From: Michael Altizer (mialtize) Date: Tue, 9 Apr 2019 21:42:34 +0000 (-0400) Subject: Merge pull request #1531 in SNORT/snort3 from ~STECHEW/snort3:daq_retry3 to master X-Git-Tag: 3.0.0-252~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=37c76ac833ae5ae05bc2a5cac92b5ac3d466ff3e;p=thirdparty%2Fsnort3.git Merge pull request #1531 in SNORT/snort3 from ~STECHEW/snort3:daq_retry3 to master Squashed commit of the following: commit f33b4040c35afc9809a0b7902764d61d9b56a3c2 Author: Steve Chew Date: Wed Mar 27 02:02:59 2019 +0530 stream: set retransmit flag. commit 7de134a1caac546342abd0ed928a5b18ca9a6df4 Author: Steve Chew Date: Thu Mar 21 03:22:23 2019 +0530 u2spewfoo: update due to re-ording of retry action. commit 32361ffa3a697e41cbfae701d4ae11afc0a49ca0 Author: Steve Chew Date: Wed Mar 20 21:28:35 2019 +0530 packet_io: Due to re-ordering, need to add entry for retry in act_str. commit 8618472dadc2f160d801b12f80b3646e69354404 Author: Steve Chew Date: Tue Mar 19 06:37:12 2019 +0530 file_api: use timersub_ms, updates to packettracer logs. commit 01b6e4f2ace3a78568612e76784484a209320d89 Author: Steve Chew Date: Thu Mar 14 01:06:37 2019 +0530 packet_io: re-order ACT_RETRY to be before ACT_DROP. commit 092a415aa0ee3a4531341f3636586c7c9dd6435d Author: Steve Chew Date: Wed Mar 13 18:16:13 2019 +0530 file_api: use more generic form of timercmp and fix timersub call. commit 6a63b7f0b19dbe65106ae216fcd9bfdfbde4db93 Author: Steve Chew Date: Sat Mar 9 02:43:47 2019 +0530 file_api: If configured, reset session when lookup times out. commit 4d00d8ee8a082d8f72df12ca2d0d20c36c7d9cd1 Author: Steve Chew Date: Fri Mar 8 23:46:19 2019 +0530 file_api: Make expiration timers more granular. commit 67b047bcc5318c927472cd37384a06363f115c28 Author: Steve Chew Date: Wed Mar 6 22:39:51 2019 +0530 file_api: Add timer to limit how long we want for pending file lookup. commit 8580f1e4b427c58525de7dd2803e4bdaebe6c5a1 Author: Steve Chew Date: Fri Mar 1 06:56:57 2019 +0530 packet_io: Changes to allow daq retries to work properly. --- diff --git a/src/file_api/file_cache.cc b/src/file_api/file_cache.cc index 2fd43dee8..df1670329 100644 --- a/src/file_api/file_cache.cc +++ b/src/file_api/file_cache.cc @@ -28,6 +28,7 @@ #include "main/snort_config.h" #include "main/thread_config.h" #include "packet_io/active.h" +#include "packet_tracer/packet_tracer.h" #include "time/packet_time.h" #include "file_flows.h" @@ -43,9 +44,11 @@ static int file_cache_anr_free_func(void*, void* data) if (!node) return 0; - time_t now = packet_time(); + struct timeval now; + packet_gettimeofday(&now); + // only recycle expired nodes - if (now > node->expires) + if (timercmp(&node->cache_expire_time, &now, <)) { delete node->file; return 0; @@ -64,6 +67,15 @@ static int file_cache_free_func(void*, void* data) return 0; } +// Return the time in ms since we started waiting for pending file lookup. +static int64_t time_elapsed_ms(struct timeval* now, struct timeval* expire_time, int64_t lookup_timeout) +{ + if(!now or !now->tv_sec or !expire_time or !expire_time->tv_sec) + return 0; + + return lookup_timeout * 1000 + timersub_ms(now, expire_time); +} + FileCache::FileCache(int64_t max_files_cached) { max_files = max_files_cached; @@ -119,8 +131,12 @@ FileContext* FileCache::add(const FileHashKey& hashKey, int64_t timeout) * after that anyway because the file that * caused this will be gone. */ - time_t now = snort::packet_time(); - new_node.expires = now + timeout; + struct timeval now; + packet_gettimeofday(&now); + + struct timeval time_to_add = { timeout, 0 }; + timeradd(&now, &time_to_add, &new_node.cache_expire_time); + new_node.file = new FileContext; std::lock_guard lock(cache_mutex); @@ -161,15 +177,23 @@ FileContext* FileCache::find(const FileHashKey& hashKey, int64_t timeout) return nullptr; } - time_t now = packet_time(); - if (node->expires && now > node->expires) + struct timeval now; + packet_gettimeofday(&now); + + if (timercmp(&node->cache_expire_time, &now, <)) { xhash_free_node(fileHash, hash_node); return nullptr; } - if (node->expires < now + timeout) - node->expires = now + timeout; + struct timeval next_expire_time; + struct timeval time_to_add = { timeout, 0 }; + timeradd(&now, &time_to_add, &next_expire_time); + + // Refresh the timer on the cache. + if (timercmp(&node->cache_expire_time, &next_expire_time, <)) + node->cache_expire_time = next_expire_time; + return node->file; } @@ -232,13 +256,18 @@ int FileCache::store_verdict(Flow* flow, FileInfo* file, int64_t timeout) return 0; } -bool FileCache::apply_verdict(Packet* p, FileInfo* file, FileVerdict verdict, +bool FileCache::apply_verdict(Packet* p, FileContext* file_ctx, FileVerdict verdict, bool resume, FilePolicyBase* policy) { Flow* flow = p->flow; Active* act = p->active; + struct timeval now = {0, 0}; + struct timeval add_time; - file->verdict = verdict; + if (verdict != FILE_VERDICT_PENDING) + timerclear(&file_ctx->pending_expire_time); + + file_ctx->verdict = verdict; switch (verdict) { @@ -246,7 +275,7 @@ bool FileCache::apply_verdict(Packet* p, FileInfo* file, FileVerdict verdict, return false; case FILE_VERDICT_LOG: if (resume) - policy->log_file_action(flow, file, FILE_RESUME_LOG); + policy->log_file_action(flow, file_ctx, FILE_RESUME_LOG); return false; case FILE_VERDICT_BLOCK: // can't block session inside a session @@ -258,15 +287,63 @@ bool FileCache::apply_verdict(Packet* p, FileInfo* file, FileVerdict verdict, act->set_delayed_action(Active::ACT_RESET, true); break; case FILE_VERDICT_PENDING: - act->set_delayed_action(Active::ACT_DROP, true); - if (resume) - policy->log_file_action(flow, file, FILE_RESUME_BLOCK); + packet_gettimeofday(&now); + + if (timerisset(&file_ctx->pending_expire_time) and + timercmp(&file_ctx->pending_expire_time, &now, <)) + { + // Timed out while waiting for pending verdict. + FileConfig* fc = get_file_config(SnortConfig::get_conf()); + + // Block session on timeout if configured, otherwise use the + // current action. + if (fc->block_timeout_lookup) + act->set_delayed_action(Active::ACT_RESET, true); + + if (resume) + policy->log_file_action(flow, file_ctx, FILE_RESUME_BLOCK); + + if (PacketTracer::is_active()) + { + PacketTracer::log("File signature lookup: timed out after %" PRIi64 "ms.\n", time_elapsed_ms(&now, &file_ctx->pending_expire_time, lookup_timeout)); + } + } else { - store_verdict(flow, file, lookup_timeout); - FileFlows* files = FileFlows::get_file_flows(flow); - if (files) - files->add_pending_file(file->get_file_id()); + // Add packet to retry queue while we wait for response. + + if (!timerisset(&file_ctx->pending_expire_time)) + { + add_time = { lookup_timeout, 0 }; + timeradd(&now, &add_time, &file_ctx->pending_expire_time); + + if (PacketTracer::is_active()) + PacketTracer::log("File signature lookup: adding new packet to retry queue.\n"); + } + else if (PacketTracer::is_active()) + { + // Won't add packet to retry queue if it is a retransmit + // and not from the retry queue since it should already + // be there. + if (!(p->packet_flags & PKT_RETRANSMIT) or + p->pkth->flags & DAQ_PKT_FLAG_RETRY_PACKET) + { + PacketTracer::log("File signature lookup: adding packet to retry queue. Resume=%d, Waited %" PRIi64 "ms.\n", resume, time_elapsed_ms(&now, &file_ctx->pending_expire_time, lookup_timeout)); + } + } + + act->set_delayed_action(Active::ACT_RETRY, true); + + if (resume) + policy->log_file_action(flow, file_ctx, FILE_RESUME_BLOCK); + else if (store_verdict(flow, file_ctx, lookup_timeout) != 0) + act->set_delayed_action(Active::ACT_DROP, true); + else + { + FileFlows* files = FileFlows::get_file_flows(flow); + if (files) + files->add_pending_file(file_ctx->get_file_id()); + } } return true; default: @@ -274,11 +351,11 @@ bool FileCache::apply_verdict(Packet* p, FileInfo* file, FileVerdict verdict, } if (resume) - policy->log_file_action(flow, file, FILE_RESUME_BLOCK); + policy->log_file_action(flow, file_ctx, FILE_RESUME_BLOCK); else - store_verdict(flow, file, block_timeout); - return true; + store_verdict(flow, file_ctx, block_timeout); + return true; } FileVerdict FileCache::cached_verdict_lookup(Packet* p, FileInfo* file, diff --git a/src/file_api/file_cache.h b/src/file_api/file_cache.h index 538f06bf8..0988f568d 100644 --- a/src/file_api/file_cache.h +++ b/src/file_api/file_cache.h @@ -50,7 +50,7 @@ PADDING_GUARD_END struct FileNode { - time_t expires; + struct timeval cache_expire_time = {0, 0}; snort::FileContext* file; }; @@ -64,7 +64,7 @@ PADDING_GUARD_END snort::FileContext* get_file(snort::Flow*, uint64_t file_id, bool to_create); FileVerdict cached_verdict_lookup(snort::Packet*, snort::FileInfo*, snort::FilePolicyBase*); - bool apply_verdict(snort::Packet*, snort::FileInfo*, FileVerdict, bool resume, + bool apply_verdict(snort::Packet*, snort::FileContext*, FileVerdict, bool resume, snort::FilePolicyBase*); private: diff --git a/src/file_api/file_lib.cc b/src/file_api/file_lib.cc index f89a0afc3..1d53a8556 100644 --- a/src/file_api/file_lib.cc +++ b/src/file_api/file_lib.cc @@ -113,6 +113,7 @@ void FileInfo::copy(const FileInfo& other) file_signature_enabled = other.file_signature_enabled; file_capture_enabled = other.file_capture_enabled; file_state = other.file_state; + pending_expire_time = other.pending_expire_time; // only one copy of file capture file_capture = nullptr; } diff --git a/src/file_api/file_lib.h b/src/file_api/file_lib.h index 0d631f136..47f846e4b 100644 --- a/src/file_api/file_lib.h +++ b/src/file_api/file_lib.h @@ -63,7 +63,6 @@ public: std::string sha_to_string(const uint8_t* sha256); void set_file_id(uint64_t index); uint64_t get_file_id() const; - FileVerdict verdict = FILE_VERDICT_UNKNOWN; // Configuration functions void config_file_type(bool enabled); @@ -80,6 +79,9 @@ public: FileState get_file_state() { return file_state; } + FileVerdict verdict = FILE_VERDICT_UNKNOWN; + struct timeval pending_expire_time = {0, 0}; + protected: std::string file_name; bool file_name_set = false; diff --git a/src/main/snort.cc b/src/main/snort.cc index 2cb2acf6e..7942a207e 100644 --- a/src/main/snort.cc +++ b/src/main/snort.cc @@ -965,6 +965,10 @@ static DAQ_Verdict update_verdict(Packet* p, DAQ_Verdict verdict, int& inject) if ( verdict == DAQ_VERDICT_PASS ) verdict = DAQ_VERDICT_BLOCK; } + else if ( verdict == DAQ_VERDICT_RETRY ) + { + return verdict; + } else if ( p->packet_flags & PKT_RESIZED ) { // we never increase, only trim, but daq doesn't support resizing wire packet diff --git a/src/network_inspectors/appid/tp_appid_utils.cc b/src/network_inspectors/appid/tp_appid_utils.cc index 66a49af3a..e1c37c0f7 100644 --- a/src/network_inspectors/appid/tp_appid_utils.cc +++ b/src/network_inspectors/appid/tp_appid_utils.cc @@ -658,7 +658,8 @@ bool do_tp_discovery(AppIdSession& asd, IpProtocol protocol, { //restart inspection by 3rd party if (!asd.tp_reinspect_by_initiator && (direction == APP_ID_FROM_INITIATOR) && - check_reinspect(p, asd)) + check_reinspect(p, asd) && + p->packet_flags & PKT_STREAM_ORDER_OK) { asd.tp_reinspect_by_initiator = true; asd.set_session_flags(APPID_SESSION_APP_REINSPECT); diff --git a/src/network_inspectors/packet_tracer/packet_tracer.cc b/src/network_inspectors/packet_tracer/packet_tracer.cc index 3a5377561..493459839 100644 --- a/src/network_inspectors/packet_tracer/packet_tracer.cc +++ b/src/network_inspectors/packet_tracer/packet_tracer.cc @@ -28,6 +28,7 @@ #include #include +#include "detection/ips_context.h" #include "log/log.h" #include "log/messages.h" #include "packet_io/sfdaq.h" @@ -72,7 +73,7 @@ void PacketTracer::register_verdict_reason(uint8_t reason_code, uint8_t priority reasons[reason_code] = priority; } -void PacketTracer::set_log_file(std::string file) +void PacketTracer::set_log_file(const std::string& file) { log_file = file; } // template needed for unit tests @@ -337,10 +338,15 @@ void PacketTracer::add_packet_type_info(const Packet& p) CreateTCPFlagString(p.ptrs.tcph, tcpFlags); if (p.ptrs.tcph->th_flags & TH_ACK) - PacketTracer::log("Packet: TCP %s, %s, seq %u, ack %u\n", tcpFlags, timestamp, - p.ptrs.tcph->seq(), p.ptrs.tcph->ack()); + PacketTracer::log("Packet %" PRIu64 ": TCP %s, %s, seq %u, ack %u, dsize %u%s\n", + p.context->packet_number, tcpFlags, timestamp, + p.ptrs.tcph->seq(), p.ptrs.tcph->ack(), p.dsize, + (p.pkth->flags & DAQ_PKT_FLAG_RETRY_PACKET) ? ", retry pkt" : ""); else - PacketTracer::log("Packet: TCP %s, %s, seq %u\n", tcpFlags, timestamp, p.ptrs.tcph->seq()); + PacketTracer::log("Packet %" PRIu64 ": TCP %s, %s, seq %u, dsize %u%s\n", + p.context->packet_number, tcpFlags, timestamp, p.ptrs.tcph->seq(), + p.dsize, + (p.pkth->flags & DAQ_PKT_FLAG_RETRY_PACKET) ? ", retry pkt" : ""); break; } @@ -348,13 +354,15 @@ void PacketTracer::add_packet_type_info(const Packet& p) { const char* icmp_str = is_v6 ? "ICMPv6" : "ICMP"; - PacketTracer::log("Packet: %s, %s, Type: %u Code: %u \n", icmp_str, timestamp, + PacketTracer::log("Packet %" PRIu64 ": %s, %s, Type: %u Code: %u \n", + p.context->packet_number, icmp_str, timestamp, p.ptrs.icmph->type, p.ptrs.icmph->code); break; } default: - PacketTracer::log("Packet: %s, %s\n", p.get_type(), timestamp); + PacketTracer::log("Packet %" PRIu64 ": %s, %s\n", + p.context->packet_number, p.get_type(), timestamp); break; } } diff --git a/src/network_inspectors/packet_tracer/packet_tracer.h b/src/network_inspectors/packet_tracer/packet_tracer.h index dff4a1773..38a30470f 100644 --- a/src/network_inspectors/packet_tracer/packet_tracer.h +++ b/src/network_inspectors/packet_tracer/packet_tracer.h @@ -97,7 +97,7 @@ public: static const int max_buff_size = 2048; // static functions - static void set_log_file(std::string); + static void set_log_file(const std::string&); static void thread_init(); static void thread_term(); diff --git a/src/packet_io/active.cc b/src/packet_io/active.cc index 2c3c13901..acd7ba59c 100644 --- a/src/packet_io/active.cc +++ b/src/packet_io/active.cc @@ -41,6 +41,7 @@ using namespace snort; const char* Active::act_str[Active::ACT_MAX][Active::AST_MAX] = { { "allow", "error", "error", "error" }, + { "retry", "error", "error", "error" }, { "drop", "cant_drop", "would_drop", "force_drop" }, { "block", "cant_block", "would_block", "force_block" }, { "reset", "cant_reset", "would_reset", "force_reset" }, @@ -421,14 +422,14 @@ bool Active::daq_retry_packet(const Packet* p) { bool retry_queued = false; - // FIXIT-M may need to confirm this packet is not a retransmit...2.9.x has a check for that - if ( !p->is_rebuilt() and - ( active_action == ACT_PASS ) and - SFDAQ::can_retry() ) + if ( ( active_action == ACT_PASS ) and SFDAQ::can_retry() ) { if ( SFDAQ::forwarding_packet(p->pkth) ) { - active_action = ACT_RETRY; + if(p->packet_flags & PKT_RETRANSMIT) + active_action = ACT_DROP; // Don't add retransmits to retry queue. + else + active_action = ACT_RETRY; retry_queued = true; } } @@ -507,6 +508,10 @@ void Active::apply_delayed_action(Packet* p) case ACT_RESET: reset_session(p, force); break; + case ACT_RETRY: + if(!daq_retry_packet(p)) + drop_packet(p, force); + break; default: break; } diff --git a/src/packet_io/active.h b/src/packet_io/active.h index 3e7ff9ae6..d3c116498 100644 --- a/src/packet_io/active.h +++ b/src/packet_io/active.h @@ -45,7 +45,7 @@ public: { AST_ALLOW, AST_CANT, AST_WOULD, AST_FORCE, AST_MAX }; enum ActiveAction : uint8_t - { ACT_PASS, ACT_DROP, ACT_BLOCK, ACT_RESET, ACT_RETRY, ACT_MAX }; + { ACT_PASS, ACT_RETRY, ACT_DROP, ACT_BLOCK, ACT_RESET, ACT_MAX }; public: static void init(SnortConfig*); diff --git a/src/protocols/packet.h b/src/protocols/packet.h index e4c28834a..bddf5625d 100644 --- a/src/protocols/packet.h +++ b/src/protocols/packet.h @@ -76,7 +76,8 @@ class Obfuscator; #define PKT_FILE_EVENT_SET 0x00400000 #define PKT_IGNORE 0x00800000 /* this packet should be ignored, based on port */ -#define PKT_UNUSED_FLAGS 0xff000000 +#define PKT_RETRANSMIT 0x01000000 // packet is a re-transmitted pkt. +#define PKT_UNUSED_FLAGS 0xfe000000 #define PKT_TS_OFFLOADED 0x01 diff --git a/src/stream/tcp/segment_overlap_editor.cc b/src/stream/tcp/segment_overlap_editor.cc index 6cd182f32..de9e80998 100644 --- a/src/stream/tcp/segment_overlap_editor.cc +++ b/src/stream/tcp/segment_overlap_editor.cc @@ -26,11 +26,28 @@ #include "segment_overlap_editor.h" #include "log/messages.h" +#include "packet_tracer/packet_tracer.h" #include "tcp_module.h" #include "tcp_normalizers.h" #include "tcp_session.h" + +static void set_retransmit_flag(snort::Packet* p) +{ + if ( snort::PacketTracer::is_active() ) + { + snort::PacketTracer::log("Packet was retransmitted and %s from the retry queue.\n", + (p->pkth->flags & DAQ_PKT_FLAG_RETRY_PACKET) ? "is" : "is not"); + } + + // Mark the packet as being a re-transmit if it's not from the retry + // queue. That way we can avoid adding re-transmitted packets to + // the retry queue. + if ( !(p->pkth->flags & DAQ_PKT_FLAG_RETRY_PACKET) ) + p->packet_flags |= PKT_RETRANSMIT; +} + void SegmentOverlapState::init_sos(TcpSession* ssn, ReassemblyPolicy pol) { @@ -95,9 +112,11 @@ bool SegmentOverlapEditor::is_segment_retransmit( // in one segment. bool* pb = (trs.sos.rseq == trs.sos.tsd->get_seg_seq()) ? full_retransmit : nullptr; - if ( trs.sos.right->is_retransmit( - trs.sos.rdata, trs.sos.rsize, trs.sos.rseq, trs.sos.right->i_len, pb) ) + if ( trs.sos.right->is_retransmit(trs.sos.rdata, trs.sos.rsize, + trs.sos.rseq, trs.sos.right->i_len, pb) ) { + set_retransmit_flag(trs.sos.tsd->get_pkt()); + if ( !(*full_retransmit) ) { trs.sos.rdata += trs.sos.right->i_len; @@ -148,9 +167,11 @@ int SegmentOverlapEditor::eval_right(TcpReassemblerState& trs) if ( trs.sos.overlap < trs.sos.right->i_len ) { - if ( trs.sos.right->is_retransmit( - trs.sos.rdata, trs.sos.rsize, trs.sos.rseq, trs.sos.right->i_len, nullptr) ) + if ( trs.sos.right->is_retransmit(trs.sos.rdata, trs.sos.rsize, + trs.sos.rseq, trs.sos.right->i_len, nullptr) ) { + set_retransmit_flag(trs.sos.tsd->get_pkt()); + // All data was retransmitted trs.sos.session->retransmit_process(trs.sos.tsd->get_pkt()); trs.sos.keep_segment = false; diff --git a/src/stream/tcp/tcp_normalizer.cc b/src/stream/tcp/tcp_normalizer.cc index ae218a9e2..16bff360e 100644 --- a/src/stream/tcp/tcp_normalizer.cc +++ b/src/stream/tcp/tcp_normalizer.cc @@ -267,11 +267,22 @@ int TcpNormalizer::validate_paws_timestamp( { if ( ( (int)( ( tsd.get_ts() - tns.peer_tracker->get_ts_last() ) + tns.paws_ts_fudge ) ) < 0 ) { - /* bail, we've got a packet outside the PAWS window! */ - //inc_tcp_discards(); - tns.session->tel.set_tcp_event(EVENT_BAD_TIMESTAMP); - packet_dropper(tns, tsd, NORM_TCP_OPT); - return ACTION_BAD_PKT; + if ( tsd.get_pkt()->pkth->flags & DAQ_PKT_FLAG_RETRY_PACKET ) + { + // Retry packets can legitimately have old timestamps + // in TCP options (if a re-transmit comes in before + // the retry) so don't consider it an error. + tsd.set_ts(tns.peer_tracker->get_ts_last()); + return ACTION_NOTHING; + } + else + { + /* bail, we've got a packet outside the PAWS window! */ + //inc_tcp_discards(); + tns.session->tel.set_tcp_event(EVENT_BAD_TIMESTAMP); + packet_dropper(tns, tsd, NORM_TCP_OPT); + return ACTION_BAD_PKT; + } } else if ( ( tns.peer_tracker->get_ts_last() != 0 ) && ( ( uint32_t )tsd.get_pkt()->pkth->ts.tv_sec > tns.peer_tracker->get_ts_last_packet() + diff --git a/src/stream/tcp/tcp_segment_node.cc b/src/stream/tcp/tcp_segment_node.cc index 8f613919c..ed1d3bed2 100644 --- a/src/stream/tcp/tcp_segment_node.cc +++ b/src/stream/tcp/tcp_segment_node.cc @@ -131,15 +131,14 @@ void TcpSegmentNode::term() tcpStats.segs_released++; } -bool TcpSegmentNode::is_retransmit( - const uint8_t* rdata, uint16_t rsize, uint32_t rseq, uint16_t orig_dsize, - bool *full_retransmit) +bool TcpSegmentNode::is_retransmit(const uint8_t* rdata, uint16_t rsize, + uint32_t rseq, uint16_t orig_dsize, bool *full_retransmit) { // retransmit must have same payload at same place if ( !SEQ_EQ(i_seq, rseq) ) return false; - if( orig_dsize == c_len ) + if ( orig_dsize == c_len ) { if ( ( ( c_len <= rsize )and !memcmp(data, rdata, c_len) ) or ( ( c_len > rsize )and !memcmp(data, rdata, rsize) ) ) @@ -149,9 +148,10 @@ bool TcpSegmentNode::is_retransmit( } //Checking for a possible split of segment in which case //we compare complete data of the segment to find a retransmission - else if(full_retransmit and (orig_dsize == rsize) and !memcmp(data, rdata, rsize) ) + else if ( (orig_dsize == rsize) and !memcmp(data, rdata, rsize) ) { - *full_retransmit = true; + if ( full_retransmit ) + *full_retransmit = true; return true; } diff --git a/tools/u2spewfoo/u2spewfoo.cc b/tools/u2spewfoo/u2spewfoo.cc index 4ef5e4b4f..56605e6ca 100644 --- a/tools/u2spewfoo/u2spewfoo.cc +++ b/tools/u2spewfoo/u2spewfoo.cc @@ -299,7 +299,7 @@ static const char* get_status(uint8_t stat) static const char* get_action(uint8_t act) { - const char* acts[] = { "pass", "dtop", "block", "reset" }; + const char* acts[] = { "pass", "retry", "drop", "block", "reset" }; return lookup(acts, sizeof(acts)/sizeof(acts[0]), act); }