From: Tom Peters (thopeter) Date: Wed, 15 May 2019 18:39:44 +0000 (-0400) Subject: Merge pull request #1604 in SNORT/snort3 from ~KATHARVE/snort3:disable_inspection_in_... X-Git-Tag: 3.0.0-256~3 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=76a5cb9057a4c7945ab91aab3f6fc7e334b1d402;p=thirdparty%2Fsnort3.git Merge pull request #1604 in SNORT/snort3 from ~KATHARVE/snort3:disable_inspection_in_drop_flow to master Squashed commit of the following: commit 991d611b02b5bb0ad494b29e6914ac649cca581c Author: Katura Harvey Date: Tue May 7 18:53:02 2019 -0400 stream: disable inspection of flow on reset --- diff --git a/src/file_api/file_lib.cc b/src/file_api/file_lib.cc index 1d53a8556..6dac8279d 100644 --- a/src/file_api/file_lib.cc +++ b/src/file_api/file_lib.cc @@ -351,8 +351,6 @@ void FileContext::finish_signature_lookup(Packet* p, bool final_lookup, FilePoli log_file_event(flow, policy); config_file_signature(false); file_stats->signatures_processed[get_file_type()][get_file_direction()]++; - if ( verdict == FILE_VERDICT_REJECT or verdict == FILE_VERDICT_BLOCK) - flow->disable_inspection(); } else { diff --git a/src/stream/stream.cc b/src/stream/stream.cc index b76ac0fe2..91968f5ac 100644 --- a/src/stream/stream.cc +++ b/src/stream/stream.cc @@ -324,6 +324,8 @@ void Stream::drop_flow(const Packet* p) flow->session->clear(); flow->set_state(Flow::FlowState::BLOCK); + flow->disable_inspection(); + if ( !(p->packet_flags & PKT_STATELESS) ) drop_traffic(p, SSN_DIR_BOTH); }