option can be enabled regardless of enabled the ipip tunneling.
As this may impact signature matching and flow tracking, these are disabled by default.
+The stats counter `decoder.ipv4_in_ipv4` is associated with this setting.
+
::
# IP-in-IP tunneling for ipv4 over ipv4 handling.
"ipv4": {
"type": "integer"
},
+ "ipv4_in_ipv4": {
+ "type": "integer",
+ "description": "Number of IP-in-IP packets seen for ipv4-ipv4"
+ },
"ipv4_in_ipv6": {
- "type": "integer"
+ "type": "integer",
+ "description": "Number of IP-in-IP packets seen for ipv4-ipv6"
},
"ipv6": {
"type": "integer"
},
+ "ipv6_in_ipv4": {
+ "type": "integer",
+ "description": "Number of IP-in-IP packets seen for ipv6-ipv4"
+ },
"ipv6_in_ipv6": {
- "type": "integer"
+ "type": "integer",
+ "description": "Number of IP-in-IP packets seen for ipv6-ipv6"
},
"max_mac_addrs_dst": {
"type": "integer"
if (tp != NULL) {
PKT_SET_SRC(tp, PKT_SRC_DECODER_IPV4);
PacketEnqueueNoLock(&tv->decode_pq, tp);
+ StatsIncr(tv, dtv->counter_ipv4inipv4);
}
}
if (g_ipv4_ipip_parent_flow_enabled) {
if (tp != NULL) {
PKT_SET_SRC(tp, PKT_SRC_DECODER_IPV4);
PacketEnqueueNoLock(&tv->decode_pq,tp);
+ StatsIncr(tv, dtv->counter_ipv6inipv4);
}
FlowSetupPacket(p);
break;
dtv->counter_vntag = StatsRegisterCounter("decoder.vntag", tv);
dtv->counter_ieee8021ah = StatsRegisterCounter("decoder.ieee8021ah", tv);
dtv->counter_teredo = StatsRegisterCounter("decoder.teredo", tv);
+ dtv->counter_ipv4inipv4 = StatsRegisterCounter("decoder.ipv4_in_ipv4", tv);
+ dtv->counter_ipv6inipv4 = StatsRegisterCounter("decoder.ipv6_in_ipv4", tv);
dtv->counter_ipv4inipv6 = StatsRegisterCounter("decoder.ipv4_in_ipv6", tv);
dtv->counter_ipv6inipv6 = StatsRegisterCounter("decoder.ipv6_in_ipv6", tv);
dtv->counter_mpls = StatsRegisterCounter("decoder.mpls", tv);
uint16_t counter_pppoe;
uint16_t counter_teredo;
uint16_t counter_mpls;
+ uint16_t counter_ipv4inipv4;
+ uint16_t counter_ipv6inipv4;
uint16_t counter_ipv4inipv6;
uint16_t counter_ipv6inipv6;
uint16_t counter_erspan;
projects / thirdparty / suricata.git / commitdiff
