From: Michael Altizer (mialtize) <mialtize@cisco.com>
Date: Wed, 2 Dec 2020 17:16:46 +0000 (+0000)
Subject: Merge pull request #2625 in SNORT/snort3 from ~DERAMADA/snort3:interfaces_fix to... 
X-Git-Tag: 3.0.3-6~24
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f0bd62338106eee2f4df7c6c884eea9d52641785;p=thirdparty%2Fsnort3.git

Merge pull request #2625 in SNORT/snort3 from ~DERAMADA/snort3:interfaces_fix to master

Squashed commit of the following:

commit 5b862eeddb95eb76cba66efb8ce0b4a836b87630
Author: Deepak Ramadass <deramada@cisco.com>
Date:   Tue Nov 17 11:09:55 2020 -0500

    stream_tcp: set interfaces in both directions
---

diff --git a/src/stream/tcp/tcp_stream_session.cc b/src/stream/tcp/tcp_stream_session.cc
index 03c93b847..c8152f835 100644
--- a/src/stream/tcp/tcp_stream_session.cc
+++ b/src/stream/tcp/tcp_stream_session.cc
@@ -271,7 +271,8 @@ void TcpStreamSession::set_packet_header_foo(const TcpSegmentDescriptor& tsd)
 {
     const Packet* p = tsd.get_pkt();
 
-    if ( daq_flags & DAQ_PKT_FLAG_NOT_FORWARDING )
+    if ( tsd.is_packet_from_client() || (p->pkth->egress_index == DAQ_PKTHDR_UNKNOWN
+         && p->pkth->egress_group == DAQ_PKTHDR_UNKNOWN) )
     {
         ingress_index = p->pkth->ingress_index;
         ingress_group = p->pkth->ingress_group;
@@ -279,17 +280,12 @@ void TcpStreamSession::set_packet_header_foo(const TcpSegmentDescriptor& tsd)
         egress_index = p->pkth->egress_index;
         egress_group = p->pkth->egress_group;
     }
-    else if ( tsd.is_packet_from_client() )
-    {
-        ingress_index = p->pkth->ingress_index;
-        ingress_group = p->pkth->ingress_group;
-        // ssn egress not always correct here
-    }
     else
     {
-        // ssn ingress not always correct here
         egress_index = p->pkth->ingress_index;
         egress_group = p->pkth->ingress_group;
+        ingress_index = p->pkth->egress_index;
+        ingress_group = p->pkth->egress_group;
     }
 
     daq_flags = p->pkth->flags;
@@ -298,7 +294,8 @@ void TcpStreamSession::set_packet_header_foo(const TcpSegmentDescriptor& tsd)
 
 void TcpStreamSession::get_packet_header_foo(DAQ_PktHdr_t* pkth, uint32_t dir)
 {
-    if ( (dir & PKT_FROM_CLIENT) || (daq_flags & DAQ_PKT_FLAG_NOT_FORWARDING) )
+    if ( (dir & PKT_FROM_CLIENT) || (egress_index == DAQ_PKTHDR_UNKNOWN &&
+         egress_group == DAQ_PKTHDR_UNKNOWN) )
     {
         pkth->ingress_index = ingress_index;
         pkth->ingress_group = ingress_group;
diff --git a/src/stream/tcp/tcp_stream_session.h b/src/stream/tcp/tcp_stream_session.h
index 6ad83b3ff..f950e2815 100644
--- a/src/stream/tcp/tcp_stream_session.h
+++ b/src/stream/tcp/tcp_stream_session.h
@@ -111,10 +111,10 @@ public:
     bool tcp_init = false;
     uint32_t pkt_action_mask = ACTION_NOTHING;
     uint8_t ecn = 0;
-    int32_t ingress_index = 0;
-    int16_t ingress_group = 0;
-    int32_t egress_index = 0;
-    int16_t egress_group = 0;
+    int32_t ingress_index = DAQ_PKTHDR_UNKNOWN;
+    int16_t ingress_group = DAQ_PKTHDR_UNKNOWN;
+    int32_t egress_index = DAQ_PKTHDR_UNKNOWN;
+    int16_t egress_group = DAQ_PKTHDR_UNKNOWN;
     uint32_t daq_flags = 0;
     uint16_t address_space_id = 0;
     bool generate_3whs_alert = true;