flow/stream: xfer noinspect flags to pseudo pkts

Set noinspection flags for payloads and packets on flow and stream
pseudo packets. Without these, the pseudo packets could trigger
inspection even though this was disabled for a flow.

diff --git a/src/flow-timeout.c b/src/flow-timeout.c
index b18007939e3b9487676cca760115e70b20383f3c..534875c68b289f79731d1d3f558d7f2d7cacb8d4 100644 (file)
--- a/src/flow-timeout.c
+++ b/src/flow-timeout.c
@@ -87,6 +87,14 @@ static inline Packet *FlowForceReassemblyPseudoPacketSetup(Packet *p,
     p->flags |= PKT_STREAM_EOF;
     p->flags |= PKT_HAS_FLOW;
     p->flags |= PKT_PSEUDO_STREAM_END;
+
+    if (f->flags & FLOW_NOPACKET_INSPECTION) {
+        DecodeSetNoPacketInspectionFlag(p);
+    }
+    if (f->flags & FLOW_NOPAYLOAD_INSPECTION) {
+        DecodeSetNoPayloadInspectionFlag(p);
+    }
+
     if (direction == 0)
         p->flowflags |= FLOW_PKT_TOSERVER;
     else

diff --git a/src/stream-tcp.c b/src/stream-tcp.c
index c810ea75c0a187c6749c270cbc4368201b32fb19..88fe40d4bed552c5eea72f273023b44197bc8df3 100644 (file)
--- a/src/stream-tcp.c
+++ b/src/stream-tcp.c
@@ -5836,6 +5836,13 @@ void StreamTcpPseudoPacketCreateStreamEndPacket(ThreadVars *tv, StreamTcpThread
     np->flags |= PKT_HAS_FLOW;
     np->flags |= PKT_PSEUDO_STREAM_END;
 
+    if (p->flags & PKT_NOPACKET_INSPECTION) {
+        DecodeSetNoPacketInspectionFlag(np);
+    }
+    if (p->flags & PKT_NOPAYLOAD_INSPECTION) {
+        DecodeSetNoPayloadInspectionFlag(np);
+    }
+
     if (PKT_IS_TOSERVER(p)) {
         SCLogDebug("original is to_server, so pseudo is to_client");
         np->flowflags &= ~FLOW_PKT_TOSERVER;