(p)->flags |= PKT_NOPAYLOAD_INSPECTION; \
} while (0)
+#define DecodeUnsetNoPayloadInspectionFlag(p) do { \
+ (p)->flags &= ~PKT_NOPAYLOAD_INSPECTION; \
+ } while (0)
+
/** \brief Set the No packet inspection Flag for the packet.
*
* \param p Packet to set the flag in
#define DecodeSetNoPacketInspectionFlag(p) do { \
(p)->flags |= PKT_NOPACKET_INSPECTION; \
} while (0)
+#define DecodeUnsetNoPacketInspectionFlag(p) do { \
+ (p)->flags &= ~PKT_NOPACKET_INSPECTION; \
+ } while (0)
#define ENGINE_SET_EVENT(p, e) do { \
return 1;
}
+/**
+ *
+ * Remove packet from flow. This assumes this happens *before* the packet
+ * is added to the stream engine and other higher state.
+ *
+ * \todo we can't restore the lastts
+ */
+void FlowHandlePacketUpdateRemove(Flow *f, Packet *p)
+{
+ if (p->flowflags & FLOW_PKT_TOSERVER) {
+ f->todstpktcnt--;
+ f->todstbytecnt -= GET_PKT_LEN(p);
+ p->flowflags &= ~FLOW_PKT_TOSERVER;
+ } else {
+ f->tosrcpktcnt--;
+ f->tosrcbytecnt -= GET_PKT_LEN(p);
+ p->flowflags &= ~FLOW_PKT_TOCLIENT;
+ }
+ p->flowflags &= ~FLOW_PKT_ESTABLISHED;
+
+ /*set the detection bypass flags*/
+ if (f->flags & FLOW_NOPACKET_INSPECTION) {
+ SCLogDebug("unsetting FLOW_NOPACKET_INSPECTION flag on flow %p", f);
+ DecodeUnsetNoPacketInspectionFlag(p);
+ }
+ if (f->flags & FLOW_NOPAYLOAD_INSPECTION) {
+ SCLogDebug("unsetting FLOW_NOPAYLOAD_INSPECTION flag on flow %p", f);
+ DecodeUnsetNoPayloadInspectionFlag(p);
+ }
+}
+
/** \brief Update Packet and Flow
*
* Updates packet and flow based on the new packet.
AppProto FlowGetAppProtocol(Flow *f);
void *FlowGetAppState(Flow *f);
+
+void FlowHandlePacketUpdateRemove(Flow *f, Packet *p);
void FlowHandlePacketUpdate(Flow *f, Packet *p);
#endif /* __FLOW_H__ */
projects / thirdparty / suricata.git / commitdiff
