From: Victor Julien <victor@inliniac.net>
Date: Tue, 28 Jan 2020 09:33:23 +0000 (+0100)
Subject: flow: fix TCP closed default initialization
X-Git-Tag: suricata-6.0.0-beta1~273
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c50ef8cc2114ab8d3dc5010ef2eaf127be1dca5d;p=thirdparty%2Fsuricata.git

flow: fix TCP closed default initialization

TCP closed state was initialized to 0 by default.

Clean up 'closed' value setting for other protocols and the common
default.
---

diff --git a/src/flow-private.h b/src/flow-private.h
index 9cf0e4d5a9..fe64e293d0 100644
--- a/src/flow-private.h
+++ b/src/flow-private.h
@@ -43,6 +43,7 @@
 #define FLOW_DEFAULT_BYPASSED_TIMEOUT 100
 #define FLOW_IPPROTO_TCP_NEW_TIMEOUT 30
 #define FLOW_IPPROTO_TCP_EST_TIMEOUT 300
+#define FLOW_IPPROTO_TCP_CLOSED_TIMEOUT 10
 #define FLOW_IPPROTO_TCP_BYPASSED_TIMEOUT 100
 #define FLOW_IPPROTO_UDP_NEW_TIMEOUT 30
 #define FLOW_IPPROTO_UDP_EST_TIMEOUT 300
@@ -57,6 +58,7 @@
 #define FLOW_DEFAULT_EMERG_BYPASSED_TIMEOUT 50
 #define FLOW_IPPROTO_TCP_EMERG_NEW_TIMEOUT 10
 #define FLOW_IPPROTO_TCP_EMERG_EST_TIMEOUT 100
+#define FLOW_IPPROTO_TCP_EMERG_CLOSED_TIMEOUT 5
 #define FLOW_IPPROTO_UDP_EMERG_NEW_TIMEOUT 10
 #define FLOW_IPPROTO_UDP_EMERG_EST_TIMEOUT 100
 #define FLOW_IPPROTO_ICMP_EMERG_NEW_TIMEOUT 10
diff --git a/src/flow.c b/src/flow.c
index a7384b6dc9..93c49896fd 100644
--- a/src/flow.c
+++ b/src/flow.c
@@ -744,24 +744,24 @@ void FlowInitFlowProto(void)
 
     SET_DEFAULTS(FLOW_PROTO_DEFAULT,
                 FLOW_DEFAULT_NEW_TIMEOUT, FLOW_DEFAULT_EST_TIMEOUT,
-                    FLOW_DEFAULT_CLOSED_TIMEOUT, FLOW_DEFAULT_BYPASSED_TIMEOUT,
+                    0, FLOW_DEFAULT_BYPASSED_TIMEOUT,
                 FLOW_DEFAULT_EMERG_NEW_TIMEOUT, FLOW_DEFAULT_EMERG_EST_TIMEOUT,
-                    FLOW_DEFAULT_EMERG_CLOSED_TIMEOUT, FLOW_DEFAULT_EMERG_BYPASSED_TIMEOUT);
+                    0, FLOW_DEFAULT_EMERG_BYPASSED_TIMEOUT);
     SET_DEFAULTS(FLOW_PROTO_TCP,
                 FLOW_IPPROTO_TCP_NEW_TIMEOUT, FLOW_IPPROTO_TCP_EST_TIMEOUT,
-                    FLOW_DEFAULT_CLOSED_TIMEOUT, FLOW_IPPROTO_TCP_BYPASSED_TIMEOUT,
+                    FLOW_IPPROTO_TCP_CLOSED_TIMEOUT, FLOW_IPPROTO_TCP_BYPASSED_TIMEOUT,
                 FLOW_IPPROTO_TCP_EMERG_NEW_TIMEOUT, FLOW_IPPROTO_TCP_EMERG_EST_TIMEOUT,
-                    FLOW_DEFAULT_EMERG_CLOSED_TIMEOUT, FLOW_DEFAULT_EMERG_BYPASSED_TIMEOUT);
+                    FLOW_IPPROTO_TCP_EMERG_CLOSED_TIMEOUT, FLOW_DEFAULT_EMERG_BYPASSED_TIMEOUT);
     SET_DEFAULTS(FLOW_PROTO_UDP,
                 FLOW_IPPROTO_UDP_NEW_TIMEOUT, FLOW_IPPROTO_UDP_EST_TIMEOUT,
-                    FLOW_DEFAULT_CLOSED_TIMEOUT, FLOW_IPPROTO_UDP_BYPASSED_TIMEOUT,
+                    0, FLOW_IPPROTO_UDP_BYPASSED_TIMEOUT,
                 FLOW_IPPROTO_UDP_EMERG_NEW_TIMEOUT, FLOW_IPPROTO_UDP_EMERG_EST_TIMEOUT,
-                    FLOW_DEFAULT_EMERG_CLOSED_TIMEOUT, FLOW_DEFAULT_EMERG_BYPASSED_TIMEOUT);
+                    0, FLOW_DEFAULT_EMERG_BYPASSED_TIMEOUT);
     SET_DEFAULTS(FLOW_PROTO_ICMP,
                 FLOW_IPPROTO_ICMP_NEW_TIMEOUT, FLOW_IPPROTO_ICMP_EST_TIMEOUT,
-                    FLOW_DEFAULT_CLOSED_TIMEOUT, FLOW_IPPROTO_ICMP_BYPASSED_TIMEOUT,
+                    0, FLOW_IPPROTO_ICMP_BYPASSED_TIMEOUT,
                 FLOW_IPPROTO_ICMP_EMERG_NEW_TIMEOUT, FLOW_IPPROTO_ICMP_EMERG_EST_TIMEOUT,
-                    FLOW_DEFAULT_EMERG_CLOSED_TIMEOUT, FLOW_DEFAULT_EMERG_BYPASSED_TIMEOUT);
+                    0, FLOW_DEFAULT_EMERG_BYPASSED_TIMEOUT);
 
     flow_freefuncs[FLOW_PROTO_DEFAULT].Freefunc = NULL;
     flow_freefuncs[FLOW_PROTO_TCP].Freefunc = NULL;