stream-tcp: add counters for midstream pickups

If midstream pickups are enabled this will help in discovering how
many midstream pickups are being done by Suricata.

diff --git a/src/stream-tcp.c b/src/stream-tcp.c
index bfa15caf3d0d207fca9778527c96f76bb109cbd3..c25978e079191dcdf47eb8232edacfa5431515ab 100644 (file)
--- a/src/stream-tcp.c
+++ b/src/stream-tcp.c
@@ -921,6 +921,7 @@ static int StreamTcpPacketStateNone(ThreadVars *tv, Packet *p,
                 return -1;
             }
             StatsIncr(tv, stt->counter_tcp_sessions);
+            StatsIncr(tv, stt->counter_tcp_midstream_pickups);
         }
         /* set the state */
         StreamTcpPacketSetState(p, ssn, TCP_SYN_RECV);
@@ -1065,6 +1066,7 @@ static int StreamTcpPacketStateNone(ThreadVars *tv, Packet *p,
                 return -1;
             }
             StatsIncr(tv, stt->counter_tcp_sessions);
+            StatsIncr(tv, stt->counter_tcp_midstream_pickups);
         }
         /* set the state */
         StreamTcpPacketSetState(p, ssn, TCP_ESTABLISHED);
@@ -5040,6 +5042,7 @@ TmEcode StreamTcpThreadInit(ThreadVars *tv, void *initdata, void **data)
     stt->counter_tcp_syn = StatsRegisterCounter("tcp.syn", tv);
     stt->counter_tcp_synack = StatsRegisterCounter("tcp.synack", tv);
     stt->counter_tcp_rst = StatsRegisterCounter("tcp.rst", tv);
+    stt->counter_tcp_midstream_pickups = StatsRegisterCounter("tcp.midstream_pickups", tv);
 
     /* init reassembly ctx */
     stt->ra_ctx = StreamTcpReassembleInitThreadCtx(tv);

diff --git a/src/stream-tcp.h b/src/stream-tcp.h
index 16c6b455b782d3164586d543b59e58908c1bf9d8..4c06d93b38067dd91b8a3a624a46c0772f758893 100644 (file)
--- a/src/stream-tcp.h
+++ b/src/stream-tcp.h
@@ -94,6 +94,8 @@ typedef struct StreamTcpThread_ {
     uint16_t counter_tcp_synack;
     /** rst pkts */
     uint16_t counter_tcp_rst;
+    /** midstream pickups */
+    uint16_t counter_tcp_midstream_pickups;
 
     /** tcp reassembly thread data */
     TcpReassemblyThreadCtx *ra_ctx;