From: Tom Peters (thopeter) Date: Tue, 8 Jun 2021 15:54:45 +0000 (+0000) Subject: Merge pull request #2928 in SNORT/snort3 from ~ARMANDAV/snort3:filter to master X-Git-Tag: 3.1.6.0~15 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5ba588c910fc112fd17960688306b6ded8e6c913;p=thirdparty%2Fsnort3.git Merge pull request #2928 in SNORT/snort3 from ~ARMANDAV/snort3:filter to master Squashed commit of the following: commit 3b834ec3d3dcdd849f7bb730bc7bdc8018e78160 Author: snorty Date: Tue Jun 8 00:48:34 2021 -0400 protocols: Remove inline specifiers for functions defined within a structure declaration commit a85fd8ace95bdfafcf697d36ccc873b51e5aa3bc Author: snorty Date: Fri Jun 4 14:42:12 2021 -0400 filters: Support rate filter to work with PDUs --- diff --git a/src/filters/rate_filter.cc b/src/filters/rate_filter.cc index cdf153ee0..6dc8d6b03 100644 --- a/src/filters/rate_filter.cc +++ b/src/filters/rate_filter.cc @@ -113,7 +113,7 @@ int RateFilter_Test(const OptTreeNode* otn, Packet* p) const SfIp* dip; SfIp cleared; - if ( p->ptrs.ip_api.is_ip() ) + if ( p->has_ip_hdr() ) { sip = p->ptrs.ip_api.get_src(); dip = p->ptrs.ip_api.get_dst(); diff --git a/src/protocols/packet.h b/src/protocols/packet.h index 5308489b8..8a4ce0563 100644 --- a/src/protocols/packet.h +++ b/src/protocols/packet.h @@ -172,40 +172,40 @@ struct SO_PUBLIC Packet static const uint32_t max_dsize = IP_MAXPACKET; /* Boolean functions - general information about this packet */ - inline bool is_eth() const + bool is_eth() const { return ((proto_bits & PROTO_BIT__ETH) != 0); } - inline bool has_ip() const + bool has_ip() const { return ptrs.ip_api.is_ip(); } - inline bool is_ip4() const + bool is_ip4() const { return ptrs.ip_api.is_ip4(); } - inline bool is_ip6() const + bool is_ip6() const { return ptrs.ip_api.is_ip6(); } - inline bool is_ip() const + bool is_ip() const { return ptrs.get_pkt_type() == PktType::IP; } - inline bool is_tcp() const + bool is_tcp() const { return ptrs.get_pkt_type() == PktType::TCP; } - inline bool is_udp() const + bool is_udp() const { return ptrs.get_pkt_type() == PktType::UDP; } - inline bool is_icmp() const + bool is_icmp() const { return ptrs.get_pkt_type() == PktType::ICMP; } - inline bool is_data() const + bool is_data() const { return (ptrs.get_pkt_type() == PktType::PDU) or (ptrs.get_pkt_type() == PktType::FILE); } - inline bool is_cooked() const + bool is_cooked() const { return ((packet_flags & PKT_PSEUDO) != 0); } - inline bool is_fragment() const + bool is_fragment() const { return ptrs.decode_flags & DECODE_FRAG; } - inline bool is_udp_tunneled() const + bool is_udp_tunneled() const { if (proto_bits & PROTO_BIT__UDP_TUNNELED) { @@ -216,14 +216,17 @@ struct SO_PUBLIC Packet return false; } - inline bool has_tcp_data() const + bool has_ip_hdr() const + { return ((proto_bits & PROTO_BIT__ANY_IP) != 0); } + + bool has_tcp_data() const { return (proto_bits & PROTO_BIT__TCP) and data and dsize; } - inline bool has_udp_data() const + bool has_udp_data() const { return (proto_bits & PROTO_BIT__UDP) and data and dsize; } /* Get general, non-boolean information */ - inline PktType type() const + PktType type() const { return ptrs.get_pkt_type(); } // defined in codec.h void set_detect_limit(uint16_t n) @@ -246,7 +249,7 @@ struct SO_PUBLIC Packet * eth::ip4::udp::teredo::ip6::hop_opts::ipv6_routing::tcp * this function return 6 == IPPROTO_TCP == IPPROTO_ID_TCP */ - inline IpProtocol get_ip_proto_next() const + IpProtocol get_ip_proto_next() const { return ip_proto_next; } /* Similar to above. However, this function