Squashed commit of the following:
commit
f8e17fe8506a9787e26d19b613c3b1fdc37f0b0c
Author: Steve Chew <stechew@cisco.com>
Date: Fri May 1 17:26:58 2020 -0400
flow: If a retry packet does not belong to a flow, block it.
if ( type != PktType::TCP )
return true;
+ if ( p->is_retry() )
+ {
+ // Do not start a new flow from a retry packet.
+ p->active->drop_packet(p);
+ p->disable_inspect = true;
+ return false;
+ }
+
if ( p->ptrs.tcph->is_rst() )
// guessing direction based on ports is misleading
return false;
THREAD_LOCAL PacketTracer* snort::s_pkt_trace = nullptr;
+void Active::drop_packet(snort::Packet const*, bool) { }
PacketTracer::PacketTracer() { }
PacketTracer::~PacketTracer() { }
void PacketTracer::log(const char*, ...) { }
THREAD_LOCAL PacketTracer* snort::s_pkt_trace = nullptr;
+void Active::drop_packet(snort::Packet const*, bool) { }
PacketTracer::PacketTracer() = default;
PacketTracer::~PacketTracer() = default;
void PacketTracer::log(const char*, ...) { }
projects / thirdparty / snort3.git / commitdiff
