From: Hui Cao (huica) <huica@cisco.com>
Date: Tue, 10 Apr 2018 12:59:19 +0000 (-0400)
Subject: Merge pull request #1181 in SNORT/snort3 from send_reset_on_pdu3 to master
X-Git-Tag: 3.0.0-245~48
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3ddf4eaf61abfec64bd4ec47dfb0ae5cf66150f3;p=thirdparty%2Fsnort3.git

Merge pull request #1181 in SNORT/snort3 from send_reset_on_pdu3 to master

Squashed commit of the following:

commit 8c7e839b8c0f2b9abb85cc45b8ec0ce86b1759e0
Author: Steve Chew <stechew@cisco.com>
Date:   Thu Apr 5 14:50:47 2018 -0400

    Reset: Always queue reject and test packet type in RejectAction::exec.
---

diff --git a/src/actions/act_reject.cc b/src/actions/act_reject.cc
index 652b9c014..d01f47a3d 100644
--- a/src/actions/act_reject.cc
+++ b/src/actions/act_reject.cc
@@ -93,6 +93,28 @@ private:
 void RejectAction::exec(Packet* p)
 {
     Profile profile(rejPerfStats);
+
+    if ( !p->ptrs.ip_api.is_ip() )
+        return;
+
+    switch ( p->type() )
+    {
+    case PktType::TCP:
+        if ( !Active::is_reset_candidate(p) )
+            return;
+        break;
+
+    case PktType::UDP:
+    case PktType::ICMP:
+    case PktType::IP:
+        if ( !Active::is_unreachable_candidate(p) )
+            return;
+        break;
+
+    default:
+        return;
+    }
+
     send(p);
 }
 
diff --git a/src/managers/action_manager.cc b/src/managers/action_manager.cc
index 1dfd1ab05..6177cc34e 100644
--- a/src/managers/action_manager.cc
+++ b/src/managers/action_manager.cc
@@ -152,28 +152,8 @@ void ActionManager::queue(IpsAction* a)
         s_action = a;
 }
 
-void ActionManager::queue_reject(const Packet* p)
+void ActionManager::queue_reject()
 {
-    if ( !p->ptrs.ip_api.is_ip() )
-        return;
-
-    switch ( p->type() )
-    {
-    case PktType::TCP:
-        if ( !Active::is_reset_candidate(p) )
-            return;
-        break;
-
-    case PktType::UDP:
-    case PktType::ICMP:
-    case PktType::IP:
-        if ( !Active::is_unreachable_candidate(p) )
-            return;
-        break;
-
-    default:
-        return;
-    }
     if ( s_reject )
         queue(s_reject);
 }
diff --git a/src/managers/action_manager.h b/src/managers/action_manager.h
index 990a5bfc4..c9af1bddc 100644
--- a/src/managers/action_manager.h
+++ b/src/managers/action_manager.h
@@ -70,7 +70,7 @@ public:
     static void thread_term(snort::SnortConfig*);
 
     static void reset_queue();
-    static void queue_reject(const snort::Packet*);
+    static void queue_reject();
     static void queue(snort::IpsAction*);
     static void execute(snort::Packet*);
 
diff --git a/src/packet_io/active.cc b/src/packet_io/active.cc
index c87e2429b..e40637d92 100644
--- a/src/packet_io/active.cc
+++ b/src/packet_io/active.cc
@@ -470,7 +470,7 @@ void Active::reset_session(Packet* p, bool force)
 
     if ( s_enabled )
     {
-        ActionManager::queue_reject(p);
+        ActionManager::queue_reject();
 
         if ( p->flow )
         {