From: Cynthia Leonard (cyleonar) Date: Fri, 16 Oct 2020 18:54:26 +0000 (+0000) Subject: Merge pull request #2554 in SNORT/snort3 from ~PUNEETKU/snort3:vrf_same_ip to master X-Git-Tag: 3.0.3-3~11 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=21fe91b1597b8830fbb5c70874f2a34569e52628;p=thirdparty%2Fsnort3.git Merge pull request #2554 in SNORT/snort3 from ~PUNEETKU/snort3:vrf_same_ip to master Squashed commit of the following: commit ac3e739769eacb12b31ca004b1ec2caea5ca5e8e Author: Puneeth Kumar C V Date: Fri Oct 16 01:29:39 2020 -0400 Revert "Merge pull request #2541 in SNORT/snort3 from ~PUNEETKU/snort3:vrf_same_ip to master" This reverts commit 09e1a0e14d0c4db64dbcd20f8899a9b9c45b7524. --- diff --git a/src/codecs/ip/cd_ipv4.cc b/src/codecs/ip/cd_ipv4.cc index cc40195cd..3d63e9ac4 100644 --- a/src/codecs/ip/cd_ipv4.cc +++ b/src/codecs/ip/cd_ipv4.cc @@ -124,7 +124,7 @@ public: private: bool valid_checksum_from_daq(const RawData&); - void IP4AddrTests(const ip::IP4Hdr*, const RawData&, const CodecData&, DecodeData&); + void IP4AddrTests(const ip::IP4Hdr*, const CodecData&, DecodeData&); void IPMiscTests(const ip::IP4Hdr* const ip4h, const CodecData& codec, uint16_t len); void DecodeIPOptions(const uint8_t* start, uint8_t& o_len, CodecData& data); }; @@ -255,7 +255,7 @@ bool Ipv4Codec::decode(const RawData& raw, CodecData& codec, DecodeData& snort) /* * IP Header tests: Land attack, and Loop back test */ - IP4AddrTests(iph, raw, codec, snort); + IP4AddrTests(iph, codec, snort); if (snort::get_network_policy()->ip_checksums() && !valid_checksum_from_daq(raw)) { @@ -358,23 +358,14 @@ bool Ipv4Codec::decode(const RawData& raw, CodecData& codec, DecodeData& snort) } void Ipv4Codec::IP4AddrTests( - const ip::IP4Hdr* iph, const RawData& raw, const CodecData& codec, - DecodeData& snort) + const ip::IP4Hdr* iph, const CodecData& codec, DecodeData& snort) { uint8_t msb_src, msb_dst; // check all 32 bits ... if ( iph->ip_src == iph->ip_dst ) { - const DAQ_PktHdr_t* pkth = daq_msg_get_pkthdr(raw.daq_msg); - - if ( pkth->flags & DAQ_PKT_FLAG_SIGNIFICANT_GROUPS ) - { - if ( pkth->ingress_group == pkth->egress_group ) - codec_event(codec, DECODE_BAD_TRAFFIC_SAME_SRCDST); - } - else - codec_event(codec, DECODE_BAD_TRAFFIC_SAME_SRCDST); + codec_event(codec, DECODE_BAD_TRAFFIC_SAME_SRCDST); } // check all 32 bits ... diff --git a/src/codecs/ip/cd_ipv6.cc b/src/codecs/ip/cd_ipv6.cc index 6989aa275..90950b0f6 100644 --- a/src/codecs/ip/cd_ipv6.cc +++ b/src/codecs/ip/cd_ipv6.cc @@ -103,7 +103,7 @@ private: void IPV6CheckIsatap(const ip::IP6Hdr* const, const DecodeData&, const CodecData&); - void IPV6MiscTests(const RawData&, const DecodeData&, const CodecData&); + void IPV6MiscTests(const DecodeData&, const CodecData&); void CheckIPV6Multicast(const ip::IP6Hdr* const, const CodecData&); bool CheckTeredoPrefix(const ip::IP6Hdr* const hdr); }; @@ -213,7 +213,7 @@ bool Ipv6Codec::decode(const RawData& raw, CodecData& codec, DecodeData& snort) snort.ip_api.update(real_src, real_dst); } - IPV6MiscTests(raw, snort, codec); + IPV6MiscTests(snort, codec); CheckIPV6Multicast(ip6h, codec); if (ip6h->is_valid_next_header() == false) @@ -251,8 +251,7 @@ void Ipv6Codec::IPV6CheckIsatap(const ip::IP6Hdr* const ip6h, } } -void Ipv6Codec::IPV6MiscTests(const RawData& raw, const DecodeData& snort, - const CodecData& codec) +void Ipv6Codec::IPV6MiscTests(const DecodeData& snort, const CodecData& codec) { const SfIp* ip_src = snort.ip_api.get_src(); const SfIp* ip_dst = snort.ip_api.get_dst(); @@ -264,15 +263,7 @@ void Ipv6Codec::IPV6MiscTests(const RawData& raw, const DecodeData& snort, */ if (ip_src->fast_eq6(*ip_dst)) { - const DAQ_PktHdr_t* pkth = daq_msg_get_pkthdr(raw.daq_msg); - - if (pkth->flags & DAQ_PKT_FLAG_SIGNIFICANT_GROUPS) - { - if (pkth->ingress_group == pkth->egress_group) - codec_event(codec, DECODE_BAD_TRAFFIC_SAME_SRCDST); - } - else - codec_event(codec, DECODE_BAD_TRAFFIC_SAME_SRCDST); + codec_event(codec, DECODE_BAD_TRAFFIC_SAME_SRCDST); } if (ip_src->is_loopback() || ip_dst->is_loopback())