if (ssn->flags & STREAMTCP_FLAG_TCP_FAST_OPEN) {
jb_append_string(jb, "tcp_fast_open");
}
+ if (ssn->flags & STREAMTCP_FLAG_TFO_DATA_IGNORED) {
+ jb_append_string(jb, "tfo_data_ignored");
+ }
jb_close(jb);
jb_close(jb);
}
#define STREAMTCP_FLAG_BYPASS BIT_U32(14)
/** SSN uses TCP Fast Open */
#define STREAMTCP_FLAG_TCP_FAST_OPEN BIT_U32(15)
+/** SYN/ACK ignored the data while ACKing the SYN */
+#define STREAMTCP_FLAG_TFO_DATA_IGNORED BIT_U32(16)
/*
* Per STREAM flags
SCLogDebug("ssn %p: (TFO) ACK matches ISN+1, packet ACK %" PRIu32 " == "
"%" PRIu32 " from stream",
ssn, TCP_GET_ACK(p), ssn->client.isn + 1);
- ssn->client.next_seq = ssn->client.isn;
+ ssn->client.next_seq = ssn->client.isn; // reset to ISN
SCLogDebug("ssn %p: (TFO) next_seq reset to isn (%u)", ssn, ssn->client.next_seq);
StreamTcpSetEvent(p, STREAM_3WHS_SYNACK_TFO_DATA_IGNORED);
+ ssn->flags |= STREAMTCP_FLAG_TFO_DATA_IGNORED;
} else {
StreamTcpSetEvent(p, STREAM_3WHS_SYNACK_WITH_WRONG_ACK);
SCLogDebug("ssn %p: (TFO) ACK mismatch, packet ACK %" PRIu32 " != "
SCLogDebug("steam starter packet %" PRIu64 ", ssn %p null. Reuse.", p->pcap_cnt, ssn);
return 1;
}
+ if (ssn->flags & STREAMTCP_FLAG_TFO_DATA_IGNORED) {
+ SCLogDebug("steam starter packet %" PRIu64
+ ", ssn %p. STREAMTCP_FLAG_TFO_DATA_IGNORED set. Reuse.",
+ p->pcap_cnt, ssn);
+ return 1;
+ }
if (SEQ_EQ(ssn->client.isn, TCP_GET_SEQ(p))) {
SCLogDebug("steam starter packet %"PRIu64", ssn %p. Packet SEQ == Stream ISN. Retransmission. Don't reuse.", p->pcap_cnt, ssn);
return 0;
projects / thirdparty / suricata.git / commitdiff
