From: Eric Leblond <eric@regit.org>
Date: Thu, 16 Aug 2012 06:57:19 +0000 (+0200)
Subject: stream-tcp: no checksum alert if validation is off
X-Git-Tag: suricata-1.3.1~6
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=11c3167583072103f5c09711caeaf46f3fde75a0;p=thirdparty%2Fsuricata.git

stream-tcp: no checksum alert if validation is off

This patch disables checksum alert if checksum-validation is set
to no in the configuration file. Without this patch, when parsing
a pcap which checksum offloading, it was not possible to get rid
of event caused by checksum validation.
---

diff --git a/src/stream-tcp.c b/src/stream-tcp.c
index 01a132faf8..5e4c010a11 100644
--- a/src/stream-tcp.c
+++ b/src/stream-tcp.c
@@ -380,7 +380,7 @@ void StreamTcpInitConfig(char quiet)
     if ((ConfGetBool("stream.checksum-validation", &csum)) == 1) {
         if (csum == 1) {
             stream_config.flags |= STREAMTCP_INIT_FLAG_CHECKSUM_VALIDATION;
-	}
+        }
     /* Default is that we validate the checksum of all the packets */
     } else {
         stream_config.flags |= STREAMTCP_INIT_FLAG_CHECKSUM_VALIDATION;
@@ -3737,11 +3737,13 @@ TmEcode StreamTcp (ThreadVars *tv, Packet *p, void *data, PacketQueue *pq, Packe
         return TM_ECODE_OK;
     }
 
-    if ((stream_config.flags & STREAMTCP_INIT_FLAG_CHECKSUM_VALIDATION) &&
-            (StreamTcpValidateChecksum(p) == 0))
-    {
-        SCPerfCounterIncr(stt->counter_tcp_invalid_checksum, tv->sc_perf_pca);
-        return TM_ECODE_OK;
+    if (stream_config.flags & STREAMTCP_INIT_FLAG_CHECKSUM_VALIDATION) {
+        if (StreamTcpValidateChecksum(p) == 0) {
+            SCPerfCounterIncr(stt->counter_tcp_invalid_checksum, tv->sc_perf_pca);
+            return TM_ECODE_OK;
+        }
+    } else {
+        p->flags |= PKT_IGNORE_CHECKSUM;
     }
 
     PACKET_PROFILING_APP_RESET(&stt->ra_ctx->dp_ctx);