Merge pull request #1181 in SNORT/snort3 from send_reset_on_pdu3 to master

Squashed commit of the following:

commit 8c7e839b8c0f2b9abb85cc45b8ec0ce86b1759e0
Author: Steve Chew <stechew@cisco.com>
Date:   Thu Apr 5 14:50:47 2018 -0400

    Reset: Always queue reject and test packet type in RejectAction::exec.

diff --git a/src/actions/act_reject.cc b/src/actions/act_reject.cc
index 652b9c0148349cb6ce24c01222af28af0e20dba1..d01f47a3d913db0a4aea613fa6df5aae139a1ddb 100644 (file)
--- a/src/actions/act_reject.cc
+++ b/src/actions/act_reject.cc
@@ -93,6 +93,28 @@ private:
 void RejectAction::exec(Packet* p)
 {
     Profile profile(rejPerfStats);
+
+    if ( !p->ptrs.ip_api.is_ip() )
+        return;
+
+    switch ( p->type() )
+    {
+    case PktType::TCP:
+        if ( !Active::is_reset_candidate(p) )
+            return;
+        break;
+
+    case PktType::UDP:
+    case PktType::ICMP:
+    case PktType::IP:
+        if ( !Active::is_unreachable_candidate(p) )
+            return;
+        break;
+
+    default:
+        return;
+    }
+
     send(p);
 }
 

diff --git a/src/managers/action_manager.cc b/src/managers/action_manager.cc
index 1dfd1ab051dc9b0d530b4c8bceb9b395d6ee23cd..6177cc34e854c3f6b8727520b6a8ff1c8fa73b64 100644 (file)
--- a/src/managers/action_manager.cc
+++ b/src/managers/action_manager.cc
@@ -152,28 +152,8 @@ void ActionManager::queue(IpsAction* a)
         s_action = a;
 }
 
-void ActionManager::queue_reject(const Packet* p)
+void ActionManager::queue_reject()
 {
-    if ( !p->ptrs.ip_api.is_ip() )
-        return;
-
-    switch ( p->type() )
-    {
-    case PktType::TCP:
-        if ( !Active::is_reset_candidate(p) )
-            return;
-        break;
-
-    case PktType::UDP:
-    case PktType::ICMP:
-    case PktType::IP:
-        if ( !Active::is_unreachable_candidate(p) )
-            return;
-        break;
-
-    default:
-        return;
-    }
     if ( s_reject )
         queue(s_reject);
 }

diff --git a/src/managers/action_manager.h b/src/managers/action_manager.h
index 990a5bfc403a46279395dd66c1a25bb3841c35ee..c9af1bddc246ba149d2fc05b8b675f5e087ad59e 100644 (file)
--- a/src/managers/action_manager.h
+++ b/src/managers/action_manager.h
@@ -70,7 +70,7 @@ public:
     static void thread_term(snort::SnortConfig*);
 
     static void reset_queue();
-    static void queue_reject(const snort::Packet*);
+    static void queue_reject();
     static void queue(snort::IpsAction*);
     static void execute(snort::Packet*);
 

diff --git a/src/packet_io/active.cc b/src/packet_io/active.cc
index c87e2429be143cfe62bbfa05dd9fc03271e68a07..e40637d9239ffde3aa2f01854a16cb5309c5d54f 100644 (file)
--- a/src/packet_io/active.cc
+++ b/src/packet_io/active.cc
@@ -470,7 +470,7 @@ void Active::reset_session(Packet* p, bool force)
 
     if ( s_enabled )
     {
-        ActionManager::queue_reject(p);
+        ActionManager::queue_reject();
 
         if ( p->flow )
         {