DebugMessage(DEBUG_STREAM, "pruning stale flow\n");
flow->ssn_state.session_flags |= SSNFLAG_TIMEDOUT;
- release(flow, PruneReason::TIMEOUT);
+ release(flow, PruneReason::IDLE);
++pruned;
flow = static_cast<Flow*>(hash_table->first());
DebugMessage(DEBUG_STREAM, "retiring stale flow\n");
flow->ssn_state.session_flags |= SSNFLAG_TIMEDOUT;
- release(flow, PruneReason::TIMEOUT);
+ release(flow, PruneReason::IDLE);
++retired;
while ( auto flow = static_cast<Flow*>(hash_table->first()) )
{
- release(flow, PruneReason::PURGE);
+ release(flow, PruneReason::NONE);
++retired;
}
Flow* find(const FlowKey*);
Flow* get(const FlowKey*);
- int release(Flow*, PruneReason = PruneReason::USER, bool do_cleanup = true);
+ int release(Flow*, PruneReason = PruneReason::NONE, bool do_cleanup = true);
unsigned prune_unis();
unsigned prune_stale(uint32_t thetime, const Flow* save_me);
{ return config.max_sessions; }
PegCount get_total_prunes() const
- { return prune_stats.get_total() - prune_stats.get(PruneReason::PURGE); }
+ { return prune_stats.get_total(); }
PegCount get_prunes(PruneReason reason) const
{ return prune_stats.get(reason); }
Flow* flow = cache->find(key);
if ( flow )
- // FIXIT-L prune reason was actually HA sync
- cache->release(flow, PruneReason::USER);
+ cache->release(flow, PruneReason::HA);
}
void FlowControl::delete_flow(Flow* flow, PruneReason reason)
#include "framework/counts.h"
-// FIXIT-L we can probably fiddle with these breakdowns
enum class PruneReason : uint8_t
{
- // FIXIT-L do we want to count purges? yes
- PURGE = 0,
- TIMEOUT,
+ IDLE,
EXCESS,
UNI,
PREEMPTIVE,
MEMCAP,
- USER,
+ HA,
+ NONE,
MAX
};
inline PegCount PruneStats::get_total() const
{
PegCount total = 0;
- for ( reason_t i = 0; i < static_cast<reason_t>(PruneReason::MAX); ++i )
+ for ( reason_t i = 0; i < static_cast<reason_t>(PruneReason::NONE); ++i )
total += prunes[i];
return total;
#define PROTO_PEGS(proto_str) \
{ proto_str " flows", "total " proto_str " sessions" }, \
{ proto_str " total prunes", "total " proto_str " sessions pruned" }, \
- { proto_str " timeout prunes", proto_str " sessions pruned due to timeout" }, \
+ { proto_str " idle prunes", proto_str " sessions pruned due to timeout" }, \
{ proto_str " excess prunes", proto_str " sessions pruned due to excess" }, \
{ proto_str " uni prunes", proto_str " uni sessions pruned" }, \
{ proto_str " preemptive prunes", proto_str " sessions pruned during preemptive pruning" }, \
{ proto_str " memcap prunes", proto_str " sessions pruned due to memcap" }, \
- { proto_str " user prunes", proto_str " sessions pruned for other reasons" }
+ { proto_str " ha prunes", proto_str " sessions pruned by high availability sync" }
#define SET_PROTO_COUNTS(proto, pkttype) \
stream_base_stats.proto ## _flows = flow_con->get_flows(PktType::pkttype); \
stream_base_stats.proto ## _total_prunes = flow_con->get_total_prunes(PktType::pkttype), \
stream_base_stats.proto ## _timeout_prunes = \
- flow_con->get_prunes(PktType::pkttype, PruneReason::TIMEOUT), \
+ flow_con->get_prunes(PktType::pkttype, PruneReason::IDLE), \
stream_base_stats.proto ## _excess_prunes = \
flow_con->get_prunes(PktType::pkttype, PruneReason::EXCESS), \
stream_base_stats.proto ## _uni_prunes = \
flow_con->get_prunes(PktType::pkttype, PruneReason::PREEMPTIVE), \
stream_base_stats.proto ## _memcap_prunes = \
flow_con->get_prunes(PktType::pkttype, PruneReason::MEMCAP), \
- stream_base_stats.proto ## _user_prunes = \
- flow_con->get_prunes(PktType::pkttype, PruneReason::USER)
+ stream_base_stats.proto ## _ha_prunes = \
+ flow_con->get_prunes(PktType::pkttype, PruneReason::HA)
// FIXIT-L dependency on stats define in another file
const PegInfo base_pegs[] =
PegCount proto ## _uni_prunes; \
PegCount proto ## _preemptive_prunes; \
PegCount proto ## _memcap_prunes; \
- PegCount proto ## _user_prunes
+ PegCount proto ## _ha_prunes
struct BaseStats
{
static void IcmpSessionCleanup(Flow* ssn)
{
- if (ssn->ssn_state.session_flags & SSNFLAG_PRUNED)
- icmpStats.prunes++;
-
- else if (ssn->ssn_state.session_flags & SSNFLAG_TIMEDOUT)
- icmpStats.timeouts++;
-
if ( ssn->ssn_state.session_flags & SSNFLAG_SEEN_SENDER )
icmpStats.released++;
else
{
release_tracker(ft);
+ p->flow->session_state |= STREAM_STATE_CLOSED;
}
}
}
const PegInfo ip_pegs[] =
{
SESSION_PEGS("ip"),
- { "total", "total fragments" },
- { "current", "current fragments" },
+ { "total frags", "total fragments" },
+ { "current frags", "current fragments" },
{ "max frags", "max fragments" },
{ "reassembled", "reassembled datagrams" },
{ "discards", "fragments discarded" },
d->cleanup(tracker);
}
- if ( lws->ssn_state.session_flags & SSNFLAG_TIMEDOUT )
- ip_stats.timeouts++;
-
- else if ( lws->ssn_state.session_flags & SSNFLAG_PRUNED )
- ip_stats.prunes++;
-
ip_stats.released++;
lws->restart();
}
if ( Stream::expired_flow(flow, p) )
{
+ ip_stats.timeouts++;
IpSessionCleanup(flow, &tracker);
#ifdef ENABLE_EXPECTED_IP
if (flow->session_state & STREAM_STATE_CLOSED)
{
assert(flow_con);
- // FIXIT-L prune reason was actually 'closed'
- flow_con->delete_flow(flow, PruneReason::USER);
+ flow_con->delete_flow(flow, PruneReason::NONE);
p->flow = nullptr;
}
}
#include "detection/detection_util.h"
#include "hash/sfxhash.h"
#include "utils/util.h"
+#include "utils/util_net.h"
#include "utils/sflsq.h"
#include "time/packet_time.h"
#include "perf_monitor/flow_ip_tracker.h"
else
return;
- if ( flow->get_session_flags() & SSNFLAG_PRUNED )
- tcpStats.prunes++;
-
- else if ( flow->get_session_flags() & SSNFLAG_TIMEDOUT )
- tcpStats.timeouts++;
-
update_perf_base_state(TcpStreamTracker::TCP_CLOSED);
if ( restart )
trk.session->update_session_on_rst(tsd, true);
trk.session->update_perf_base_state(TcpStreamTracker::TCP_CLOSING);
trk.session->set_pkt_action_flag(ACTION_RST);
+ tsd.get_pkt()->flow->session_state |= STREAM_STATE_CLOSED;
}
else
{
trk.session->update_session_on_rst(tsd, true);
trk.session->update_perf_base_state(TcpStreamTracker::TCP_CLOSING);
trk.session->set_pkt_action_flag(ACTION_RST);
+ tsd.get_pkt()->flow->session_state |= STREAM_STATE_CLOSED;
}
else
{
trk.session->update_session_on_rst(tsd, true);
trk.session->update_perf_base_state(TcpStreamTracker::TCP_CLOSING);
trk.session->set_pkt_action_flag(ACTION_RST);
+ tsd.get_pkt()->flow->session_state |= STREAM_STATE_CLOSED;
}
else
{
trk.session->update_session_on_rst(tsd, true);
trk.session->update_perf_base_state(TcpStreamTracker::TCP_CLOSING);
trk.session->set_pkt_action_flag(ACTION_RST);
+ tsd.get_pkt()->flow->session_state |= STREAM_STATE_CLOSED;
}
else
{
static void UdpSessionCleanup(Flow* lwssn)
{
- if (lwssn->ssn_state.session_flags & SSNFLAG_PRUNED)
- udpStats.prunes++;
-
- else if (lwssn->ssn_state.session_flags & SSNFLAG_TIMEDOUT)
- udpStats.timeouts++;
-
if ( lwssn->ssn_state.session_flags & SSNFLAG_SEEN_SENDER )
udpStats.released++;
}
// Should be done before we do something with the packet...
if ( Stream::expired_flow(flow, p) )
{
+ udpStats.timeouts++;
UdpSessionCleanup(flow);
flow->restart();
flow->ssn_state.session_flags |= SSNFLAG_SEEN_SENDER;
projects / thirdparty / snort3.git / commitdiff
