From: Shawn Turner (shaturne) Date: Tue, 25 Oct 2016 19:09:39 +0000 (-0400) Subject: Merge pull request #687 in SNORT/snort3 from fix_129_4_fp to master X-Git-Tag: 3.0.0-233~211 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2321e68f0800f2bd474f2c8b9376361e4c7a5c77;p=thirdparty%2Fsnort3.git Merge pull request #687 in SNORT/snort3 from fix_129_4_fp to master Squashed commit of the following: commit 2e77716a5729b9cb060140fc871e582eb8ccc036 Author: Bhagya Tholpady Date: Mon Oct 24 13:19:39 2016 -0400 setup the trackers after the clearing of session due to expired session --- diff --git a/src/flow/flow_control.cc b/src/flow/flow_control.cc index 80a825a00..988233b08 100644 --- a/src/flow/flow_control.cc +++ b/src/flow/flow_control.cc @@ -407,6 +407,8 @@ unsigned FlowControl::process(Flow* flow, Packet* p) last_pkt_type = p->type(); preemptive_cleanup(); + flow->set_direction(p); + flow->session->precheck(p); if ( flow->flow_state != Flow::FlowState::SETUP ) set_policies(snort_conf, flow->policy_id); diff --git a/src/flow/session.h b/src/flow/session.h index 745c38226..535dcc8e9 100644 --- a/src/flow/session.h +++ b/src/flow/session.h @@ -39,6 +39,7 @@ public: virtual int process(Packet*) { return 0; } virtual void restart(Packet*) { } + virtual void precheck(Packet*) { } virtual void clear() = 0; virtual void cleanup() { clear(); } diff --git a/src/stream/tcp/tcp_session.cc b/src/stream/tcp/tcp_session.cc index f686dd871..fd590da87 100644 --- a/src/stream/tcp/tcp_session.cc +++ b/src/stream/tcp/tcp_session.cc @@ -1047,14 +1047,17 @@ void TcpSession::cleanup_session_if_expired(Packet* p) } } -bool TcpSession::do_packet_analysis_pre_checks(Packet* p, TcpSegmentDescriptor& tsd) +void TcpSession::precheck(Packet* p) { - if ( !is_flow_handling_packets(p) ) - return false; - // Check if the session is expired. Should be done before we do something with // the packet...Insert a packet, or handle state change SYN, FIN, RST, etc. cleanup_session_if_expired(p); +} + +bool TcpSession::do_packet_analysis_pre_checks(Packet* p, TcpSegmentDescriptor& tsd) +{ + if ( !is_flow_handling_packets(p) ) + return false; pkt_action_mask = ACTION_NOTHING; tel.clear_tcp_events(); diff --git a/src/stream/tcp/tcp_session.h b/src/stream/tcp/tcp_session.h index 9b8e56fb4..e9d8dfa3e 100644 --- a/src/stream/tcp/tcp_session.h +++ b/src/stream/tcp/tcp_session.h @@ -43,6 +43,7 @@ public: bool setup(Packet*) override; void restart(Packet* p) override; + void precheck(Packet* p) override; int process(Packet*) override; void flush() override; diff --git a/src/stream/tcp/test/tcp_normalizer_test.cc b/src/stream/tcp/test/tcp_normalizer_test.cc index 30bbfe688..17536cf01 100644 --- a/src/stream/tcp/test/tcp_normalizer_test.cc +++ b/src/stream/tcp/test/tcp_normalizer_test.cc @@ -48,6 +48,7 @@ bool TcpSession::setup(Packet*){ return true; } void TcpSession::update_direction(char, sfip_t const*, unsigned short){ } int TcpSession::process(Packet*){ return 0; } void TcpSession::restart(Packet*){ } +void TcpSession::precheck(Packet*){ } void TcpSession::clear(){ } void TcpSession::cleanup(){ } bool TcpSession::add_alert(Packet*, unsigned int, unsigned int){ return true; }