p, pkt, proto, GET_VLAN_PRIORITY(p->vlanh[p->vlan_idx]),
GET_VLAN_CFI(p->vlanh[p->vlan_idx]), GET_VLAN_ID(p->vlanh[p->vlan_idx]), len);
- p->vlan_id[p->vlan_idx] = (uint16_t)GET_VLAN_ID(p->vlanh[p->vlan_idx]);
+ /* only store the id for flow hashing if it's not disabled. */
+ if (dtv->vlan_disabled == 0)
+ p->vlan_id[p->vlan_idx] = (uint16_t)GET_VLAN_ID(p->vlanh[p->vlan_idx]);
+
p->vlan_idx++;
switch (proto) {
/* initialize UDP app layer code */
AlpProtoFinalize2Thread(&dtv->udp_dp_ctx);
+ /** set config defaults */
+ int vlanbool = 0;
+ if ((ConfGetBool("vlan.use-for-tracking", &vlanbool)) == 1 && vlanbool == 0) {
+ dtv->vlan_disabled = 1;
+ }
+ SCLogDebug("vlan tracking is %s", dtv->vlan_disabled == 0 ? "enabled" : "disabled");
+
return dtv;
}
/** Specific context for udp protocol detection (here atm) */
AlpProtoDetectThreadCtx udp_dp_ctx;
+ int vlan_disabled;
+
/** stats/counters */
uint16_t counter_pkts;
uint16_t counter_pkts_per_sec;
prealloc: 10000
emergency-recovery: 30
+# This option controls the use of vlan ids in the flow hashing. Normally this
+# should be enabled, but in some (broken) setups where both sides of a flow are
+# not tagged with the same vlan tag, we can ignore the vlan id's in the flow
+# hashing.
+vlan:
+ use-for-tracking: true
+
# Specific timeouts for flows. Here you can specify the timeouts that the
# active flows will wait to transit from the current state to another, on each
# protocol. The value of "new" determine the seconds to wait after a hanshake or
projects / thirdparty / suricata.git / commitdiff
