From: Victor Julien <victor@inliniac.net>
Date: Wed, 23 Dec 2020 14:55:19 +0000 (+0100)
Subject: flow/timeout: fix TCP seq/ack for reversed flows
X-Git-Tag: suricata-5.0.6~37
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=317e045163093defaef6abedaad8229cbf79da04;p=thirdparty%2Fsuricata.git

flow/timeout: fix TCP seq/ack for reversed flows

When a flow is swapped it also swaps the stream trackers, so it does
not make sense to reverse them during pseudo packet creation.

(cherry picked from commit 49bd1f85b99e8bd473ae28c6eb93510b2b3c7668)
---

diff --git a/src/flow-timeout.c b/src/flow-timeout.c
index c5dafb06f8..32063bc733 100644
--- a/src/flow-timeout.c
+++ b/src/flow-timeout.c
@@ -80,6 +80,7 @@ static inline Packet *FlowForceReassemblyPseudoPacketSetup(Packet *p,
                                                            Flow *f,
                                                            TcpSession *ssn)
 {
+    const int orig_dir = direction;
     p->tenant_id = f->tenant_id;
     p->datalink = DLT_RAW;
     p->proto = IPPROTO_TCP;
@@ -217,7 +218,7 @@ static inline Packet *FlowForceReassemblyPseudoPacketSetup(Packet *p,
     p->tcph->th_urp = 0;
 
     /* to server */
-    if (direction == 0) {
+    if (orig_dir == 0) {
         p->tcph->th_sport = htons(f->sp);
         p->tcph->th_dport = htons(f->dp);