if ( p->ptrs.decode_flags & DECODE_ERR_FLAGS )
{
- if ( p->context->conf->inline_mode() and
+ if ( p->context->conf->ips_inline_mode() and
snort::get_network_policy()->checksum_drops(p->ptrs.decode_flags &
DECODE_ERR_CKSUM_ALL) )
{
static bool replace_ok(const SnortConfig* sc)
{
- if ( sc->inline_mode() and SFDAQ::can_replace() )
+ if ( sc->ips_inline_mode() and SFDAQ::can_replace() )
return true;
static THREAD_LOCAL bool warned = false;
daq_stats.internal_blacklist++;
verdict = DAQ_VERDICT_BLOCK;
}
- else if ( p->context->conf->inline_mode() || act->packet_force_dropped() )
+ else if ( p->context->conf->ips_inline_mode() || act->packet_force_dropped() )
verdict = DAQ_VERDICT_BLACKLIST;
else
verdict = DAQ_VERDICT_IGNORE;
bool read_mode() const
{ return run_flags & RUN_FLAG__READ; }
- bool inline_mode() const
+ bool ips_inline_mode() const
{ return get_ips_policy()->policy_mode == POLICY_MODE__INLINE; }
- bool inline_test_mode() const
+ bool ips_inline_test_mode() const
{ return get_ips_policy()->policy_mode == POLICY_MODE__INLINE_TEST; }
- bool passive_mode() const
+ bool nap_inline_mode() const
+ { return get_inspection_policy()->policy_mode == POLICY_MODE__INLINE; }
+
+ bool ips_passive_mode() const
{ return get_ips_policy()->policy_mode == POLICY_MODE__PASSIVE; }
bool show_file_codes() const
void Active::update_status_actionable(const Packet* p)
{
- if ( p->context->conf->inline_mode() )
+ if ( p->context->conf->ips_inline_mode() )
{
if ( !SFDAQ::forwarding_packet(p->pkth) )
{
active_would_reason = WHD_INTERFACE_IDS;
}
}
- else if ( p->context->conf->inline_test_mode() )
+ else if ( p->context->conf->ips_inline_test_mode() )
{
active_status = AST_WOULD;
active_would_reason = WHD_IPS_INLINE_TEST;
}
- else if ( p->context->conf->passive_mode() )
+ else if ( p->context->conf->ips_passive_mode() )
{
active_status = AST_WOULD;
active_would_reason = WHD_INTERFACE_IDS;
active_action = ACT_BLOCK;
update_status(p, force);
- if ( force or (p->context->conf->inline_mode() and SFDAQ::forwarding_packet(p->pkth)))
+ if ( force or (p->context->conf->ips_inline_mode() and SFDAQ::forwarding_packet(p->pkth)))
Stream::block_flow(p);
p->disable_inspect = true;
active_action = ACT_RESET;
update_status(p, force);
- if ( force or (p->context->conf->inline_mode() and SFDAQ::forwarding_packet(p->pkth)) )
+ if ( force or (p->context->conf->ips_inline_mode() and SFDAQ::forwarding_packet(p->pkth)) )
Stream::drop_flow(p);
if (reject)
ma_pseudo_tcph.th_urp = 0;
// init meta-ack Packet fields stream cares about for TCP ack processing
+ pkt->pkth = p->pkth;
+ pkt->ptrs = p->ptrs;
+ pkt->ptrs.ip_api.set(*p->ptrs.ip_api.get_dst(), *p->ptrs.ip_api.get_src());
+ pkt->active = p->active_inst;
+ if( p->is_from_client() )
+ {
+ pkt->packet_flags = PKT_FROM_SERVER;
+ }
+ else
+ {
+ pkt->packet_flags = PKT_FROM_CLIENT;
+ }
pkt->flow = p->flow;
pkt->context = p->context;
pkt->dsize = 0;
}
void TcpSegmentDescriptor::setup()
-{ ma_pseudo_packet = new Packet(false); }
+{
+ ma_pseudo_packet = new Packet(false);
+}
void TcpSegmentDescriptor::clear()
{
pkt->packet_flags |= PKT_RETRANSMIT;
}
+
static void setup();
static void clear();
- bool is_policy_inline()
- { return pkt->context->conf->inline_mode(); }
+ bool is_ips_policy_inline()
+ { return pkt->context->conf->ips_inline_mode(); }
+
+ bool is_nap_policy_inline()
+ { return pkt->context->conf->nap_inline_mode(); }
uint32_t init_mss(uint16_t* value);
uint32_t init_wscale(uint16_t* value);
if ( space_left < (int32_t)tsd.get_len() )
{
tcpStats.exceeded_max_bytes++;
- bool inline_mode = tsd.is_policy_inline();
+ bool inline_mode = tsd.is_nap_policy_inline();
bool ret_val = true;
if ( space_left > 0 )
if ( listener->reassembler.get_seg_count() + 1 > tcp_config->max_queued_segs )
{
tcpStats.exceeded_max_segs++;
- bool inline_mode = tsd.is_policy_inline();
+ bool inline_mode = tsd.is_nap_policy_inline();
if ( inline_mode )
{
{
TcpStreamTracker* listener = tsd.get_listener();
- if ( tsd.is_policy_inline() )
+ if ( tsd.is_nap_policy_inline() )
if ( tsd.get_tcph()->is_ack() && !listener->is_ack_valid(tsd.get_ack()) )
{
listener->normalizer.packet_dropper(tsd, NORM_TCP_BLOCK);
projects / thirdparty / snort3.git / commitdiff
