar 2023 14:15:40 +0000 (15:15 +0100)
author Eric Leblond <el@stamus-networks.com>
Fri, 28 May 2021 10:19:19 +0000 (12:19 +0200)
committer Victor Julien <vjulien@oisf.net>
Wed, 1 Mar 2023 14:15:40 +0000 (15:15 +0100)
diff --git a/src/stream-tcp.c b/src/stream-tcp.c

index 8b5be8669b9e02bac39e8ebfbf9c5dfb3ba6ad48..b6d43e3194cdb76fe77f4277872e9617df5a2fb0 100644 (file)
--- a/src/stream-tcp.c
+++ b/src/stream-tcp.c
@@ -2367,7 +2367,8 @@ static int HandleEstablishedPacketToServer(ThreadVars *tv, TcpSession *ssn, Pack
                      ssn->server.window);
  
          /* Check if the ACK value is sane and inside the window limit */
-        StreamTcpUpdateLastAck(ssn, &ssn->server, TCP_GET_ACK(p));
+        if (p->tcph->th_flags & TH_ACK)
+            StreamTcpUpdateLastAck(ssn, &ssn->server, TCP_GET_ACK(p));
          SCLogDebug("ack %u last_ack %u next_seq %u", TCP_GET_ACK(p), ssn->server.last_ack, ssn->server.next_seq);
  
          if (ssn->flags & STREAMTCP_FLAG_TIMESTAMP) {
@@ -2521,7 +2522,8 @@ static int HandleEstablishedPacketToClient(ThreadVars *tv, TcpSession *ssn, Pack
          SCLogDebug("ssn %p: ssn->client.window %"PRIu32"", ssn,
                      ssn->client.window);
  
-        StreamTcpUpdateLastAck(ssn, &ssn->client, TCP_GET_ACK(p));
+        if (p->tcph->th_flags & TH_ACK)
+            StreamTcpUpdateLastAck(ssn, &ssn->client, TCP_GET_ACK(p));
  
          if (ssn->flags & STREAMTCP_FLAG_TIMESTAMP) {
              StreamTcpHandleTimestamp(ssn, p);
@@ -2830,7 +2832,8 @@ static int StreamTcpHandleFin(ThreadVars *tv, StreamTcpThread *stt,
                      ssn->client.next_seq);
          ssn->server.window = TCP_GET_WINDOW(p) << ssn->server.wscale;
  
-        StreamTcpUpdateLastAck(ssn, &ssn->server, TCP_GET_ACK(p));
+        if (p->tcph->th_flags & TH_ACK)
+            StreamTcpUpdateLastAck(ssn, &ssn->server, TCP_GET_ACK(p));
  
          if (ssn->flags & STREAMTCP_FLAG_TIMESTAMP) {
              StreamTcpHandleTimestamp(ssn, p);
@@ -2877,7 +2880,8 @@ static int StreamTcpHandleFin(ThreadVars *tv, StreamTcpThread *stt,
                      ssn->server.next_seq);
          ssn->client.window = TCP_GET_WINDOW(p) << ssn->client.wscale;
  
-        StreamTcpUpdateLastAck(ssn, &ssn->client, TCP_GET_ACK(p));
+        if (p->tcph->th_flags & TH_ACK)
+            StreamTcpUpdateLastAck(ssn, &ssn->client, TCP_GET_ACK(p));
  
          if (ssn->flags & STREAMTCP_FLAG_TIMESTAMP) {
              StreamTcpHandleTimestamp(ssn, p);
@@ -3110,7 +3114,8 @@ static int StreamTcpPacketStateFinWait1(ThreadVars *tv, Packet *p,
                  ssn->server.window = TCP_GET_WINDOW(p) << ssn->server.wscale;
              }
  
-            StreamTcpUpdateLastAck(ssn, &ssn->server, TCP_GET_ACK(p));
+            if (p->tcph->th_flags & TH_ACK)
+                StreamTcpUpdateLastAck(ssn, &ssn->server, TCP_GET_ACK(p));
  
              if (ssn->flags & STREAMTCP_FLAG_TIMESTAMP) {
                  StreamTcpHandleTimestamp(ssn, p);
@@ -3165,7 +3170,8 @@ static int StreamTcpPacketStateFinWait1(ThreadVars *tv, Packet *p,
                  ssn->client.window = TCP_GET_WINDOW(p) << ssn->client.wscale;
              }
  
-            StreamTcpUpdateLastAck(ssn, &ssn->client, TCP_GET_ACK(p));
+            if (p->tcph->th_flags & TH_ACK)
+                StreamTcpUpdateLastAck(ssn, &ssn->client, TCP_GET_ACK(p));
  
              if (ssn->flags & STREAMTCP_FLAG_TIMESTAMP) {
                  StreamTcpHandleTimestamp(ssn, p);
@@ -3448,7 +3454,8 @@ static int StreamTcpPacketStateFinWait2(ThreadVars *tv, Packet *p,
                  ssn->server.window = TCP_GET_WINDOW(p) << ssn->server.wscale;
              }
  
-            StreamTcpUpdateLastAck(ssn, &ssn->server, TCP_GET_ACK(p));
+            if (p->tcph->th_flags & TH_ACK)
+                StreamTcpUpdateLastAck(ssn, &ssn->server, TCP_GET_ACK(p));
  
              if (ssn->flags & STREAMTCP_FLAG_TIMESTAMP) {
                  StreamTcpHandleTimestamp(ssn, p);
@@ -3502,7 +3509,8 @@ static int StreamTcpPacketStateFinWait2(ThreadVars *tv, Packet *p,
                  ssn->client.window = TCP_GET_WINDOW(p) << ssn->client.wscale;
              }
  
-            StreamTcpUpdateLastAck(ssn, &ssn->client, TCP_GET_ACK(p));
+            if (p->tcph->th_flags & TH_ACK)
+                StreamTcpUpdateLastAck(ssn, &ssn->client, TCP_GET_ACK(p));
  
              if (ssn->flags & STREAMTCP_FLAG_TIMESTAMP) {
                  StreamTcpHandleTimestamp(ssn, p);
@@ -3919,7 +3927,8 @@ static int StreamTcpPacketStateCloseWait(ThreadVars *tv, Packet *p,
              if (!retransmission)
                  ssn->server.window = TCP_GET_WINDOW(p) << ssn->server.wscale;
  
-            StreamTcpUpdateLastAck(ssn, &ssn->server, TCP_GET_ACK(p));
+            if (p->tcph->th_flags & TH_ACK)
+                StreamTcpUpdateLastAck(ssn, &ssn->server, TCP_GET_ACK(p));
  
              if (ssn->flags & STREAMTCP_FLAG_TIMESTAMP) {
                  StreamTcpHandleTimestamp(ssn, p);
@@ -3971,7 +3980,8 @@ static int StreamTcpPacketStateCloseWait(ThreadVars *tv, Packet *p,
                  ssn->client.window = TCP_GET_WINDOW(p) << ssn->client.wscale;
              }
  
-            StreamTcpUpdateLastAck(ssn, &ssn->client, TCP_GET_ACK(p));
+            if (p->tcph->th_flags & TH_ACK)
+                StreamTcpUpdateLastAck(ssn, &ssn->client, TCP_GET_ACK(p));
  
              if (ssn->flags & STREAMTCP_FLAG_TIMESTAMP) {
                  StreamTcpHandleTimestamp(ssn, p);
author	Eric Leblond <el@stamus-networks.com>
	Fri, 28 May 2021 10:19:19 +0000 (12:19 +0200)
committer	Victor Julien <vjulien@oisf.net>
	Wed, 1 Mar 2023 14:15:40 +0000 (15:15 +0100)