From: Davis McPherson -X (davmcphe - XORIANT CORPORATION at Cisco) Date: Tue, 24 Sep 2024 18:28:49 +0000 (+0000) Subject: Pull request #4433: stream_tcp: Do not set global normalizer policy config when proxy... X-Git-Tag: 3.3.7.0~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dae8e59423fcf3dc40b5de233253fdb5642dec9c;p=thirdparty%2Fsnort3.git Pull request #4433: stream_tcp: Do not set global normalizer policy config when proxy mode is enabled Merge in SNORT/snort3 from ~DAVMCPHE/snort3:start_proxy_config_fix to master Squashed commit of the following: commit 7568e72e147ef564ed2ac545f700e25f86823a98 Author: davis mcpherson Date: Tue Sep 10 08:40:34 2024 -0400 stream_tcp: Do not overwrite global normalizer policy config option when proxy mode is enabled stream_tcp: add assert to verify configured normalizer policy is valid --- diff --git a/src/stream/tcp/tcp_session.cc b/src/stream/tcp/tcp_session.cc index e202f96b4..2bfffd190 100644 --- a/src/stream/tcp/tcp_session.cc +++ b/src/stream/tcp/tcp_session.cc @@ -289,6 +289,8 @@ void TcpSession::check_flow_missed_3whs() void TcpSession::set_os_policy() { + assert(tcp_config->policy <= StreamPolicy::OS_VISTA); + StreamPolicy client_os_policy = flow->ssn_policy ? static_cast( flow->ssn_policy ) : tcp_config->policy; @@ -1346,9 +1348,8 @@ void TcpSession::start_proxy() if ( PacketTracer::is_active() ) PacketTracer::log("Stream TCP normalization policy set to Proxy mode. Normalizations will be skipped\n"); - tcp_config->policy = StreamPolicy::OS_PROXY; - client.normalizer.init(tcp_config->policy, this, &client, &server); - server.normalizer.init(tcp_config->policy, this, &server, &client); + client.normalizer.init(StreamPolicy::OS_PROXY, this, &client, &server); + server.normalizer.init(StreamPolicy::OS_PROXY, this, &server, &client); ++tcpStats.proxy_mode_flows; }