Merge pull request #1797 in SNORT/snort3 from ~POAWASTH/snort3:CSCvr33175 to master

Squashed commit of the following:

commit df59543a5e3e99bef9c809163c6030bdfb042796
Author: Pooja Awasthi <poawasth@cisco.com>
Date:   Fri Oct 11 06:07:32 2019 -0400

    high_availability:Disabling the inspection if the Flow state is BLOCK

diff --git a/src/flow/ha.cc b/src/flow/ha.cc
index 7466b96fa5f32b5bbab12c128c0e052a7728b200..93708ec99d66ca6b7584ab488a036fc89fb04b99 100644 (file)
--- a/src/flow/ha.cc
+++ b/src/flow/ha.cc
@@ -660,6 +660,12 @@ Flow* HighAvailability::process_daq_import(Packet& p, FlowKey& key)
             {
                 if (FlowKey::compare(&key, flow->key, 0) == 0)
                 {
+                    if (flow->flow_state == Flow::FlowState::BLOCK) 
+                    {   
+                        flow->disable_inspection();
+                        p.disable_inspect = true;
+                    }
+
                     // Clear the standby bit so that we don't immediately trigger a new data store
                     // FIXIT-L streamline the consume process so this doesn't have to be done here
                     flow->ha_state->clear(FlowHAState::STANDBY);