Merge pull request #1389 in SNORT/snort3 from snort2lua_max_pdu to master

Squashed commit of the following:

commit 0980c0545ecaae8fc48fa36cc88f3bb18c20ccd1
Author: Steven Baigal <sbaigal@cisco.com>
Date:   Fri Oct 12 13:11:00 2018 -0400

    snort2lua: fixed paf_max to stream_tcp.max_pdu convertion

diff --git a/tools/snort2lua/config_states/config_paf_max.cc b/tools/snort2lua/config_states/config_paf_max.cc
index 92a667bc5948e1a41370fd0ecf94786fe023dfd1..0bcfa111e0652d0f0d7299d257304b4d72fa6d4e 100644 (file)
--- a/tools/snort2lua/config_states/config_paf_max.cc
+++ b/tools/snort2lua/config_states/config_paf_max.cc
@@ -42,34 +42,15 @@ bool PafMax::convert(std::istringstream& data_stream)
 
     if (data_stream >> val)
     {
-        // FIXIT-H this is a hack to ensure max_pdu is in every configuration
-        // file and does not overwrite the stream_tcp table
-
-#if 0
         table_api.open_table("stream_tcp");
 
         if (val < 1460)
-        {
-            table_api.add_diff_option_comment("paf_max [0:63780]", "max_pdu [1460:63780]");
             val = 1460;
-        }
-
-        table_api.add_option("max_pdu", val);
-        table_api.close_table();
-#else
-
-        if (val < 1460)
-        {
-            data_api.add_comment("option change: 'paf_max [0:63780]' --> 'max_pdu [1460:32768]'");
-            val = 1460;
-        }
         else if (val > 32768)
-        {
-            data_api.add_comment("option change: 'paf_max [0:63780]' --> 'max_pdu [1460:32768]'");
             val = 32768;
-        }
-        data_api.add_comment("stream_tcp.max_pdu = " + std::to_string(val));
-#endif
+        table_api.add_option("max_pdu", val);
+        table_api.add_diff_option_comment("paf_max [0:63780]", "max_pdu [1460:32768]");
+        table_api.close_table();
 
         if (!(data_stream >> val))
             return true;

diff --git a/tools/snort2lua/helpers/converter.cc b/tools/snort2lua/helpers/converter.cc
index 709398c609963fdc3ef9f4780736c2eae1ca4a58..bde6f8891b89f096ab1f8a06aae5e7c4952f3de2 100644 (file)
--- a/tools/snort2lua/helpers/converter.cc
+++ b/tools/snort2lua/helpers/converter.cc
@@ -43,6 +43,7 @@ TableDelegation table_delegation =
     { "ips", true },
     { "network", true },
     { "normalizer", true},
+    { "stream_tcp", true},
 };
 
 std::string Converter::ips_pattern;

diff --git a/tools/snort2lua/preprocessor_states/pps_stream5_tcp.cc b/tools/snort2lua/preprocessor_states/pps_stream5_tcp.cc
index fc8f054e678aafc3db800b84373db29bf4cbc3d7..fcc5c67094788bca58250aceabc5bf10fdb618d8 100644 (file)
--- a/tools/snort2lua/preprocessor_states/pps_stream5_tcp.cc
+++ b/tools/snort2lua/preprocessor_states/pps_stream5_tcp.cc
@@ -363,9 +363,11 @@ bool StreamTcp::convert(std::istringstream& data_stream)
         {
             table_api.add_diff_option_comment("use_static_footprint_sizes",
                 "stream.footprint = 192");
+            table_api.close_table();
             table_api.open_top_level_table("stream");
             table_api.add_option("footprint", 192);
             table_api.close_table();
+            table_api.open_table("stream_tcp");
         }
         else if (keyword == "timeout")
         {