suricata
decode-ipv4.c
Go to the documentation of this file.
1 /* Copyright (C) 2007-2024 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \ingroup decode
20  *
21  * @{
22  */
23 
24 
25 /**
26  * \file
27  *
28  * \author Victor Julien <victor@inliniac.net>
29  * \author Brian Rectanus <brectanu@gmail.com>
30  *
31  * Decode IPv4
32  */
33 
34 #include "suricata-common.h"
35 #include "decode-ipv4.h"
36 #include "decode.h"
37 #include "defrag.h"
38 #include "flow.h"
39 #include "util-print.h"
40 
41 /* Generic validation
42  *
43  * [--type--][--len---]
44  *
45  * \todo This function needs removed in favor of specific validation.
46  *
47  * See: RFC 791
48  */
49 static int IPV4OptValidateGeneric(Packet *p, const IPV4Opt *o)
50 {
51  switch (o->type) {
52  /* See: RFC 4782 */
53  case IPV4_OPT_QS:
54  if (o->len < IPV4_OPT_QS_MIN) {
55  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
56  return -1;
57  }
58  break;
59  /* See: RFC 1108 */
60  case IPV4_OPT_SEC:
61  case IPV4_OPT_ESEC:
62  if (unlikely(o->len < IPV4_OPT_SEC_MIN)) {
63  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
64  return -1;
65  }
66  break;
67  case IPV4_OPT_SID:
68  if (o->len != IPV4_OPT_SID_LEN) {
69  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
70  return -1;
71  }
72  break;
73  /* See: RFC 2113 */
74  case IPV4_OPT_RTRALT:
75  if (o->len != IPV4_OPT_RTRALT_LEN) {
76  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
77  return -1;
78  }
79  break;
80  default:
81  /* Should never get here unless there is a coding error */
82  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_UNKNOWN);
83  return -1;
84  }
85 
86  return 0;
87 }
88 
89 /* Validate route type options
90  *
91  * [--type--][--len---][--ptr---][address1]...[addressN]
92  *
93  * See: RFC 791
94  */
95 static int IPV4OptValidateRoute(Packet *p, const IPV4Opt *o)
96 {
97  uint8_t ptr;
98 
99  /* Check length */
100  if (unlikely(o->len < IPV4_OPT_ROUTE_MIN)) {
101  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
102  return -1;
103  }
104 
105  /* Data is required */
106  if (unlikely(o->data == NULL)) {
107  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
108  return -1;
109  }
110  ptr = *o->data;
111 
112  /* Address pointer is 1 based and points at least after type+len+ptr,
113  * must be a incremented by 4 bytes (address size) and cannot extend
114  * past option length.
115  */
116  if (unlikely((ptr < 4) || (ptr % 4) || (ptr > o->len + 1))) {
117  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
118  return -1;
119  }
120 
121  return 0;
122 }
123 
124 /* Validate timestamp type options
125  *
126  * [--type--][--len---][--ptr---][ovfl][flag][rec1----...]...[recN----...]
127  * NOTE: rec could be 4 (ts only) or 8 (ip+ts) bytes in length.
128  *
129  * See: RFC 781
130  */
131 static int IPV4OptValidateTimestamp(Packet *p, const IPV4Opt *o)
132 {
133  uint8_t ptr;
134  uint8_t flag;
135  uint8_t rec_size;
136 
137  /* Check length */
138  if (unlikely(o->len < IPV4_OPT_TS_MIN)) {
139  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
140  return -1;
141  }
142 
143  /* Data is required */
144  if (unlikely(o->data == NULL)) {
145  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
146  return -1;
147  }
148  ptr = *o->data;
149 
150  /* We need the flag to determine what is in the option payload */
151  if (unlikely(ptr < 5)) {
152  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
153  return -1;
154  }
155  flag = *(o->data + 1) & 0x0f;
156 
157  /* A flag of 1|3 means we have both the ip+ts in each record */
158  rec_size = ((flag == 1) || (flag == 3)) ? 8 : 4;
159 
160  /* Address pointer is 1 based and points at least after
161  * type+len+ptr+ovfl+flag, must be incremented by by the rec_size
162  * and cannot extend past option length.
163  */
164  if (unlikely(((ptr - 5) % rec_size) || (ptr > o->len + 1))) {
165  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
166  return -1;
167  }
168 
169  return 0;
170 }
171 
172 /* Validate CIPSO option
173  *
174  * [--type--][--len---][--doi---][tags--...]
175  *
176  * See: draft-ietf-cipso-ipsecurity-01.txt
177  * See: FIPS 188 (tags 6 & 7)
178  */
179 static int IPV4OptValidateCIPSO(Packet *p, const IPV4Opt *o)
180 {
181 // uint32_t doi;
182  const uint8_t *tag;
183  uint16_t len;
184 
185  /* Check length */
186  if (unlikely(o->len < IPV4_OPT_CIPSO_MIN)) {
187  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
188  return -1;
189  }
190 
191  /* Data is required */
192  if (unlikely(o->data == NULL)) {
193  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
194  return -1;
195  }
196 // doi = *o->data;
197  tag = o->data + 4;
198  len = o->len - 1 - 1 - 4; /* Length of tags after header */
199 
200 
201 #if 0
202  /* Domain of Interest (DOI) of 0 is reserved and thus invalid */
203  /** \todo Apparently a DOI of zero is fine in practice - verify. */
204  if (doi == 0) {
205  ENGINE_SET_EVENT(p,IPV4_OPT_MALFORMED);
206  return -1;
207  }
208 #endif
209 
210  /* NOTE: We know len has passed min tests prior to this call */
211 
212  /* Check that tags are formatted correctly
213  * [-ttype--][--tlen--][-tagdata-...]
214  */
215  while (len) {
216  uint8_t ttype;
217  uint8_t tlen;
218 
219  /* Tag header must fit within option length */
220  if (unlikely(len < 2)) {
221  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
222  return -1;
223  }
224 
225  /* Tag header is type+len */
226  ttype = *(tag++);
227  tlen = *(tag++);
228 
229  /* Tag length must fit within the option length */
230  if (unlikely(tlen > len)) {
231  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
232  return -1;
233  }
234 
235  switch(ttype) {
236  case 1:
237  case 2:
238  case 5:
239  case 6:
240  case 7:
241  /* Tag is at least 4 and at most the remainder of option len */
242  if (unlikely((tlen < 4) || (tlen > len))) {
243  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
244  return -1;
245  }
246 
247  /* The alignment octet is always 0 except tag
248  * type 7, which has no such field.
249  */
250  if (unlikely((ttype != 7) && (*tag != 0))) {
251  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
252  return -1;
253  }
254 
255  /* Skip the rest of the tag payload */
256  tag += tlen - 2;
257  len -= tlen;
258 
259  continue;
260  case 0:
261  /* Tag type 0 is reserved and thus invalid */
262  /** \todo Wireshark marks this a padding, but spec says reserved. */
263  ENGINE_SET_INVALID_EVENT(p,IPV4_OPT_MALFORMED);
264  return -1;
265  default:
266  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
267  /** \todo May not want to return error here on unknown tag type (at least not for 3|4) */
268  return -1;
269  }
270  }
271 
272  return 0;
273 }
274 
275 typedef struct IPV4Options_ {
276  IPV4Opt o_rr;
277  IPV4Opt o_qs;
278  IPV4Opt o_ts;
279  IPV4Opt o_sec;
280  IPV4Opt o_lsrr;
281  IPV4Opt o_esec;
282  IPV4Opt o_cipso;
283  IPV4Opt o_sid;
284  IPV4Opt o_ssrr;
285  IPV4Opt o_rtralt;
286 } IPV4Options;
287 
288 /**
289  * Decode/Validate IPv4 Options.
290  */
291 static int DecodeIPV4Options(Packet *p, const uint8_t *pkt, uint16_t len, IPV4Options *opts)
292 {
293  uint16_t plen = len;
294 
295 #ifdef DEBUG
296  if (SCLogDebugEnabled()) {
297  uint16_t i;
298  char buf[256] = "";
299  int offset = 0;
300 
301  for (i = 0; i < len; i++) {
302  offset += snprintf(buf + offset, (sizeof(buf) - offset), "%02" PRIx8 " ", pkt[i]);
303  }
304  SCLogDebug("IPV4OPTS: { %s}", buf);
305  }
306 #endif
307 
308  /* Options length must be padded to 8byte boundary */
309  if (plen % 8) {
310  ENGINE_SET_EVENT(p,IPV4_OPT_PAD_REQUIRED);
311  /* Warn - we can keep going */
312  }
313 
314  while (plen)
315  {
316  p->l3.vars.ip4.opt_cnt++;
317 
318  /* single byte options */
319  if (*pkt == IPV4_OPT_EOL) {
320  /** \todo What if more data exist after EOL (possible covert channel or data leakage)? */
321  SCLogDebug("IPV4OPT %" PRIu8 " len 1 @ %d/%d",
322  *pkt, (len - plen), (len - 1));
323  p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_EOL;
324  break;
325  } else if (*pkt == IPV4_OPT_NOP) {
326  SCLogDebug("IPV4OPT %" PRIu8 " len 1 @ %d/%d",
327  *pkt, (len - plen), (len - 1));
328  pkt++;
329  plen--;
330 
331  p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_NOP;
332 
333  /* multibyte options */
334  } else {
335  if (unlikely(plen < 2)) {
336  /** \todo What if padding is non-zero (possible covert channel or data leakage)? */
337  /** \todo Spec seems to indicate EOL required if there is padding */
338  ENGINE_SET_EVENT(p,IPV4_OPT_EOL_REQUIRED);
339  break;
340  }
341 
342  /* Option length is too big for packet */
343  if (unlikely(*(pkt+1) > plen)) {
344  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
345  return -1;
346  }
347 
348  IPV4Opt opt = {*pkt, *(pkt+1), plen > 2 ? (pkt + 2) : NULL };
349 
350  /* we already know that the total options len is valid,
351  * so here the len of the specific option must be bad.
352  * Also check for invalid lengths 0 and 1. */
353  if (unlikely(opt.len > plen || opt.len < 2)) {
354  ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
355  return -1;
356  }
357  /* we are parsing the most commonly used opts to prevent
358  * us from having to walk the opts list for these all the
359  * time. */
360  /** \todo Figure out which IP options are more common and list them first */
361  switch (opt.type) {
362  case IPV4_OPT_TS:
363  if (opts->o_ts.type != 0) {
364  ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
365  /* Warn - we can keep going */
366  } else if (IPV4OptValidateTimestamp(p, &opt) == 0) {
367  opts->o_ts = opt;
368  p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_TS;
369  }
370  break;
371  case IPV4_OPT_RR:
372  if (opts->o_rr.type != 0) {
373  ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
374  /* Warn - we can keep going */
375  } else if (IPV4OptValidateRoute(p, &opt) == 0) {
376  opts->o_rr = opt;
377  p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_RR;
378  }
379  break;
380  case IPV4_OPT_QS:
381  if (opts->o_qs.type != 0) {
382  ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
383  /* Warn - we can keep going */
384  } else if (IPV4OptValidateGeneric(p, &opt) == 0) {
385  opts->o_qs = opt;
386  p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_QS;
387  }
388  break;
389  case IPV4_OPT_SEC:
390  if (opts->o_sec.type != 0) {
391  ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
392  /* Warn - we can keep going */
393  } else if (IPV4OptValidateGeneric(p, &opt) == 0) {
394  opts->o_sec = opt;
395  p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_SEC;
396  }
397  break;
398  case IPV4_OPT_LSRR:
399  if (opts->o_lsrr.type != 0) {
400  ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
401  /* Warn - we can keep going */
402  } else if (IPV4OptValidateRoute(p, &opt) == 0) {
403  opts->o_lsrr = opt;
404  p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_LSRR;
405  }
406  break;
407  case IPV4_OPT_ESEC:
408  if (opts->o_esec.type != 0) {
409  ENGINE_SET_EVENT(p, IPV4_OPT_DUPLICATE);
410  /* Warn - we can keep going */
411  } else if (IPV4OptValidateGeneric(p, &opt) == 0) {
412  opts->o_esec = opt;
413  p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_ESEC;
414  }
415  break;
416  case IPV4_OPT_CIPSO:
417  if (opts->o_cipso.type != 0) {
418  ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
419  /* Warn - we can keep going */
420  } else if (IPV4OptValidateCIPSO(p, &opt) == 0) {
421  opts->o_cipso = opt;
422  p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_CIPSO;
423  }
424  break;
425  case IPV4_OPT_SID:
426  if (opts->o_sid.type != 0) {
427  ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
428  /* Warn - we can keep going */
429  } else if (IPV4OptValidateGeneric(p, &opt) == 0) {
430  opts->o_sid = opt;
431  p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_SID;
432  }
433  break;
434  case IPV4_OPT_SSRR:
435  if (opts->o_ssrr.type != 0) {
436  ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
437  /* Warn - we can keep going */
438  } else if (IPV4OptValidateRoute(p, &opt) == 0) {
439  opts->o_ssrr = opt;
440  p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_SSRR;
441  }
442  break;
443  case IPV4_OPT_RTRALT:
444  if (opts->o_rtralt.type != 0) {
445  ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
446  /* Warn - we can keep going */
447  } else if (IPV4OptValidateGeneric(p, &opt) == 0) {
448  opts->o_rtralt = opt;
449  p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_RTRALT;
450  }
451  break;
452  default:
453  SCLogDebug("IPV4OPT <unknown> (%" PRIu8 ") len %" PRIu8,
454  opt.type, opt.len);
455  ENGINE_SET_EVENT(p,IPV4_OPT_INVALID);
456  /* Warn - we can keep going */
457  break;
458  }
459 
460  pkt += opt.len;
461  plen -= opt.len;
462  }
463  }
464 
465  return 0;
466 }
467 
468 static const IPV4Hdr *DecodeIPV4Packet(Packet *p, const uint8_t *pkt, uint16_t len)
469 {
470  if (unlikely(len < IPV4_HEADER_LEN)) {
471  ENGINE_SET_INVALID_EVENT(p, IPV4_PKT_TOO_SMALL);
472  return NULL;
473  }
474 
475  if (unlikely(IP_GET_RAW_VER(pkt) != 4)) {
476  SCLogDebug("wrong ip version %d",IP_GET_RAW_VER(pkt));
477  ENGINE_SET_INVALID_EVENT(p, IPV4_WRONG_IP_VER);
478  return NULL;
479  }
480 
481  const IPV4Hdr *ip4h = PacketSetIPV4(p, pkt);
482 
483  if (unlikely(IPV4_GET_RAW_HLEN(ip4h) < IPV4_HEADER_LEN)) {
484  ENGINE_SET_INVALID_EVENT(p, IPV4_HLEN_TOO_SMALL);
485  return NULL;
486  }
487 
488  if (unlikely(IPV4_GET_RAW_IPLEN(ip4h) < IPV4_GET_RAW_HLEN(ip4h))) {
489  ENGINE_SET_INVALID_EVENT(p, IPV4_IPLEN_SMALLER_THAN_HLEN);
490  return NULL;
491  }
492 
493  if (unlikely(len < IPV4_GET_RAW_IPLEN(ip4h))) {
494  ENGINE_SET_INVALID_EVENT(p, IPV4_TRUNC_PKT);
495  return NULL;
496  }
497 
498  /* set the address struct */
499  SET_IPV4_SRC_ADDR(ip4h, &p->src);
500  SET_IPV4_DST_ADDR(ip4h, &p->dst);
501 
502  /* save the options len */
503  uint8_t ip_opt_len = IPV4_GET_RAW_HLEN(ip4h) - IPV4_HEADER_LEN;
504  if (ip_opt_len > 0) {
505  IPV4Options opts;
506  memset(&opts, 0x00, sizeof(opts));
507  if (DecodeIPV4Options(p, pkt + IPV4_HEADER_LEN, ip_opt_len, &opts) < 0) {
508  return NULL;
509  }
510  }
511 
512  return ip4h;
513 }
514 
515 int DecodeIPV4(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p,
516  const uint8_t *pkt, uint16_t len)
517 {
518  StatsCounterIncr(&tv->stats, dtv->counter_ipv4);
519 
520  SCLogDebug("pkt %p len %"PRIu16"", pkt, len);
521 
522  if (!PacketIncreaseCheckLayers(p)) {
523  return TM_ECODE_FAILED;
524  }
525  /* do the actual decoding */
526  const IPV4Hdr *ip4h = DecodeIPV4Packet(p, pkt, len);
527  if (unlikely(ip4h == NULL)) {
528  SCLogDebug("decoding IPv4 packet failed");
529  PacketClearL3(p);
530  return TM_ECODE_FAILED;
531  }
532  p->proto = IPV4_GET_RAW_IPPROTO(ip4h);
533 
534  /* If a fragment, pass off for re-assembly. */
535  if (unlikely(IPV4_GET_RAW_FRAGOFFSET(ip4h) > 0 || IPV4_GET_RAW_FLAG_MF(ip4h))) {
536  Packet *rp = Defrag(tv, dtv, p);
537  if (rp != NULL) {
538  PacketEnqueueNoLock(&tv->decode_pq, rp);
539  }
540  p->flags |= PKT_IS_FRAGMENT;
541  return TM_ECODE_OK;
542  }
543 
544  /* do hdr test, process hdr rules */
545 
546 #ifdef DEBUG
547  if (SCLogDebugEnabled()) { /* only convert the addresses if debug is really enabled */
548  /* debug print */
549  char s[16], d[16];
550  PrintInet(AF_INET, (const void *)GET_IPV4_SRC_ADDR_PTR(p), s, sizeof(s));
551  PrintInet(AF_INET, (const void *)GET_IPV4_DST_ADDR_PTR(p), d, sizeof(d));
552  SCLogDebug("IPV4 %s->%s PROTO: %" PRIu32 " OFFSET: %" PRIu32 " RF: %" PRIu8 " DF: %" PRIu8
553  " MF: %" PRIu8 " ID: %" PRIu32 "",
554  s, d, IPV4_GET_RAW_IPPROTO(ip4h), IPV4_GET_RAW_IPOFFSET(ip4h),
555  IPV4_GET_RAW_FLAG_RF(ip4h), IPV4_GET_RAW_FLAG_DF(ip4h), IPV4_GET_RAW_FLAG_MF(ip4h),
556  IPV4_GET_RAW_IPID(ip4h));
557  }
558 #endif /* DEBUG */
559 
560  const uint8_t *data = pkt + IPV4_GET_RAW_HLEN(ip4h);
561  const uint16_t data_len = IPV4_GET_RAW_IPLEN(ip4h) - IPV4_GET_RAW_HLEN(ip4h);
562 
563  /* check what next decoder to invoke */
564  switch (p->proto) {
565  case IPPROTO_TCP:
566  DecodeTCP(tv, dtv, p, data, data_len);
567  break;
568  case IPPROTO_UDP:
569  DecodeUDP(tv, dtv, p, data, data_len);
570  break;
571  case IPPROTO_ICMP:
572  DecodeICMPV4(tv, dtv, p, data, data_len);
573  break;
574  case IPPROTO_GRE:
575  DecodeGRE(tv, dtv, p, data, data_len);
576  break;
577  case IPPROTO_SCTP:
578  DecodeSCTP(tv, dtv, p, data, data_len);
579  break;
580  case IPPROTO_ESP:
581  DecodeESP(tv, dtv, p, data, data_len);
582  break;
583  case IPPROTO_IPV6: {
584  /* spawn off tunnel packet */
585  Packet *tp = PacketTunnelPktSetup(tv, dtv, p, data, data_len, DECODE_TUNNEL_IPV6);
586  if (tp != NULL) {
587  PKT_SET_SRC(tp, PKT_SRC_DECODER_IPV4);
588  PacketEnqueueNoLock(&tv->decode_pq, tp);
589  StatsCounterIncr(&tv->stats, dtv->counter_ipv6inipv4);
590  }
591  FlowSetupPacket(p);
592  break;
593  }
594  case IPPROTO_IPIP: {
595  /* spawn off tunnel packet */
596  Packet *tp = PacketTunnelPktSetup(tv, dtv, p, data, data_len, DECODE_TUNNEL_IPV4);
597  if (tp != NULL) {
598  PKT_SET_SRC(tp, PKT_SRC_DECODER_IPV4);
599  PacketEnqueueNoLock(&tv->decode_pq, tp);
600  StatsCounterIncr(&tv->stats, dtv->counter_ipv4inipv4);
601  }
602  FlowSetupPacket(p);
603  break;
604  }
605  case IPPROTO_IP:
606  /* check PPP VJ uncompressed packets and decode tcp dummy */
607  if (p->flags & PKT_PPP_VJ_UCOMP) {
608  DecodeTCP(tv, dtv, p, data, data_len);
609  }
610  break;
611  case IPPROTO_ICMPV6:
612  ENGINE_SET_INVALID_EVENT(p, IPV4_WITH_ICMPV6);
613  break;
614  case IPPROTO_IGMP:
615  DecodeIGMP(tv, dtv, p, data, data_len);
616  break;
617 
618  default:
619  SCLogDebug("unknown protocol type: %" PRIx8 "", p->proto);
620  StatsCounterIncr(&tv->stats, dtv->counter_ipv4_unknown_proto);
621  ENGINE_SET_EVENT(p, IPV4_PROTO_UNKNOWN);
622  }
623 
624  return TM_ECODE_OK;
625 }
626 
627 /* UNITTESTS */
628 #ifdef UNITTESTS
629 #include "packet.h"
630 
631 /** \test IPV4 with no options. */
632 static int DecodeIPV4OptionsNONETest01(void)
633 {
634  uint8_t raw_opts[] = { };
635  Packet *p = PacketGetFromAlloc();
636  FAIL_IF(unlikely(p == NULL));
637 
638  IPV4Options opts;
639  memset(&opts, 0x00, sizeof(opts));
640  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
641  FAIL_IF(p->flags & PKT_IS_INVALID);
642 
643  PacketFree(p);
644  PASS;
645 }
646 
647 /** \test IPV4 with EOL option. */
648 static int DecodeIPV4OptionsEOLTest01(void)
649 {
650  uint8_t raw_opts[] = {
651  IPV4_OPT_EOL, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
652  };
653  Packet *p = PacketGetFromAlloc();
654  FAIL_IF(unlikely(p == NULL));
655  IPV4Options opts;
656  memset(&opts, 0x00, sizeof(opts));
657  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
658  FAIL_IF(p->flags & PKT_IS_INVALID);
659  PacketFree(p);
660  PASS;
661 }
662 
663 /** \test IPV4 with NOP option. */
664 static int DecodeIPV4OptionsNOPTest01(void)
665 {
666  uint8_t raw_opts[] = {
667  IPV4_OPT_NOP, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
668  };
669  Packet *p = PacketGetFromAlloc();
670  FAIL_IF(unlikely(p == NULL));
671  IPV4Options opts;
672  memset(&opts, 0x00, sizeof(opts));
673  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
674  FAIL_IF(p->flags & PKT_IS_INVALID);
675  PacketFree(p);
676  PASS;
677 }
678 
679 /** \test IPV4 with RR option. */
680 static int DecodeIPV4OptionsRRTest01(void)
681 {
682  uint8_t raw_opts[] = {
683  IPV4_OPT_RR, 0x27, 0x08, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
684  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
685  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
686  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
687  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
688  };
689  Packet *p = PacketGetFromAlloc();
690  FAIL_IF(unlikely(p == NULL));
691 
692  IPV4Options opts;
693  memset(&opts, 0x00, sizeof(opts));
694  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
695  FAIL_IF(p->flags & PKT_IS_INVALID);
696  FAIL_IF(opts.o_rr.type != IPV4_OPT_RR);
697  PacketFree(p);
698  PASS;
699 }
700 
701 /** \test IPV4 with RR option (len too large). */
702 static int DecodeIPV4OptionsRRTest02(void)
703 {
704  uint8_t raw_opts[] = {
705  IPV4_OPT_RR, 0xff, 0x08, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
706  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
707  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
708  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
709  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
710  };
711  Packet *p = PacketGetFromAlloc();
712  FAIL_IF(unlikely(p == NULL));
713 
714  IPV4Options opts;
715  memset(&opts, 0x00, sizeof(opts));
716  FAIL_IF(DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts) != -1);
717  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
718  FAIL_IF(opts.o_rr.type != 0);
719  PacketFree(p);
720  PASS;
721 }
722 
723 /** \test IPV4 with RR option (ptr too large). */
724 static int DecodeIPV4OptionsRRTest03(void)
725 {
726  uint8_t raw_opts[] = {
727  IPV4_OPT_RR, 0x27, 0xff, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
728  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
729  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
730  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
731  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
732  };
733  Packet *p = PacketGetFromAlloc();
734  FAIL_IF(unlikely(p == NULL));
735 
736  IPV4Options opts;
737  memset(&opts, 0x00, sizeof(opts));
738  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
739  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
740  FAIL_IF(opts.o_rr.type != 0);
741  PacketFree(p);
742  PASS;
743 }
744 
745 /** \test IPV4 with RR option (ptr not in 4 byte increment). */
746 static int DecodeIPV4OptionsRRTest04(void)
747 {
748  uint8_t raw_opts[] = {
749  IPV4_OPT_RR, 0x27, 0x05, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
750  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
751  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
752  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
753  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
754  };
755  Packet *p = PacketGetFromAlloc();
756  FAIL_IF(unlikely(p == NULL));
757 
758  IPV4Options opts;
759  memset(&opts, 0x00, sizeof(opts));
760  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
761  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
762  FAIL_IF(opts.o_rr.type != 0);
763  PacketFree(p);
764  PASS;
765 }
766 
767 /** \test IPV4 with QS option. */
768 static int DecodeIPV4OptionsQSTest01(void)
769 {
770  uint8_t raw_opts[] = {
771  IPV4_OPT_QS, 0x08, 0x0d, 0x00, 0xbe, 0xef, 0x00, 0x00
772  };
773  Packet *p = PacketGetFromAlloc();
774  FAIL_IF(unlikely(p == NULL));
775 
776  IPV4Options opts;
777  memset(&opts, 0x00, sizeof(opts));
778  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
779  FAIL_IF(p->flags & PKT_IS_INVALID);
780  FAIL_IF(opts.o_qs.type != IPV4_OPT_QS);
781  PacketFree(p);
782  PASS;
783 }
784 
785 /** \test IPV4 with QS option (len too small) */
786 static int DecodeIPV4OptionsQSTest02(void)
787 {
788  uint8_t raw_opts[] = {
789  IPV4_OPT_QS, 0x07, 0x0d, 0x00, 0xbe, 0xef, 0x00, 0x00
790  };
791  Packet *p = PacketGetFromAlloc();
792  FAIL_IF(unlikely(p == NULL));
793 
794  IPV4Options opts;
795  memset(&opts, 0x00, sizeof(opts));
796  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
797  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
798  FAIL_IF(opts.o_qs.type != 0);
799  PacketFree(p);
800  PASS;
801 }
802 
803 /** \test IPV4 with TS option. */
804 static int DecodeIPV4OptionsTSTest01(void)
805 {
806  uint8_t raw_opts[] = {
807  IPV4_OPT_TS, 0x24, 0x0d, 0x01, 0x0a, 0x0a, 0x0a, 0x69,
808  0x04, 0xce, 0x0d, 0x00, 0x00, 0x00, 0x00, 0x00,
809  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
810  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
811  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
812  };
813  Packet *p = PacketGetFromAlloc();
814  FAIL_IF(unlikely(p == NULL));
815 
816  IPV4Options opts;
817  memset(&opts, 0x00, sizeof(opts));
818  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
819  FAIL_IF(p->flags & PKT_IS_INVALID);
820  FAIL_IF(opts.o_ts.type != IPV4_OPT_TS);
821  PacketFree(p);
822  PASS;
823 }
824 
825 /** \test IPV4 with TS option (ptr too small). */
826 static int DecodeIPV4OptionsTSTest02(void)
827 {
828  uint8_t raw_opts[] = {
829  IPV4_OPT_TS, 0x24, 0x04, 0x01, 0x0a, 0x0a, 0x0a, 0x69,
830  0x04, 0xce, 0x0d, 0x00, 0x00, 0x00, 0x00, 0x00,
831  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
832  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
833  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
834  };
835  Packet *p = PacketGetFromAlloc();
836  FAIL_IF(unlikely(p == NULL));
837 
838  IPV4Options opts;
839  memset(&opts, 0x00, sizeof(opts));
840  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
841  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
842  FAIL_IF(opts.o_ts.type != 0);
843  PacketFree(p);
844  PASS;
845 }
846 
847 /** \test IPV4 with TS option (ptr too large). */
848 static int DecodeIPV4OptionsTSTest03(void)
849 {
850  uint8_t raw_opts[] = {
851  IPV4_OPT_TS, 0x24, 0xff, 0x01, 0x0a, 0x0a, 0x0a, 0x69,
852  0x04, 0xce, 0x0d, 0x00, 0x00, 0x00, 0x00, 0x00,
853  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
854  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
855  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
856  };
857  Packet *p = PacketGetFromAlloc();
858  FAIL_IF(unlikely(p == NULL));
859 
860  IPV4Options opts;
861  memset(&opts, 0x00, sizeof(opts));
862  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
863  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
864  FAIL_IF(opts.o_ts.type != 0);
865  PacketFree(p);
866  PASS;
867 }
868 
869 /** \test IPV4 with TS option (ptr not valid). */
870 static int DecodeIPV4OptionsTSTest04(void)
871 {
872  uint8_t raw_opts[] = {
873  IPV4_OPT_TS, 0x24, 0x0a, 0x01, 0x0a, 0x0a, 0x0a, 0x69,
874  0x04, 0xce, 0x0d, 0x00, 0x00, 0x00, 0x00, 0x00,
875  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
876  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
877  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
878  };
879  Packet *p = PacketGetFromAlloc();
880  FAIL_IF(unlikely(p == NULL));
881 
882  IPV4Options opts;
883  memset(&opts, 0x00, sizeof(opts));
884  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
885  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
886  FAIL_IF(opts.o_ts.type != 0);
887  PacketFree(p);
888  PASS;
889 }
890 
891 /** \test IPV4 with SEC option. */
892 static int DecodeIPV4OptionsSECTest01(void)
893 {
894  uint8_t raw_opts[] = {
895  IPV4_OPT_SEC, 0x0b, 0xf1, 0x35, 0x00, 0x00, 0x00, 0x00,
896  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
897  };
898  Packet *p = PacketGetFromAlloc();
899  FAIL_IF(unlikely(p == NULL));
900 
901  IPV4Options opts;
902  memset(&opts, 0x00, sizeof(opts));
903  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
904  FAIL_IF(p->flags & PKT_IS_INVALID);
905  FAIL_IF(opts.o_sec.type != IPV4_OPT_SEC);
906  PacketFree(p);
907  PASS;
908 }
909 
910 /** \test IPV4 with SEC option (invalid length). */
911 static int DecodeIPV4OptionsSECTest02(void)
912 {
913  uint8_t raw_opts[] = { IPV4_OPT_SEC, 0x02, 0xf1, 0x35, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
914  0x00, 0x00, 0x00, 0x00, 0x00 };
915  Packet *p = PacketGetFromAlloc();
916  FAIL_IF(unlikely(p == NULL));
917 
918  IPV4Options opts;
919  memset(&opts, 0x00, sizeof(opts));
920  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
921  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
922  FAIL_IF(opts.o_sec.type != 0);
923  PacketFree(p);
924  PASS;
925 }
926 
927 /** \test IPV4 with ESEC option. */
928 static int DecodeIPV4OptionsESECTest01(void)
929 {
930  uint8_t raw_opts[] = { IPV4_OPT_ESEC, 0x0b, 0xf1, 0x35, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
931  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
932  Packet *p = PacketGetFromAlloc();
933  FAIL_IF(unlikely(p == NULL));
934 
935  IPV4Options opts;
936  memset(&opts, 0x00, sizeof(opts));
937  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
938  FAIL_IF(p->flags & PKT_IS_INVALID);
939  FAIL_IF(opts.o_esec.type != IPV4_OPT_ESEC);
940  PacketFree(p);
941  PASS;
942 }
943 
944 /** \test IPV4 with ESEC option (invalid length). */
945 static int DecodeIPV4OptionsESECTest02(void)
946 {
947  uint8_t raw_opts[] = { IPV4_OPT_ESEC, 0x02, 0xf1, 0x35, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
948  0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
949  Packet *p = PacketGetFromAlloc();
950  FAIL_IF(unlikely(p == NULL));
951 
952  IPV4Options opts;
953  memset(&opts, 0x00, sizeof(opts));
954  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
955  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
956  FAIL_IF(opts.o_esec.type != 0);
957  PacketFree(p);
958  PASS;
959 }
960 
961 /** \test IPV4 with LSRR option. */
962 static int DecodeIPV4OptionsLSRRTest01(void)
963 {
964  uint8_t raw_opts[] = {
965  IPV4_OPT_LSRR, 0x27, 0x08, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
966  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
967  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
968  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
969  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
970  };
971  Packet *p = PacketGetFromAlloc();
972  FAIL_IF(unlikely(p == NULL));
973 
974  IPV4Options opts;
975  memset(&opts, 0x00, sizeof(opts));
976  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
977  FAIL_IF(p->flags & PKT_IS_INVALID);
978  FAIL_IF(opts.o_lsrr.type != IPV4_OPT_LSRR);
979  PacketFree(p);
980  PASS;
981 }
982 
983 /** \test IPV4 with LSRR option (len too large). */
984 static int DecodeIPV4OptionsLSRRTest02(void)
985 {
986  uint8_t raw_opts[] = {
987  IPV4_OPT_LSRR, 0xff, 0x08, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
988  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
989  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
990  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
991  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
992  };
993  Packet *p = PacketGetFromAlloc();
994  FAIL_IF(unlikely(p == NULL));
995 
996  IPV4Options opts;
997  memset(&opts, 0x00, sizeof(opts));
998  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
999  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
1000  FAIL_IF(opts.o_lsrr.type != 0);
1001  PacketFree(p);
1002  PASS;
1003 }
1004 
1005 /** \test IPV4 with LSRR option (ptr too large). */
1006 static int DecodeIPV4OptionsLSRRTest03(void)
1007 {
1008  uint8_t raw_opts[] = {
1009  IPV4_OPT_LSRR, 0x27, 0xff, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
1010  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1011  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1012  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1013  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1014  };
1015  Packet *p = PacketGetFromAlloc();
1016  FAIL_IF(unlikely(p == NULL));
1017 
1018  IPV4Options opts;
1019  memset(&opts, 0x00, sizeof(opts));
1020  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1021  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
1022  FAIL_IF(opts.o_lsrr.type != 0);
1023  PacketFree(p);
1024  PASS;
1025 }
1026 
1027 /** \test IPV4 with LSRR option (ptr not in 4 byte increment). */
1028 static int DecodeIPV4OptionsLSRRTest04(void)
1029 {
1030  uint8_t raw_opts[] = {
1031  IPV4_OPT_LSRR, 0x27, 0x05, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
1032  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1033  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1034  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1035  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1036  };
1037  Packet *p = PacketGetFromAlloc();
1038  FAIL_IF(unlikely(p == NULL));
1039 
1040  IPV4Options opts;
1041  memset(&opts, 0x00, sizeof(opts));
1042  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1043  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
1044  FAIL_IF(opts.o_lsrr.type != 0);
1045  PacketFree(p);
1046  PASS;
1047 }
1048 
1049 /** \test IPV4 with CIPSO option. */
1050 static int DecodeIPV4OptionsCIPSOTest01(void)
1051 {
1052  uint8_t raw_opts[] = {
1053  IPV4_OPT_CIPSO, 0x18, 0x00, 0x00, 0x00, 0x05, 0x05, 0x12,
1054  0x00, 0x03, 0x00, 0xef, 0x00, 0xef, 0x00, 0x06,
1055  0x00, 0x04, 0x00, 0x02, 0x00, 0x02, 0x00, 0x00
1056  };
1057  Packet *p = PacketGetFromAlloc();
1058  FAIL_IF(unlikely(p == NULL));
1059 
1060  IPV4Options opts;
1061  memset(&opts, 0x00, sizeof(opts));
1062  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1063  FAIL_IF(p->flags & PKT_IS_INVALID);
1064  FAIL_IF(opts.o_cipso.type != IPV4_OPT_CIPSO);
1065  PacketFree(p);
1066  PASS;
1067 }
1068 
1069 /** \test IPV4 with SID option. */
1070 static int DecodeIPV4OptionsSIDTest01(void)
1071 {
1072  uint8_t raw_opts[] = {
1073  IPV4_OPT_SID, 0x04, 0xbe, 0xef, 0x00, 0x00, 0x00, 0x00
1074  };
1075  Packet *p = PacketGetFromAlloc();
1076  FAIL_IF(unlikely(p == NULL));
1077 
1078  IPV4Options opts;
1079  memset(&opts, 0x00, sizeof(opts));
1080  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1081  FAIL_IF(p->flags & PKT_IS_INVALID);
1082  FAIL_IF(opts.o_sid.type != IPV4_OPT_SID);
1083  PacketFree(p);
1084  PASS;
1085 }
1086 
1087 /** \test IPV4 with SID option (len invalid. */
1088 static int DecodeIPV4OptionsSIDTest02(void)
1089 {
1090  uint8_t raw_opts[] = {
1091  IPV4_OPT_SID, 0x05, 0xbe, 0xef, 0x00, 0x00, 0x00, 0x00
1092  };
1093  Packet *p = PacketGetFromAlloc();
1094  FAIL_IF(unlikely(p == NULL));
1095 
1096  IPV4Options opts;
1097  memset(&opts, 0x00, sizeof(opts));
1098  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1099  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
1100  FAIL_IF(opts.o_sid.type != 0);
1101  PacketFree(p);
1102  PASS;
1103 }
1104 
1105 /** \test IPV4 with SSRR option. */
1106 static int DecodeIPV4OptionsSSRRTest01(void)
1107 {
1108  uint8_t raw_opts[] = {
1109  IPV4_OPT_SSRR, 0x27, 0x08, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
1110  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1111  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1112  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1113  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1114  };
1115  Packet *p = PacketGetFromAlloc();
1116  FAIL_IF(unlikely(p == NULL));
1117 
1118  IPV4Options opts;
1119  memset(&opts, 0x00, sizeof(opts));
1120  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1121  FAIL_IF(p->flags & PKT_IS_INVALID);
1122  FAIL_IF(opts.o_ssrr.type != IPV4_OPT_SSRR);
1123  PacketFree(p);
1124  PASS;
1125 }
1126 
1127 /** \test IPV4 with SSRR option (len too large). */
1128 static int DecodeIPV4OptionsSSRRTest02(void)
1129 {
1130  uint8_t raw_opts[] = {
1131  IPV4_OPT_SSRR, 0xff, 0x08, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
1132  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1133  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1134  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1135  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1136  };
1137  Packet *p = PacketGetFromAlloc();
1138  FAIL_IF(unlikely(p == NULL));
1139 
1140  IPV4Options opts;
1141  memset(&opts, 0x00, sizeof(opts));
1142  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1143  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
1144  FAIL_IF(opts.o_ssrr.type != 0);
1145  PacketFree(p);
1146  PASS;
1147 }
1148 
1149 /** \test IPV4 with SSRR option (ptr too large). */
1150 static int DecodeIPV4OptionsSSRRTest03(void)
1151 {
1152  uint8_t raw_opts[] = {
1153  IPV4_OPT_SSRR, 0x27, 0xff, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
1154  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1155  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1156  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1157  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1158  };
1159  Packet *p = PacketGetFromAlloc();
1160  FAIL_IF(unlikely(p == NULL));
1161 
1162  IPV4Options opts;
1163  memset(&opts, 0x00, sizeof(opts));
1164  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1165  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
1166  FAIL_IF(opts.o_ssrr.type != 0);
1167  PacketFree(p);
1168  PASS;
1169 }
1170 
1171 /** \test IPV4 with SSRR option (ptr not in 4 byte increment). */
1172 static int DecodeIPV4OptionsSSRRTest04(void)
1173 {
1174  uint8_t raw_opts[] = {
1175  IPV4_OPT_SSRR, 0x27, 0x05, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
1176  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1177  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1178  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1179  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1180  };
1181  Packet *p = PacketGetFromAlloc();
1182  FAIL_IF(unlikely(p == NULL));
1183 
1184  IPV4Options opts;
1185  memset(&opts, 0x00, sizeof(opts));
1186  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1187  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
1188  FAIL_IF(opts.o_ssrr.type != 0);
1189  PacketFree(p);
1190  PASS;
1191 }
1192 
1193 /** \test IPV4 with RTRALT option. */
1194 static int DecodeIPV4OptionsRTRALTTest01(void)
1195 {
1196  uint8_t raw_opts[] = {
1197  IPV4_OPT_RTRALT, 0x04, 0xbe, 0xef, 0x00, 0x00, 0x00, 0x00
1198  };
1199  Packet *p = PacketGetFromAlloc();
1200  FAIL_IF(unlikely(p == NULL));
1201 
1202  IPV4Options opts;
1203  memset(&opts, 0x00, sizeof(opts));
1204  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1205  FAIL_IF(p->flags & PKT_IS_INVALID);
1206  FAIL_IF(opts.o_rtralt.type != IPV4_OPT_RTRALT);
1207  PacketFree(p);
1208  PASS;
1209 }
1210 
1211 /** \test IPV4 with RTRALT option (len invalid. */
1212 static int DecodeIPV4OptionsRTRALTTest02(void)
1213 {
1214  uint8_t raw_opts[] = {
1215  IPV4_OPT_RTRALT, 0x05, 0xbe, 0xef, 0x00, 0x00, 0x00, 0x00
1216  };
1217  Packet *p = PacketGetFromAlloc();
1218  FAIL_IF(unlikely(p == NULL));
1219 
1220  IPV4Options opts;
1221  memset(&opts, 0x00, sizeof(opts));
1222  DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1223  FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
1224  FAIL_IF(opts.o_rtralt.type != 0);
1225  PacketFree(p);
1226  PASS;
1227 }
1228 
1229 static int IPV4CalculateValidChecksumtest01(void)
1230 {
1231  uint16_t csum = 0;
1232 
1233  uint8_t raw_ipv4[] = {
1234  0x45, 0x00, 0x00, 0x54, 0x00, 0x00, 0x40, 0x00,
1235  0x40, 0x01, 0xb7, 0x52, 0xc0, 0xa8, 0x01, 0x03,
1236  0xc0, 0xa8, 0x01, 0x03};
1237 
1238  csum = *( ((uint16_t *)raw_ipv4) + 5);
1239 
1240  FAIL_IF(IPV4Checksum((uint16_t *)raw_ipv4, sizeof(raw_ipv4), csum) != 0);
1241  PASS;
1242 }
1243 
1244 static int IPV4CalculateInvalidChecksumtest02(void)
1245 {
1246  uint16_t csum = 0;
1247 
1248  uint8_t raw_ipv4[] = {
1249  0x45, 0x00, 0x00, 0x54, 0x00, 0x00, 0x40, 0x00,
1250  0x40, 0x01, 0xb7, 0x52, 0xc0, 0xa8, 0x01, 0x03,
1251  0xc0, 0xa8, 0x01, 0x07};
1252 
1253  csum = *( ((uint16_t *)raw_ipv4) + 5);
1254 
1255  FAIL_IF(IPV4Checksum((uint16_t *)raw_ipv4, sizeof(raw_ipv4), csum) == 0);
1256  PASS;
1257 }
1258 
1259 /**
1260  * \test IPV4 defrag and packet recursion level test
1261  */
1262 static int DecodeIPV4DefragTest01(void)
1263 {
1264  uint8_t pkt1[] = {
1265  0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1266  0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1267  0x00, 0x1c, 0xe9, 0xef, 0x20, 0x00, 0x40, 0x06,
1268  0x9a, 0xc8, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1269  0xe1, 0x0c, 0x6e, 0x12, 0x01, 0xbd, 0x5b, 0xa3,
1270  0x81, 0x5e
1271  };
1272  uint8_t pkt2[] = {
1273  0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1274  0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1275  0x00, 0x1c, 0xe9, 0xef, 0x20, 0x01, 0x40, 0x06,
1276  0x9a, 0xc7, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1277  0xe1, 0x0c, 0xac, 0xb0, 0xae, 0x8a, 0x50, 0x10,
1278  0x80, 0x00
1279  };
1280  uint8_t pkt3[] = {
1281  0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1282  0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1283  0x00, 0x18, 0xe9, 0xef, 0x00, 0x02, 0x40, 0x06,
1284  0xba, 0xca, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1285  0xe1, 0x0c, 0xb1, 0xa3, 0x00, 0x00
1286  };
1287  uint8_t tunnel_pkt[] = {
1288  0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1289  0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1290  0x00, 0x28, 0xe9, 0xef, 0x00, 0x00, 0x40, 0x06,
1291  0xba, 0xbc, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1292  0xe1, 0x0c, 0x6e, 0x12, 0x01, 0xbd, 0x5b, 0xa3,
1293  0x81, 0x5e, 0xac, 0xb0, 0xae, 0x8a, 0x50, 0x10,
1294  0x80, 0x00, 0xb1, 0xa3, 0x00, 0x00
1295  };
1296 
1297  Packet *p = PacketGetFromAlloc();
1298  FAIL_IF_NULL(p);
1299  ThreadVars tv;
1300  DecodeThreadVars dtv;
1301 
1302  memset(&tv, 0, sizeof(ThreadVars));
1303  memset(&dtv, 0, sizeof(DecodeThreadVars));
1304 
1305  FlowInitConfig(FLOW_QUIET);
1306  DefragInit();
1307 
1308  PacketCopyData(p, pkt1, sizeof(pkt1));
1309  DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1310  GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1311  FAIL_IF(PacketIsTCP(p));
1312  PacketRecycle(p);
1313 
1314  PacketCopyData(p, pkt2, sizeof(pkt2));
1315  DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1316  GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1317  FAIL_IF(PacketIsTCP(p));
1318  PacketRecycle(p);
1319 
1320  PacketCopyData(p, pkt3, sizeof(pkt3));
1321  DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1322  GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1323  FAIL_IF(PacketIsTCP(p));
1324  Packet *tp = PacketDequeueNoLock(&tv.decode_pq);
1325  FAIL_IF_NULL(tp);
1326  FAIL_IF(tp->recursion_level != p->recursion_level);
1327  FAIL_IF_NOT(PacketIsIPv4(tp));
1328  FAIL_IF_NOT(PacketIsTCP(tp));
1329  FAIL_IF(GET_PKT_LEN(tp) != sizeof(tunnel_pkt));
1330  FAIL_IF(memcmp(GET_PKT_DATA(tp), tunnel_pkt, sizeof(tunnel_pkt)) != 0);
1331  PacketRecycle(tp);
1332  PacketFree(tp);
1333 
1334  DefragDestroy();
1335  PacketRecycle(p);
1336  FlowShutdown();
1337  PacketFree(p);
1338  PASS;
1339 }
1340 
1341 /**
1342  * \test Don't send IPv4 fragments to the upper layer decoder and
1343  * and packet recursion level test.
1344  */
1345 static int DecodeIPV4DefragTest02(void)
1346 {
1347  uint8_t pkt1[] = {
1348  0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1349  0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1350  0x00, 0x24, 0xe9, 0xef, 0x20, 0x00, 0x40, 0x06,
1351  0x9a, 0xc8, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1352  0xe1, 0x0c,
1353  /* first frag */
1354  0x6e, 0x12, 0x01, 0xbd, 0x5b, 0xa3,
1355  0x81, 0x5e, 0xac, 0xb0, 0xae, 0x8a, 0x50, 0x10,
1356  0x80, 0x00,
1357  };
1358  uint8_t pkt2[] = {
1359  0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1360  0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1361  0x00, 0x2c, 0xe9, 0xef, 0x20, 0x02, 0x40, 0x06,
1362  0xba, 0xca, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1363  0xe1, 0x0c,
1364  /* second frag */
1365  0xb1, 0xa3, 0x00, 0x10, 0x5b, 0xa3, 0x81, 0x5e,
1366  0xac, 0xb0, 0xae, 0x8a, 0x50, 0x10, 0x80, 0x00,
1367  0xb1, 0xa3, 0x00, 0x10, 0x01, 0x02, 0x03, 0x04
1368  };
1369  uint8_t pkt3[] = {
1370  0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1371  0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1372  0x00, 0x16, 0xe9, 0xef, 0x00, 0x05, 0x40, 0x06,
1373  0xba, 0xca, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1374  0xe1, 0x0c,
1375  /* final frag */
1376  0xb1, 0xa3,
1377  };
1378 
1379  uint8_t tunnel_pkt[] = {
1380  0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1381  0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1382  0x00, 0x3e, 0xe9, 0xef, 0x00, 0x00, 0x40, 0x06,
1383  0xba, 0xae, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1384  0xe1, 0x0c,
1385  0x6e, 0x12, 0x01, 0xbd, 0x5b, 0xa3, 0x81, 0x5e,
1386  0xac, 0xb0, 0xae, 0x8a, 0x50, 0x10, 0x80, 0x00,
1387  0xb1, 0xa3, 0x00, 0x10, 0x5b, 0xa3, 0x81, 0x5e,
1388  0xac, 0xb0, 0xae, 0x8a, 0x50, 0x10, 0x80, 0x00,
1389  0xb1, 0xa3, 0x00, 0x10, 0x01, 0x02, 0x03, 0x04,
1390  0xb1, 0xa3,
1391  };
1392 
1393  Packet *p = PacketGetFromAlloc();
1394  FAIL_IF_NULL(p);
1395  ThreadVars tv;
1396  DecodeThreadVars dtv;
1397 
1398  memset(&tv, 0, sizeof(ThreadVars));
1399  memset(&dtv, 0, sizeof(DecodeThreadVars));
1400 
1401  FlowInitConfig(FLOW_QUIET);
1402  DefragInit();
1403 
1404  PacketCopyData(p, pkt1, sizeof(pkt1));
1405  DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1406  GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1407  FAIL_IF(PacketIsTCP(p));
1408  PacketRecycle(p);
1409 
1410  PacketCopyData(p, pkt2, sizeof(pkt2));
1411  DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1412  GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1413  FAIL_IF(PacketIsTCP(p));
1414  PacketRecycle(p);
1415 
1416  p->recursion_level = 3;
1417  PacketCopyData(p, pkt3, sizeof(pkt3));
1418  DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1419  GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1420  FAIL_IF(PacketIsTCP(p));
1421  Packet *tp = PacketDequeueNoLock(&tv.decode_pq);
1422  FAIL_IF_NULL(tp);
1423  FAIL_IF(tp->recursion_level != p->recursion_level);
1424  FAIL_IF_NOT(PacketIsIPv4(tp));
1425  FAIL_IF_NOT(PacketIsTCP(tp));
1426  FAIL_IF(GET_PKT_LEN(tp) != sizeof(tunnel_pkt));
1427  FAIL_IF(memcmp(GET_PKT_DATA(tp), tunnel_pkt, sizeof(tunnel_pkt)) != 0);
1428  PacketRecycle(tp);
1429  PacketFree(tp);
1430 
1431  DefragDestroy();
1432  PacketRecycle(p);
1433  FlowShutdown();
1434  PacketFree(p);
1435  PASS;
1436 }
1437 
1438 /**
1439  * \test IPV4 defrag and flow retrieval test.
1440  */
1441 static int DecodeIPV4DefragTest03(void)
1442 {
1443  uint8_t pkt[] = {
1444  0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1445  0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1446  0x00, 0x28, 0xe9, 0xee, 0x00, 0x00, 0x40, 0x06,
1447  0xba, 0xbd, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1448  0xe1, 0x0c, 0x6e, 0x12, 0x01, 0xbd, 0x5b, 0xa3,
1449  0x81, 0x5d, 0x00, 0x00, 0x00, 0x00, 0x50, 0x02,
1450  0x80, 0x00, 0x0c, 0xee, 0x00, 0x00
1451  };
1452  uint8_t pkt1[] = {
1453  0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1454  0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1455  0x00, 0x1c, 0xe9, 0xef, 0x20, 0x00, 0x40, 0x06,
1456  0x9a, 0xc8, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1457  0xe1, 0x0c, 0x6e, 0x12, 0x01, 0xbd, 0x5b, 0xa3,
1458  0x81, 0x5e
1459  };
1460  uint8_t pkt2[] = {
1461  0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1462  0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1463  0x00, 0x1c, 0xe9, 0xef, 0x20, 0x01, 0x40, 0x06,
1464  0x9a, 0xc7, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1465  0xe1, 0x0c, 0xac, 0xb0, 0xae, 0x8a, 0x50, 0x10,
1466  0x80, 0x00
1467  };
1468  uint8_t pkt3[] = {
1469  0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1470  0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1471  0x00, 0x18, 0xe9, 0xef, 0x00, 0x02, 0x40, 0x06,
1472  0xba, 0xca, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1473  0xe1, 0x0c, 0xb1, 0xa3, 0x00, 0x00
1474  };
1475  uint8_t tunnel_pkt[] = {
1476  0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1477  0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1478  0x00, 0x28, 0xe9, 0xef, 0x00, 0x00, 0x40, 0x06,
1479  0xba, 0xbc, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1480  0xe1, 0x0c, 0x6e, 0x12, 0x01, 0xbd, 0x5b, 0xa3,
1481  0x81, 0x5e, 0xac, 0xb0, 0xae, 0x8a, 0x50, 0x10,
1482  0x80, 0x00, 0xb1, 0xa3, 0x00, 0x00
1483  };
1484 
1485  Packet *p = PacketGetFromAlloc();
1486  FAIL_IF_NULL(p);
1487  ThreadVars tv;
1488  DecodeThreadVars dtv;
1489  memset(&tv, 0, sizeof(ThreadVars));
1490  memset(&dtv, 0, sizeof(DecodeThreadVars));
1491 
1492  FlowInitConfig(FLOW_QUIET);
1493  DefragInit();
1494 
1495  PacketCopyData(p, pkt, sizeof(pkt));
1496  DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1497  GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1498  FAIL_IF_NOT(PacketIsTCP(p));
1499  FAIL_IF(!(p->flags & PKT_WANTS_FLOW));
1500  PacketRecycle(p);
1501 
1502  PacketCopyData(p, pkt1, sizeof(pkt1));
1503  DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1504  GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1505  FAIL_IF(PacketIsTCP(p));
1506  PacketRecycle(p);
1507 
1508  PacketCopyData(p, pkt2, sizeof(pkt2));
1509  DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1510  GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1511  FAIL_IF(PacketIsTCP(p));
1512  PacketRecycle(p);
1513 
1514  PacketCopyData(p, pkt3, sizeof(pkt3));
1515  DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1516  GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1517  FAIL_IF(PacketIsTCP(p));
1518 
1519  Packet *tp = PacketDequeueNoLock(&tv.decode_pq);
1520  FAIL_IF_NULL(tp);
1521  FAIL_IF(!(tp->flags & PKT_WANTS_FLOW));
1522  FAIL_IF(tp->flow_hash != p->flow_hash);
1523  FAIL_IF(tp->recursion_level != p->recursion_level);
1524  FAIL_IF_NOT(PacketIsIPv4(tp));
1525  FAIL_IF_NOT(PacketIsTCP(tp));
1526  FAIL_IF(GET_PKT_LEN(tp) != sizeof(tunnel_pkt));
1527  FAIL_IF(memcmp(GET_PKT_DATA(tp), tunnel_pkt, sizeof(tunnel_pkt)) != 0);
1528  PacketRecycle(tp);
1529  PacketFree(tp);
1530 
1531  DefragDestroy();
1532  PacketRecycle(p);
1533  FlowShutdown();
1534  PacketFree(p);
1535  PASS;
1536 }
1537 
1538 /**
1539  */
1540 static int DecodeEthernetTestIPv4Opt(void)
1541 {
1542  uint8_t raw_eth[] = {
1543  0xae, 0x71, 0x00, 0x00, 0x00, 0x4b, 0x06, 0x90, 0x61, 0x02, 0x00, 0xcd, 0x88, 0x64, 0x11, 0x00,
1544  0x15, 0x00, 0x80, 0x64, 0x00, 0x21, 0x4c, 0x00, 0x00, 0x30, 0x42, 0xd6, 0xff, 0xff, 0xbd, 0x2f,
1545  0x02, 0x02, 0x00, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1546  0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1547  0x01, 0x44, 0x05, 0x22, 0x02, 0x01
1548  };
1549 
1550  DefragInit();
1551 
1552  Packet *p = PacketGetFromAlloc();
1553  FAIL_IF_NULL(p);
1554  ThreadVars tv;
1555  DecodeThreadVars dtv;
1556 
1557  memset(&dtv, 0, sizeof(DecodeThreadVars));
1558  memset(&tv, 0, sizeof(ThreadVars));
1559 
1560  DecodeEthernet(&tv, &dtv, p, raw_eth, sizeof(raw_eth));
1561 
1562  PacketFree(p);
1563  DefragDestroy();
1564  PASS;
1565 }
1566 
1567 #endif /* UNITTESTS */
1568 
1569 void DecodeIPV4RegisterTests(void)
1570 {
1571 #ifdef UNITTESTS
1572  UtRegisterTest("DecodeIPV4OptionsNONETest01", DecodeIPV4OptionsNONETest01);
1573  UtRegisterTest("DecodeIPV4OptionsEOLTest01", DecodeIPV4OptionsEOLTest01);
1574  UtRegisterTest("DecodeIPV4OptionsNOPTest01", DecodeIPV4OptionsNOPTest01);
1575  UtRegisterTest("DecodeIPV4OptionsRRTest01", DecodeIPV4OptionsRRTest01);
1576  UtRegisterTest("DecodeIPV4OptionsRRTest02", DecodeIPV4OptionsRRTest02);
1577  UtRegisterTest("DecodeIPV4OptionsRRTest03", DecodeIPV4OptionsRRTest03);
1578  UtRegisterTest("DecodeIPV4OptionsRRTest04", DecodeIPV4OptionsRRTest04);
1579  UtRegisterTest("DecodeIPV4OptionsQSTest01", DecodeIPV4OptionsQSTest01);
1580  UtRegisterTest("DecodeIPV4OptionsQSTest02", DecodeIPV4OptionsQSTest02);
1581  UtRegisterTest("DecodeIPV4OptionsTSTest01", DecodeIPV4OptionsTSTest01);
1582  UtRegisterTest("DecodeIPV4OptionsTSTest02", DecodeIPV4OptionsTSTest02);
1583  UtRegisterTest("DecodeIPV4OptionsTSTest03", DecodeIPV4OptionsTSTest03);
1584  UtRegisterTest("DecodeIPV4OptionsTSTest04", DecodeIPV4OptionsTSTest04);
1585  UtRegisterTest("DecodeIPV4OptionsSECTest01", DecodeIPV4OptionsSECTest01);
1586  UtRegisterTest("DecodeIPV4OptionsSECTest02", DecodeIPV4OptionsSECTest02);
1587  UtRegisterTest("DecodeIPV4OptionsESECTest01", DecodeIPV4OptionsESECTest01);
1588  UtRegisterTest("DecodeIPV4OptionsESECTest02", DecodeIPV4OptionsESECTest02);
1589  UtRegisterTest("DecodeIPV4OptionsLSRRTest01", DecodeIPV4OptionsLSRRTest01);
1590  UtRegisterTest("DecodeIPV4OptionsLSRRTest02", DecodeIPV4OptionsLSRRTest02);
1591  UtRegisterTest("DecodeIPV4OptionsLSRRTest03", DecodeIPV4OptionsLSRRTest03);
1592  UtRegisterTest("DecodeIPV4OptionsLSRRTest04", DecodeIPV4OptionsLSRRTest04);
1593  UtRegisterTest("DecodeIPV4OptionsCIPSOTest01",
1594  DecodeIPV4OptionsCIPSOTest01);
1595  UtRegisterTest("DecodeIPV4OptionsSIDTest01", DecodeIPV4OptionsSIDTest01);
1596  UtRegisterTest("DecodeIPV4OptionsSIDTest02", DecodeIPV4OptionsSIDTest02);
1597  UtRegisterTest("DecodeIPV4OptionsSSRRTest01", DecodeIPV4OptionsSSRRTest01);
1598  UtRegisterTest("DecodeIPV4OptionsSSRRTest02", DecodeIPV4OptionsSSRRTest02);
1599  UtRegisterTest("DecodeIPV4OptionsSSRRTest03", DecodeIPV4OptionsSSRRTest03);
1600  UtRegisterTest("DecodeIPV4OptionsSSRRTest04", DecodeIPV4OptionsSSRRTest04);
1601  UtRegisterTest("DecodeIPV4OptionsRTRALTTest01",
1602  DecodeIPV4OptionsRTRALTTest01);
1603  UtRegisterTest("DecodeIPV4OptionsRTRALTTest02",
1604  DecodeIPV4OptionsRTRALTTest02);
1605  UtRegisterTest("IPV4CalculateValidChecksumtest01",
1606  IPV4CalculateValidChecksumtest01);
1607  UtRegisterTest("IPV4CalculateInvalidChecksumtest02",
1608  IPV4CalculateInvalidChecksumtest02);
1609  UtRegisterTest("DecodeIPV4DefragTest01", DecodeIPV4DefragTest01);
1610  UtRegisterTest("DecodeIPV4DefragTest02", DecodeIPV4DefragTest02);
1611  UtRegisterTest("DecodeIPV4DefragTest03", DecodeIPV4DefragTest03);
1612  UtRegisterTest("DecodeEthernetTestIPv4Opt", DecodeEthernetTestIPv4Opt);
1613 #endif /* UNITTESTS */
1614 }
1615 /**
1616  * @}
1617  */
ENGINE_SET_EVENT
#define ENGINE_SET_EVENT(p, e)
Definition: decode.h:1213
DefragDestroy
void DefragDestroy(void)
Definition: defrag.c:1129
IPV4Options_::o_sid
IPV4Opt o_sid
Definition: decode-ipv4.c:283
Packet_::proto
uint8_t proto
Definition: decode.h:527
IPV4_GET_RAW_IPID
#define IPV4_GET_RAW_IPID(ip4h)
Definition: decode-ipv4.h:99
IPV4Options_::o_qs
IPV4Opt o_qs
Definition: decode-ipv4.c:277
IPV4_OPT_FLAG_NOP
#define IPV4_OPT_FLAG_NOP
Definition: decode-ipv4.h:117
len
uint8_t len
Definition: app-layer-dnp3.h:2
IPV4_IPLEN_SMALLER_THAN_HLEN
@ IPV4_IPLEN_SMALLER_THAN_HLEN
Definition: decode-events.h:36
IPV4_PKT_TOO_SMALL
@ IPV4_PKT_TOO_SMALL
Definition: decode-events.h:34
DECODE_TUNNEL_IPV6
@ DECODE_TUNNEL_IPV6
Definition: decode.h:1132
FAIL_IF_NULL
#define FAIL_IF_NULL(expr)
Fail a test if expression evaluates to NULL.
Definition: util-unittest.h:89
IPV4_OPT_QS_MIN
#define IPV4_OPT_QS_MIN
Definition: decode-ipv4.h:53
offset
uint64_t offset
Definition: util-streaming-buffer.h:0
DecodeUDP
int DecodeUDP(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint16_t len)
Definition: decode-udp.c:75
IPV4_GET_RAW_IPPROTO
#define IPV4_GET_RAW_IPPROTO(ip4h)
Definition: decode-ipv4.h:103
IPV4_OPT_TS_MIN
#define IPV4_OPT_TS_MIN
Definition: decode-ipv4.h:54
PacketCopyData
int PacketCopyData(Packet *p, const uint8_t *pktdata, uint32_t pktlen)
Copy data to Packet payload and set packet length.
Definition: decode.c:383
IPV4_GET_RAW_FLAG_DF
#define IPV4_GET_RAW_FLAG_DF(ip4h)
Definition: decode-ipv4.h:113
IPV4_GET_RAW_FLAG_MF
#define IPV4_GET_RAW_FLAG_MF(ip4h)
Definition: decode-ipv4.h:112
unlikely
#define unlikely(expr)
Definition: util-optimize.h:35
PacketL3::vars
union PacketL3::@30 vars
IPV4_OPT_INVALID_LEN
@ IPV4_OPT_INVALID_LEN
Definition: decode-events.h:41
UtRegisterTest
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
Definition: util-unittest.c:103
DecodeESP
int DecodeESP(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint16_t len)
Function to decode IPSEC-ESP packets.
Definition: decode-esp.c:64
SCLogDebug
#define SCLogDebug(...)
Definition: util-debug.h:282
IPV4_OPT_FLAG_SSRR
#define IPV4_OPT_FLAG_SSRR
Definition: decode-ipv4.h:122
PKT_SRC_DECODER_IPV4
@ PKT_SRC_DECODER_IPV4
Definition: decode.h:54
IPV4Options_::o_ts
IPV4Opt o_ts
Definition: decode-ipv4.c:278
Packet_::flags
uint32_t flags
Definition: decode.h:551
PacketRecycle
void PacketRecycle(Packet *p)
Definition: packet.c:159
IPV4_OPT_SEC
#define IPV4_OPT_SEC
Definition: decode-ipv4.h:38
IPV4_OPT_CIPSO_MIN
#define IPV4_OPT_CIPSO_MIN
Definition: decode-ipv4.h:55
IPV4_OPT_FLAG_TS
#define IPV4_OPT_FLAG_TS
Definition: decode-ipv4.h:119
IPV4_OPT_LSRR
#define IPV4_OPT_LSRR
Definition: decode-ipv4.h:39
PKT_WANTS_FLOW
#define PKT_WANTS_FLOW
Definition: decode.h:1323
IPV4Options_::o_sec
IPV4Opt o_sec
Definition: decode-ipv4.c:279
IPV4_OPT_UNKNOWN
@ IPV4_OPT_UNKNOWN
Definition: decode-events.h:46
IPV4Options_::o_rr
IPV4Opt o_rr
Definition: decode-ipv4.c:276
IPV4_GET_RAW_IPOFFSET
#define IPV4_GET_RAW_IPOFFSET(ip4h)
Definition: decode-ipv4.h:100
IPV4_OPT_FLAG_SEC
#define IPV4_OPT_FLAG_SEC
Definition: decode-ipv4.h:124
IPPROTO_GRE
#define IPPROTO_GRE
Definition: decode-gre.h:30
IP_GET_RAW_VER
#define IP_GET_RAW_VER(pkt)
Definition: decode.h:233
IPV4_OPT_NOP
#define IPV4_OPT_NOP
Definition: decode-ipv4.h:34
IPV4_OPT_FLAG_QS
#define IPV4_OPT_FLAG_QS
Definition: decode-ipv4.h:120
IPV4_OPT_SID_LEN
#define IPV4_OPT_SID_LEN
Definition: decode-ipv4.h:47
TM_ECODE_FAILED
@ TM_ECODE_FAILED
Definition: tm-threads-common.h:82
IPV4Opt_::len
uint8_t len
Definition: decode-ipv4.h:67
IPV4_OPT_PAD_REQUIRED
@ IPV4_OPT_PAD_REQUIRED
Definition: decode-events.h:43
IPV4_OPT_QS
#define IPV4_OPT_QS
Definition: decode-ipv4.h:36
IPV4_OPT_MALFORMED
@ IPV4_OPT_MALFORMED
Definition: decode-events.h:42
IPV4_OPT_FLAG_ESEC
#define IPV4_OPT_FLAG_ESEC
Definition: decode-ipv4.h:127
DecodeSCTP
int DecodeSCTP(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint16_t len)
Definition: decode-sctp.c:62
FAIL_IF_NOT
#define FAIL_IF_NOT(expr)
Fail a test if expression evaluates to false.
Definition: util-unittest.h:82
TM_ECODE_OK
@ TM_ECODE_OK
Definition: tm-threads-common.h:81
tag
uint32_t tag
Definition: decode-vntag.h:0
IPV4_OPT_FLAG_LSRR
#define IPV4_OPT_FLAG_LSRR
Definition: decode-ipv4.h:121
PKT_SET_SRC
#define PKT_SET_SRC(p, src_val)
Definition: decode.h:1352
FlowInitConfig
void FlowInitConfig(bool quiet)
initialize the configuration
Definition: flow.c:571
DecodeIGMP
int DecodeIGMP(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len)
Definition: decode-igmp.c:70
IPV4Vars_::opt_cnt
uint16_t opt_cnt
Definition: decode-ipv4.h:131
decode.h
IPV4_OPT_EOL
#define IPV4_OPT_EOL
Definition: decode-ipv4.h:33
PASS
#define PASS
Pass the test.
Definition: util-unittest.h:105
GET_IPV4_DST_ADDR_PTR
#define GET_IPV4_DST_ADDR_PTR(p)
Definition: decode.h:200
IPV4_GET_RAW_FRAGOFFSET
#define IPV4_GET_RAW_FRAGOFFSET(ip4h)
Definition: decode-ipv4.h:101
PacketDequeueNoLock
Packet * PacketDequeueNoLock(PacketQueueNoLock *qnl)
Definition: packet-queue.c:208
PKT_IS_FRAGMENT
#define PKT_IS_FRAGMENT
Definition: decode.h:1317
IPV4_OPT_ROUTE_MIN
#define IPV4_OPT_ROUTE_MIN
Definition: decode-ipv4.h:52
util-print.h
GET_PKT_DATA
#define GET_PKT_DATA(p)
Definition: decode.h:210
ThreadVars_
Per thread variable structure.
Definition: threadvars.h:58
PrintInet
const char * PrintInet(int af, const void *src, char *dst, socklen_t size)
Definition: util-print.c:231
DecodeThreadVars_::counter_ipv6inipv4
StatsCounterId counter_ipv6inipv4
Definition: decode.h:1032
IPV4_TRUNC_PKT
@ IPV4_TRUNC_PKT
Definition: decode-events.h:37
IPV4_GET_RAW_HLEN
#define IPV4_GET_RAW_HLEN(ip4h)
Definition: decode-ipv4.h:96
StatsCounterIncr
void StatsCounterIncr(StatsThreadContext *stats, StatsCounterId id)
Increments the local counter.
Definition: counters.c:164
DecodeGRE
int DecodeGRE(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len)
Function to decode GRE packets.
Definition: decode-gre.c:47
PacketFree
void PacketFree(Packet *p)
Return a malloced packet.
Definition: decode.c:225
IPV4_OPT_RR
#define IPV4_OPT_RR
Definition: decode-ipv4.h:35
IPV4_OPT_FLAG_CIPSO
#define IPV4_OPT_FLAG_CIPSO
Definition: decode-ipv4.h:125
IPV4_HLEN_TOO_SMALL
@ IPV4_HLEN_TOO_SMALL
Definition: decode-events.h:35
SET_IPV4_SRC_ADDR
#define SET_IPV4_SRC_ADDR(ip4h, a)
Definition: decode.h:141
IPV4_OPT_ESEC
#define IPV4_OPT_ESEC
Definition: decode-ipv4.h:40
IPV4_OPT_FLAG_RTRALT
#define IPV4_OPT_FLAG_RTRALT
Definition: decode-ipv4.h:126
IPV4_OPT_RTRALT_LEN
#define IPV4_OPT_RTRALT_LEN
Definition: decode-ipv4.h:48
IPV4Options_::o_cipso
IPV4Opt o_cipso
Definition: decode-ipv4.c:282
Packet_
Definition: decode.h:505
DECODE_TUNNEL_IPV4
@ DECODE_TUNNEL_IPV4
Definition: decode.h:1131
GET_PKT_LEN
#define GET_PKT_LEN(p)
Definition: decode.h:209
IPV4_OPT_FLAG_RR
#define IPV4_OPT_FLAG_RR
Definition: decode-ipv4.h:118
ETHERNET_HEADER_LEN
#define ETHERNET_HEADER_LEN
Definition: decode-ethernet.h:27
PacketL3::ip4
IPV4Vars ip4
Definition: decode.h:446
IPV4_OPT_RTRALT
#define IPV4_OPT_RTRALT
Definition: decode-ipv4.h:44
IPV4_OPT_INVALID
@ IPV4_OPT_INVALID
Definition: decode-events.h:40
defrag.h
IPV4_PROTO_UNKNOWN
@ IPV4_PROTO_UNKNOWN
Definition: decode-events.h:49
IPV4Opt_::data
const uint8_t * data
Definition: decode-ipv4.h:68
dtv
DecodeThreadVars * dtv
Definition: fuzz_decodepcapfile.c:34
IPV4_OPT_TS
#define IPV4_OPT_TS
Definition: decode-ipv4.h:37
DecodeTCP
int DecodeTCP(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint16_t len)
Definition: decode-tcp.c:273
IPV4Hdr_
Definition: decode-ipv4.h:72
decode-ipv4.h
IPV4_OPT_CIPSO
#define IPV4_OPT_CIPSO
Definition: decode-ipv4.h:41
PacketEnqueueNoLock
void PacketEnqueueNoLock(PacketQueueNoLock *qnl, Packet *p)
Definition: packet-queue.c:168
IPPROTO_IPIP
#define IPPROTO_IPIP
Definition: decode.h:1239
DecodeThreadVars_::counter_ipv4_unknown_proto
StatsCounterId counter_ipv4_unknown_proto
Definition: decode.h:1035
IPV4Options_
Definition: decode-ipv4.c:275
DecodeThreadVars_::counter_ipv4inipv4
StatsCounterId counter_ipv4inipv4
Definition: decode.h:1031
FAIL_IF
#define FAIL_IF(expr)
Fail a test if expression evaluates to true.
Definition: util-unittest.h:71
GET_IPV4_SRC_ADDR_PTR
#define GET_IPV4_SRC_ADDR_PTR(p)
Definition: decode.h:199
suricata-common.h
FlowShutdown
void FlowShutdown(void)
shutdown the flow engine
Definition: flow.c:715
IPV4_HEADER_LEN
#define IPV4_HEADER_LEN
Definition: decode-ipv4.h:28
packet.h
IPV4Opt_::type
uint8_t type
Definition: decode-ipv4.h:66
IPV4Options
struct IPV4Options_ IPV4Options
IPV4_GET_RAW_FLAG_RF
#define IPV4_GET_RAW_FLAG_RF(ip4h)
Definition: decode-ipv4.h:114
IPV4Options_::o_rtralt
IPV4Opt o_rtralt
Definition: decode-ipv4.c:285
tv
ThreadVars * tv
Definition: fuzz_decodepcapfile.c:33
PKT_PPP_VJ_UCOMP
#define PKT_PPP_VJ_UCOMP
Definition: decode.h:1276
PacketGetFromAlloc
Packet * PacketGetFromAlloc(void)
Get a malloced packet.
Definition: decode.c:264
Packet_::flow_hash
uint32_t flow_hash
Definition: decode.h:557
Packet_::l3
struct PacketL3 l3
Definition: decode.h:604
IPV4_OPT_SEC_MIN
#define IPV4_OPT_SEC_MIN
Definition: decode-ipv4.h:51
IPV4_WRONG_IP_VER
@ IPV4_WRONG_IP_VER
Definition: decode-events.h:47
IPV4_OPT_SSRR
#define IPV4_OPT_SSRR
Definition: decode-ipv4.h:43
IPV4_OPT_FLAG_EOL
#define IPV4_OPT_FLAG_EOL
Definition: decode-ipv4.h:116
DecodeThreadVars_
Structure to hold thread specific data for all decode modules.
Definition: decode.h:982
Packet_::recursion_level
uint8_t recursion_level
Definition: decode.h:530
IPV4Options_::o_lsrr
IPV4Opt o_lsrr
Definition: decode-ipv4.c:280
ThreadVars_::decode_pq
PacketQueueNoLock decode_pq
Definition: threadvars.h:111
IPV4_OPT_FLAG_SID
#define IPV4_OPT_FLAG_SID
Definition: decode-ipv4.h:123
IPV4_OPT_EOL_REQUIRED
@ IPV4_OPT_EOL_REQUIRED
Definition: decode-events.h:44
IPV4_WITH_ICMPV6
@ IPV4_WITH_ICMPV6
Definition: decode-events.h:48
DecodeIPV4RegisterTests
void DecodeIPV4RegisterTests(void)
Definition: decode-ipv4.c:1569
Packet_::dst
Address dst
Definition: decode.h:510
ENGINE_SET_INVALID_EVENT
#define ENGINE_SET_INVALID_EVENT(p, e)
Definition: decode.h:1221
FLOW_QUIET
#define FLOW_QUIET
Definition: flow.h:43
IPV4Vars_::opts_set
uint16_t opts_set
Definition: decode-ipv4.h:132
IPV4_GET_RAW_IPLEN
#define IPV4_GET_RAW_IPLEN(ip4h)
Definition: decode-ipv4.h:98
DecodeThreadVars_::counter_ipv4
StatsCounterId counter_ipv4
Definition: decode.h:998
IPPROTO_SCTP
#define IPPROTO_SCTP
Definition: decode.h:1255
PacketTunnelPktSetup
Packet * PacketTunnelPktSetup(ThreadVars *tv, DecodeThreadVars *dtv, Packet *parent, const uint8_t *pkt, uint32_t len, enum DecodeTunnelProto proto)
Setup a pseudo packet (tunnel)
Definition: decode.c:399
Defrag
Packet * Defrag(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p)
Entry point for IPv4 and IPv6 fragments.
Definition: defrag.c:1063
flow.h
SET_IPV4_DST_ADDR
#define SET_IPV4_DST_ADDR(ip4h, a)
Definition: decode.h:150
DecodeIPV4
int DecodeIPV4(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint16_t len)
Definition: decode-ipv4.c:515
IPV4_OPT_SID
#define IPV4_OPT_SID
Definition: decode-ipv4.h:42
IPV4Opt_
Definition: decode-ipv4.h:61
ThreadVars_::stats
StatsThreadContext stats
Definition: threadvars.h:121
SCLogDebugEnabled
int SCLogDebugEnabled(void)
Returns whether debug messages are enabled to be logged or not.
Definition: util-debug.c:768
DecodeEthernet
int DecodeEthernet(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len)
Definition: decode-ethernet.c:42
FlowSetupPacket
void FlowSetupPacket(Packet *p)
prepare packet for a life with flow Set PKT_WANTS_FLOW flag to indicate workers should do a flow look...
Definition: flow-hash.c:533
Packet_::src
Address src
Definition: decode.h:509
PKT_IS_INVALID
#define PKT_IS_INVALID
Definition: decode.h:1318
IPV4Options_::o_ssrr
IPV4Opt o_ssrr
Definition: decode-ipv4.c:284
DefragInit
void DefragInit(void)
Definition: defrag.c:1109
IPV4_OPT_DUPLICATE
@ IPV4_OPT_DUPLICATE
Definition: decode-events.h:45
DecodeICMPV4
int DecodeICMPV4(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len)
Main ICMPv4 decoding function.
Definition: decode-icmpv4.c:143
IPV4Options_::o_esec
IPV4Opt o_esec
Definition: decode-ipv4.c:281