]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3304c91)
decode: Packet action start with PACKET
authorEric Leblond <eric@regit.org>
Mon, 24 Jun 2013 07:44:46 +0000 (09:44 +0200)
committerVictor Julien <victor@inliniac.net>
Thu, 27 Jun 2013 08:30:51 +0000 (10:30 +0200)
Rename all Packet action macro to have them prefixed by PACKET.

17 files changed:
src/alert-prelude.c patch | blob | blame | history
src/alert-unified2-alert.c patch | blob | blame | history
src/decode.h patch | blob | blame | history
src/detect-detection-filter.c patch | blob | blame | history
src/detect-engine-alert.c patch | blob | blame | history
src/detect-engine-iponly.c patch | blob | blame | history
src/detect-engine-state.c patch | blob | blame | history
src/detect-engine-threshold.c patch | blob | blame | history
src/detect-threshold.c patch | blob | blame | history
src/detect.c patch | blob | blame | history
src/log-droplog.c patch | blob | blame | history
src/respond-reject.c patch | blob | blame | history
src/source-af-packet.c patch | blob | blame | history
src/source-ipfw.c patch | blob | blame | history
src/source-nfq.c patch | blob | blame | history
src/stream-tcp.c patch | blob | blame | history
src/util-threshold-config.c patch | blob | blame | history

diff --git a/src/alert-prelude.c b/src/alert-prelude.c
index c74f62eb2ee2ddfb4b7c61ad0340a708109c7b00..6dbbf8728da0ead679bc3f312d230731dd10007a 100644 (file)
--- a/src/alert-prelude.c
+++ b/src/alert-prelude.c
@@ -238,7 +238,7 @@ static int EventToImpact(PacketAlert *pa, Packet *p, idmef_alert_t *alert)
 
     idmef_impact_set_severity(impact, severity);
 
-    if (TEST_PACKET_ACTION(p, ACTION_DROP)) {
+    if (PACKET_TEST_ACTION(p, ACTION_DROP)) {
         idmef_action_t *action;
 
         ret = idmef_action_new(&action);
diff --git a/src/alert-unified2-alert.c b/src/alert-unified2-alert.c
index 3ef5bfb076f093d98f0f352a28291a5da28dd18a..4146f3928d313c76884139f920141bcc0ab76642 100644 (file)
--- a/src/alert-unified2-alert.c
+++ b/src/alert-unified2-alert.c
@@ -648,7 +648,7 @@ int Unified2IPv6TypeAlert (ThreadVars *t, Packet *p, void *data, PacketQueue *pq
     gphdr.dst_ip = *(struct in6_addr*)GET_IPV6_DST_ADDR(p);
     gphdr.protocol = p->proto;
 
-    if(TEST_PACKET_ACTION(p, ACTION_DROP))
+    if(PACKET_TEST_ACTION(p, ACTION_DROP))
         gphdr.packet_action = UNIFIED2_BLOCKED_FLAG;
     else
         gphdr.packet_action = 0;
@@ -796,7 +796,7 @@ int Unified2IPv4TypeAlert (ThreadVars *tv, Packet *p, void *data, PacketQueue *p
     gphdr.dst_ip = p->ip4h->s_ip_dst.s_addr;
     gphdr.protocol = IPV4_GET_RAW_IPPROTO(p->ip4h);
 
-    if(TEST_PACKET_ACTION(p, ACTION_DROP))
+    if(PACKET_TEST_ACTION(p, ACTION_DROP))
         gphdr.packet_action = UNIFIED2_BLOCKED_FLAG;
     else
         gphdr.packet_action = 0;
diff --git a/src/decode.h b/src/decode.h
index 687c871920bb88dd6a141c80a7226b9c4926510d..b3f493bd8bb2765c8f950e9ccf8c1ab42b043c7e 100644 (file)
--- a/src/decode.h
+++ b/src/decode.h
@@ -706,54 +706,54 @@ typedef struct DecodeThreadVars_
 /* macro's for setting the action
  * handle the case of a root packet
  * for tunnels */
-#define ALERT_PACKET(p) do { \
+#define PACKET_ALERT(p) do { \
     ((p)->root ? \
      ((p)->root->action = ACTION_ALERT) : \
      ((p)->action = ACTION_ALERT)); \
 } while (0)
 
-#define ACCEPT_PACKET(p) do { \
+#define PACKET_ACCEPT(p) do { \
     ((p)->root ? \
      ((p)->root->action = ACTION_ACCEPT) : \
      ((p)->action = ACTION_ACCEPT)); \
 } while (0)
 
-#define DROP_PACKET(p) do { \
+#define PACKET_DROP(p) do { \
     ((p)->root ? \
      ((p)->root->action = ACTION_DROP) : \
      ((p)->action = ACTION_DROP)); \
 } while (0)
 
-#define REJECT_PACKET(p) do { \
+#define PACKET_REJECT(p) do { \
     ((p)->root ? \
      ((p)->root->action = (ACTION_REJECT|ACTION_DROP)) : \
      ((p)->action = (ACTION_REJECT|ACTION_DROP))); \
 } while (0)
 
-#define REJECT_PACKET_DST(p) do { \
+#define PACKET_REJECT_DST(p) do { \
     ((p)->root ? \
      ((p)->root->action = (ACTION_REJECT_DST|ACTION_DROP)) : \
      ((p)->action = (ACTION_REJECT_DST|ACTION_DROP))); \
 } while (0)
 
-#define REJECT_PACKET_BOTH(p) do { \
+#define PACKET_REJECT_BOTH(p) do { \
     ((p)->root ? \
      ((p)->root->action = (ACTION_REJECT_BOTH|ACTION_DROP)) : \
      ((p)->action = (ACTION_REJECT_BOTH|ACTION_DROP))); \
 } while (0)
 
-#define PASS_PACKET(p) do { \
+#define PACKET_PASS(p) do { \
     ((p)->root ? \
      ((p)->root->action = ACTION_PASS) : \
      ((p)->action = ACTION_PASS)); \
 } while (0)
 
-#define TEST_PACKET_ACTION(p, a) \
+#define PACKET_TEST_ACTION(p, a) \
     ((p)->root ? \
      ((p)->root->action & a) : \
      ((p)->action & a))
 
-#define UPDATE_PACKET_ACTION(p, a) do { \
+#define PACKET_UPDATE_ACTION(p, a) do { \
     ((p)->root ? \
      ((p)->root->action |= a) : \
      ((p)->action |= a)); \
diff --git a/src/detect-detection-filter.c b/src/detect-detection-filter.c
index f2791021c0657f736deb178423f7188ea0f4eed6..83cd7a0dd85f99befde28ae2a4b86b6bd4aaeb4f 100644 (file)
--- a/src/detect-detection-filter.c
+++ b/src/detect-detection-filter.c
@@ -579,17 +579,17 @@ static int DetectDetectionFilterTestSig3(void) {
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts = PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     TimeSetIncrementTime(200);
@@ -597,22 +597,22 @@ static int DetectDetectionFilterTestSig3(void) {
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     if (alerts == 3 && drops == 3)
diff --git a/src/detect-engine-alert.c b/src/detect-engine-alert.c
index ac6725a0a15229b07622ed0f64e91045d2054e6b..6fa16c4d8063c1e9f84510c8bfd60d0f326b3764 100644 (file)
--- a/src/detect-engine-alert.c
+++ b/src/detect-engine-alert.c
@@ -248,16 +248,16 @@ void PacketAlertFinalize(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx
             }
 
             /* set verdict on packet */
-            UPDATE_PACKET_ACTION(p, p->alerts.alerts[i].action);
+            PACKET_UPDATE_ACTION(p, p->alerts.alerts[i].action);
 
-            if (TEST_PACKET_ACTION(p, ACTION_PASS)) {
+            if (PACKET_TEST_ACTION(p, ACTION_PASS)) {
                 /* Ok, reset the alert cnt to end in the previous of pass
                  * so we ignore the rest with less prio */
                 p->alerts.cnt = i;
                 break;
             /* if the signature wants to drop, check if the
              * PACKET_ALERT_FLAG_DROP_FLOW flag is set. */
-            } else if ((TEST_PACKET_ACTION(p, ACTION_DROP)) &&
+            } else if ((PACKET_TEST_ACTION(p, ACTION_DROP)) &&
                     ((p->alerts.alerts[i].flags & PACKET_ALERT_FLAG_DROP_FLOW) ||
                          (s->flags & SIG_FLAG_APPLAYER))
                        && p->flow != NULL)
diff --git a/src/detect-engine-iponly.c b/src/detect-engine-iponly.c
index 0c60f00510cc784594c7b07d2b4efaac55dd1b67..e9c41087bafb2bd681cca099743dcaa4b6c7982d 100644 (file)
--- a/src/detect-engine-iponly.c
+++ b/src/detect-engine-iponly.c
@@ -1076,7 +1076,7 @@ void IPOnlyMatchPacket(ThreadVars *tv,
                             PacketAlertAppend(det_ctx, s, p, 0);
                     } else {
                         /* apply actions for noalert/rule suppressed as well */
-                        UPDATE_PACKET_ACTION(p, s->action);
+                        PACKET_UPDATE_ACTION(p, s->action);
                     }
                 }
             }
diff --git a/src/detect-engine-state.c b/src/detect-engine-state.c
index 4806d216707f4e1324b7f63f2f7fcffef1c28541..62effe57c1f9c8f6ed9700aadc46170711c9c41f 100644 (file)
--- a/src/detect-engine-state.c
+++ b/src/detect-engine-state.c
@@ -614,7 +614,7 @@ void DeStateDetectContinueDetection(ThreadVars *tv, DetectEngineCtx *de_ctx,
                 if (!(s->flags & SIG_FLAG_NOALERT)) {
                     PacketAlertAppend(det_ctx, s, p, 0);
                 } else {
-                    UPDATE_PACKET_ACTION(p, s->action);
+                    PACKET_UPDATE_ACTION(p, s->action);
                 }
             }
 
diff --git a/src/detect-engine-threshold.c b/src/detect-engine-threshold.c
index d152d2732bb688396a619c215b64cab3a361efd3..baa9e44e3838b41b67bc91e44be1ddfa30901db3 100644 (file)
--- a/src/detect-engine-threshold.c
+++ b/src/detect-engine-threshold.c
@@ -384,16 +384,16 @@ int ThresholdHandlePacketHost(Host *h, Packet *p, DetectThresholdData *td, uint3
                         /* Take the action to perform */
                         switch (td->new_action) {
                             case TH_ACTION_ALERT:
-                                ALERT_PACKET(p);
+                                PACKET_ALERT(p);
                                 break;
                             case TH_ACTION_DROP:
-                                DROP_PACKET(p);
+                                PACKET_DROP(p);
                                 break;
                             case TH_ACTION_REJECT:
-                                REJECT_PACKET(p);
+                                PACKET_REJECT(p);
                                 break;
                             case TH_ACTION_PASS:
-                                PASS_PACKET(p);
+                                PACKET_PASS(p);
                                 break;
                             default:
                                 /* Weird, leave the default action */
@@ -413,16 +413,16 @@ int ThresholdHandlePacketHost(Host *h, Packet *p, DetectThresholdData *td, uint3
                             /* Take the action to perform */
                             switch (td->new_action) {
                                 case TH_ACTION_ALERT:
-                                    ALERT_PACKET(p);
+                                    PACKET_ALERT(p);
                                     break;
                                 case TH_ACTION_DROP:
-                                    DROP_PACKET(p);
+                                    PACKET_DROP(p);
                                     break;
                                 case TH_ACTION_REJECT:
-                                    REJECT_PACKET(p);
+                                    PACKET_REJECT(p);
                                     break;
                                 case TH_ACTION_PASS:
-                                    PASS_PACKET(p);
+                                    PACKET_PASS(p);
                                     break;
                                 default:
                                     /* Weird, leave the default action */
@@ -501,16 +501,16 @@ static int ThresholdHandlePacketRule(DetectEngineCtx *de_ctx, Packet *p, DetectT
             /* Take the action to perform */
             switch (td->new_action) {
                 case TH_ACTION_ALERT:
-                    ALERT_PACKET(p);
+                    PACKET_ALERT(p);
                     break;
                 case TH_ACTION_DROP:
-                    DROP_PACKET(p);
+                    PACKET_DROP(p);
                     break;
                 case TH_ACTION_REJECT:
-                    REJECT_PACKET(p);
+                    PACKET_REJECT(p);
                     break;
                 case TH_ACTION_PASS:
-                    PASS_PACKET(p);
+                    PACKET_PASS(p);
                     break;
                 default:
                     /* Weird, leave the default action */
@@ -529,16 +529,16 @@ static int ThresholdHandlePacketRule(DetectEngineCtx *de_ctx, Packet *p, DetectT
                 /* Take the action to perform */
                 switch (td->new_action) {
                     case TH_ACTION_ALERT:
-                        ALERT_PACKET(p);
+                        PACKET_ALERT(p);
                         break;
                     case TH_ACTION_DROP:
-                        DROP_PACKET(p);
+                        PACKET_DROP(p);
                         break;
                     case TH_ACTION_REJECT:
-                        REJECT_PACKET(p);
+                        PACKET_REJECT(p);
                         break;
                     case TH_ACTION_PASS:
-                        PASS_PACKET(p);
+                        PACKET_PASS(p);
                         break;
                     default:
                         /* Weird, leave the default action */
diff --git a/src/detect-threshold.c b/src/detect-threshold.c
index e8d5569619efbf5035e59536441c1d5bd94e4efd..aec9cb54643e807b4a0070183c5ec7963df5a41a 100644 (file)
--- a/src/detect-threshold.c
+++ b/src/detect-threshold.c
@@ -959,17 +959,17 @@ static int DetectThresholdTestSig7(void) {
     TimeGet(&p->ts);
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts = PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     TimeSetIncrementTime(200);
@@ -977,17 +977,17 @@ static int DetectThresholdTestSig7(void) {
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     if (alerts == 1 && drops == 6)
@@ -1052,17 +1052,17 @@ static int DetectThresholdTestSig8(void) {
     TimeGet(&p->ts);
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts = PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     TimeSetIncrementTime(200);
@@ -1070,17 +1070,17 @@ static int DetectThresholdTestSig8(void) {
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     if (alerts == 2 && drops == 6)
@@ -1145,17 +1145,17 @@ static int DetectThresholdTestSig9(void) {
     TimeGet(&p->ts);
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts = PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     TimeSetIncrementTime(200);
@@ -1163,17 +1163,17 @@ static int DetectThresholdTestSig9(void) {
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     if (alerts == 2 && drops == 2)
@@ -1238,17 +1238,17 @@ static int DetectThresholdTestSig10(void) {
     TimeGet(&p->ts);
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts = PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     TimeSetIncrementTime(200);
@@ -1256,17 +1256,17 @@ static int DetectThresholdTestSig10(void) {
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     if (alerts == 1 && drops == 1)
@@ -1331,17 +1331,17 @@ static int DetectThresholdTestSig11(void) {
     TimeGet(&p->ts);
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts = PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     TimeSetIncrementTime(200);
@@ -1349,17 +1349,17 @@ static int DetectThresholdTestSig11(void) {
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     if (alerts == 1 && drops == 4)
@@ -1424,17 +1424,17 @@ static int DetectThresholdTestSig12(void) {
     TimeGet(&p->ts);
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts = PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     TimeSetIncrementTime(200);
@@ -1442,17 +1442,17 @@ static int DetectThresholdTestSig12(void) {
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
     alerts += PacketAlertCheck(p, 10);
-    drops += ((TEST_PACKET_ACTION(p, ACTION_DROP))?1:0);
+    drops += ((PACKET_TEST_ACTION(p, ACTION_DROP))?1:0);
     p->action = 0;
 
     if (alerts == 1 && drops == 2)
diff --git a/src/detect.c b/src/detect.c
index 596ad3827ce015bf9a7c2ab9bc8864da9cc0b843..d297b55300ab43aedce03fc3da87bbb8fc423746 100644 (file)
--- a/src/detect.c
+++ b/src/detect.c
@@ -1342,7 +1342,7 @@ int SigMatchSignatures(ThreadVars *th_v, DetectEngineCtx *de_ctx, DetectEngineTh
             if (p->flow->flags & FLOW_ACTION_DROP)
             {
                 alert_flags = PACKET_ALERT_FLAG_DROP_FLOW;
-                UPDATE_PACKET_ACTION(p, ACTION_DROP);
+                PACKET_UPDATE_ACTION(p, ACTION_DROP);
             }
         }
 
@@ -1626,7 +1626,7 @@ int SigMatchSignatures(ThreadVars *th_v, DetectEngineCtx *de_ctx, DetectEngineTh
                 PacketAlertAppend(det_ctx, s, p, alert_flags);
         } else {
             /* apply actions even if not alerting */
-            UPDATE_PACKET_ACTION(p, s->action);
+            PACKET_UPDATE_ACTION(p, s->action);
         }
 next:
         DetectFlowvarProcessList(det_ctx, p->flow);
@@ -1775,7 +1775,7 @@ TmEcode Detect(ThreadVars *tv, Packet *p, void *data, PacketQueue *pq, PacketQue
     DEBUG_VALIDATE_PACKET(p);
 
     /* No need to perform any detection on this packet, if the the given flag is set.*/
-    if ((p->flags & PKT_NOPACKET_INSPECTION) || (TEST_PACKET_ACTION(p,
+    if ((p->flags & PKT_NOPACKET_INSPECTION) || (PACKET_TEST_ACTION(p,
                                                                     ACTION_DROP)))
         return 0;
 
@@ -10924,7 +10924,7 @@ static int SigTestDropFlow03(void)
         goto end;
     }
 
-    if ( !(TEST_PACKET_ACTION(p2, ACTION_DROP))) {
+    if ( !(PACKET_TEST_ACTION(p2, ACTION_DROP))) {
         printf("A \"drop\" action should be set from the flow to the packet: ");
         goto end;
     }
@@ -11055,7 +11055,7 @@ static int SigTestDropFlow04(void)
         goto end;
     }
 
-    if (!(TEST_PACKET_ACTION(p1, ACTION_DROP))) {
+    if (!(PACKET_TEST_ACTION(p1, ACTION_DROP))) {
         printf("A \"drop\" action was set from the flow to the packet "
                "which is right, but setting the flag shouldn't disable "
                "inspection on the packet in IDS mode");
@@ -11096,7 +11096,7 @@ static int SigTestDropFlow04(void)
         goto end;
     }
 
-    if (!(TEST_PACKET_ACTION(p2, ACTION_DROP))) {
+    if (!(PACKET_TEST_ACTION(p2, ACTION_DROP))) {
         printf("A \"drop\" action was set from the flow to the packet "
                "which is right, but setting the flag shouldn't disable "
                "inspection on the packet in IDS mode");
diff --git a/src/log-droplog.c b/src/log-droplog.c
index 03972e2d0102e9537e3f2a6f6c0ba5be72de84c2..f3172ddc6bb54cebcfb3547c19d9e290283bd874 100644 (file)
--- a/src/log-droplog.c
+++ b/src/log-droplog.c
@@ -212,7 +212,7 @@ TmEcode LogDropLogNetFilter (ThreadVars *tv, Packet *p, void *data, PacketQueue
     uint16_t proto = 0;
     char timebuf[64];
 
-    if (!(TEST_PACKET_ACTION(p, ACTION_DROP)) || PKT_IS_PSEUDOPKT(p)) {
+    if (!(PACKET_TEST_ACTION(p, ACTION_DROP)) || PKT_IS_PSEUDOPKT(p)) {
         return TM_ECODE_OK;
     }
 
@@ -392,7 +392,7 @@ int LogDropLogTest01()
     DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
 
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
-    if (p->alerts.cnt == 1 && (TEST_PACKET_ACTION(p, ACTION_DROP)))
+    if (p->alerts.cnt == 1 && (PACKET_TEST_ACTION(p, ACTION_DROP)))
         result = (strcmp(p->alerts.alerts[0].s->class_msg, "Unknown are we") == 0);
     else
         result = 0;
diff --git a/src/respond-reject.c b/src/respond-reject.c
index 235aff347e95435254937b5b7816e03bf3b48aea..742ace8d74a21cef593987c762752c5f86abb2a4 100644 (file)
--- a/src/respond-reject.c
+++ b/src/respond-reject.c
@@ -60,9 +60,9 @@ TmEcode RespondRejectFunc(ThreadVars *tv, Packet *p, void *data, PacketQueue *pq
     int ret = 0;
 
     /* ACTION_REJECT defaults to rejecting the SRC */
-    if (!(TEST_PACKET_ACTION(p, ACTION_REJECT)) &&
-        !(TEST_PACKET_ACTION(p, ACTION_REJECT_DST)) &&
-        !(TEST_PACKET_ACTION(p, ACTION_REJECT_BOTH))) {
+    if (!(PACKET_TEST_ACTION(p, ACTION_REJECT)) &&
+        !(PACKET_TEST_ACTION(p, ACTION_REJECT_DST)) &&
+        !(PACKET_TEST_ACTION(p, ACTION_REJECT_BOTH))) {
         return TM_ECODE_OK;
     }
 
@@ -94,11 +94,11 @@ TmEcode RespondRejectFunc(ThreadVars *tv, Packet *p, void *data, PacketQueue *pq
 }
 
 int RejectSendIPv4TCP(ThreadVars *tv, Packet *p, void *data) {
-    if (TEST_PACKET_ACTION(p, ACTION_REJECT)) {
+    if (PACKET_TEST_ACTION(p, ACTION_REJECT)) {
         return RejectSendLibnet11L3IPv4TCP(tv, p, data, REJECT_DIR_SRC);
-    } else if (TEST_PACKET_ACTION(p, ACTION_REJECT_DST)) {
+    } else if (PACKET_TEST_ACTION(p, ACTION_REJECT_DST)) {
         return RejectSendLibnet11L3IPv4TCP(tv, p, data, REJECT_DIR_DST);
-    } else if(TEST_PACKET_ACTION(p, ACTION_REJECT_BOTH)) {
+    } else if(PACKET_TEST_ACTION(p, ACTION_REJECT_BOTH)) {
         if (RejectSendLibnet11L3IPv4TCP(tv, p, data, REJECT_DIR_SRC) == 0 &&
             RejectSendLibnet11L3IPv4TCP(tv, p, data, REJECT_DIR_DST) == 0) {
             return 0;
@@ -110,11 +110,11 @@ int RejectSendIPv4TCP(ThreadVars *tv, Packet *p, void *data) {
 }
 
 int RejectSendIPv4ICMP(ThreadVars *tv, Packet *p, void *data) {
-    if (TEST_PACKET_ACTION(p, ACTION_REJECT)) {
+    if (PACKET_TEST_ACTION(p, ACTION_REJECT)) {
         return RejectSendLibnet11L3IPv4ICMP(tv, p, data, REJECT_DIR_SRC);
-    } else if (TEST_PACKET_ACTION(p, ACTION_REJECT_DST)) {
+    } else if (PACKET_TEST_ACTION(p, ACTION_REJECT_DST)) {
         return RejectSendLibnet11L3IPv4ICMP(tv, p, data, REJECT_DIR_DST);
-    } else if(TEST_PACKET_ACTION(p, ACTION_REJECT_BOTH)) {
+    } else if(PACKET_TEST_ACTION(p, ACTION_REJECT_BOTH)) {
         if (RejectSendLibnet11L3IPv4ICMP(tv, p, data, REJECT_DIR_SRC) == 0 &&
             RejectSendLibnet11L3IPv4ICMP(tv, p, data, REJECT_DIR_DST) == 0) {
             return 0;
diff --git a/src/source-af-packet.c b/src/source-af-packet.c
index 0db26abcec148b7a7e27214d1e2951d47cad219f..1d5d8ae953db4cecbf67d71eec0e4448a2d4ce0e 100644 (file)
--- a/src/source-af-packet.c
+++ b/src/source-af-packet.c
@@ -614,7 +614,7 @@ TmEcode AFPWritePacket(Packet *p)
     int socket;
 
     if (p->afp_v.copy_mode == AFP_COPY_MODE_IPS) {
-        if (TEST_PACKET_ACTION(p, ACTION_DROP)) {
+        if (PACKET_TEST_ACTION(p, ACTION_DROP)) {
             return TM_ECODE_OK;
         }
     }
diff --git a/src/source-ipfw.c b/src/source-ipfw.c
index 00f094ee16e8e4cdec21aa9903a0fe53e043cdd0..03a8ab8b6adbeb52a9fcc56ffb610b714c86e182 100644 (file)
--- a/src/source-ipfw.c
+++ b/src/source-ipfw.c
@@ -518,7 +518,7 @@ TmEcode IPFWSetVerdict(ThreadVars *tv, IPFWThreadVars *ptv, Packet *p)
     IPFWpoll.fd = nq->fd;
     IPFWpoll.events = POLLWRNORM;
 
-    if (TEST_PACKET_ACTION(p, ACTION_DROP)) {
+    if (PACKET_TEST_ACTION(p, ACTION_DROP)) {
         verdict = IPFW_DROP;
     } else {
         verdict = IPFW_ACCEPT;
diff --git a/src/source-nfq.c b/src/source-nfq.c
index c7245f23ac28573a49c481a987fcfe51cd06cd01..89d4e48c3fbde491bd16959763d2118ecd813e5e 100644 (file)
--- a/src/source-nfq.c
+++ b/src/source-nfq.c
@@ -1014,7 +1014,7 @@ TmEcode NFQSetVerdict(Packet *p) {
         return TM_ECODE_OK;
     }
 
-    if (TEST_PACKET_ACTION(p, ACTION_DROP)) {
+    if (PACKET_TEST_ACTION(p, ACTION_DROP)) {
         verdict = NF_DROP;
 #ifdef COUNTERS
         t->dropped++;
diff --git a/src/stream-tcp.c b/src/stream-tcp.c
index 7ea28b98e5f07e2a7ec6b1810bd1cf0dba999fd2..aa96de3abef073a892dae7b6650256a99379ea75 100644 (file)
--- a/src/stream-tcp.c
+++ b/src/stream-tcp.c
@@ -4165,7 +4165,7 @@ static int StreamTcpPacket (ThreadVars *tv, Packet *p, StreamTcpThread *stt,
         FlowSetNoPacketInspectionFlag(p->flow);
         DecodeSetNoPacketInspectionFlag(p);
         FlowSetSessionNoApplayerInspectionFlag(p->flow);
-        UPDATE_PACKET_ACTION(p, ACTION_DROP);
+        PACKET_UPDATE_ACTION(p, ACTION_DROP);
         /* return the segments to the pool */
         StreamTcpSessionPktFree(p);
         SCReturnInt(0);
@@ -4377,7 +4377,7 @@ error:
     }
 
     if (StreamTcpInlineMode()) {
-        UPDATE_PACKET_ACTION(p, ACTION_DROP);
+        PACKET_UPDATE_ACTION(p, ACTION_DROP);
     }
     SCReturnInt(-1);
 }
diff --git a/src/util-threshold-config.c b/src/util-threshold-config.c
index ed991a34b8364d41ce0b56f27a056d1492f5671d..fa7cc10a34d35d4f04ebbf73a3821edf2ddf3acc 100644 (file)
--- a/src/util-threshold-config.c
+++ b/src/util-threshold-config.c
@@ -1642,7 +1642,7 @@ int SCThresholdConfTest09(void)
     p->alerts.cnt = 0;
     p->action = 0;
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
-    if (p->alerts.cnt != 1 || TEST_PACKET_ACTION(p, ACTION_DROP)) {
+    if (p->alerts.cnt != 1 || PACKET_TEST_ACTION(p, ACTION_DROP)) {
         result = 0;
         goto end;
     }
@@ -1650,7 +1650,7 @@ int SCThresholdConfTest09(void)
     p->alerts.cnt = 0;
     p->action = 0;
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
-    if (p->alerts.cnt != 1 || TEST_PACKET_ACTION(p, ACTION_DROP)) {
+    if (p->alerts.cnt != 1 || PACKET_TEST_ACTION(p, ACTION_DROP)) {
         result = 0;
         goto end;
     }
@@ -1658,7 +1658,7 @@ int SCThresholdConfTest09(void)
     p->alerts.cnt = 0;
     p->action = 0;
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
-    if (p->alerts.cnt != 1 || TEST_PACKET_ACTION(p, ACTION_DROP)) {
+    if (p->alerts.cnt != 1 || PACKET_TEST_ACTION(p, ACTION_DROP)) {
         result = 0;
         goto end;
     }
@@ -1669,7 +1669,7 @@ int SCThresholdConfTest09(void)
     p->alerts.cnt = 0;
     p->action = 0;
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
-    if (p->alerts.cnt != 1 || !(TEST_PACKET_ACTION(p, ACTION_DROP))) {
+    if (p->alerts.cnt != 1 || !(PACKET_TEST_ACTION(p, ACTION_DROP))) {
         result = 0;
         goto end;
     }
@@ -1680,7 +1680,7 @@ int SCThresholdConfTest09(void)
     p->alerts.cnt = 0;
     p->action = 0;
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
-    if (p->alerts.cnt != 1 || !(TEST_PACKET_ACTION(p, ACTION_DROP))) {
+    if (p->alerts.cnt != 1 || !(PACKET_TEST_ACTION(p, ACTION_DROP))) {
         result = 0;
         goto end;
     }
@@ -1691,7 +1691,7 @@ int SCThresholdConfTest09(void)
     p->alerts.cnt = 0;
     p->action = 0;
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
-    if (p->alerts.cnt != 1 || TEST_PACKET_ACTION(p, ACTION_DROP)) {
+    if (p->alerts.cnt != 1 || PACKET_TEST_ACTION(p, ACTION_DROP)) {
         result = 0;
         goto end;
     }
@@ -1699,7 +1699,7 @@ int SCThresholdConfTest09(void)
     p->alerts.cnt = 0;
     p->action = 0;
     SigMatchSignatures(&th_v, de_ctx, det_ctx, p);
-    if (p->alerts.cnt != 1 || TEST_PACKET_ACTION(p, ACTION_DROP)) {
+    if (p->alerts.cnt != 1 || PACKET_TEST_ACTION(p, ACTION_DROP)) {
         result = 0;
         goto end;
     }
@@ -2221,7 +2221,7 @@ static int SCThresholdConfTest15(void)
         goto end;
     }
     /* however, it should have set the drop flag */
-    if (!(TEST_PACKET_ACTION(p, ACTION_DROP))) {
+    if (!(PACKET_TEST_ACTION(p, ACTION_DROP))) {
         printf("sid 10000 should have set DROP flag even if suppressed: ");
         goto end;
     }
@@ -2290,7 +2290,7 @@ static int SCThresholdConfTest16(void)
         goto end;
     }
     /* however, it should have set the drop flag */
-    if (!(TEST_PACKET_ACTION(p, ACTION_DROP))) {
+    if (!(PACKET_TEST_ACTION(p, ACTION_DROP))) {
         printf("sid 1000 should have set DROP flag even if suppressed: ");
         goto end;
     }
@@ -2359,7 +2359,7 @@ static int SCThresholdConfTest17(void)
         goto end;
     }
     /* however, it should have set the drop flag */
-    if (!(TEST_PACKET_ACTION(p, ACTION_DROP))) {
+    if (!(PACKET_TEST_ACTION(p, ACTION_DROP))) {
         printf("sid 10000 should have set DROP flag even if suppressed: ");
         goto end;
     }
Mirror of https://github.com/OISF/suricata.git