#include "suricata-common.h"#include "suricata.h"#include "detect.h"#include "flow.h"#include "threads.h"#include "conf.h"#include "flow-util.h"#include "threadvars.h"#include "tm-threads.h"#include "util-pool.h"#include "util-unittest.h"#include "util-print.h"#include "util-host-os-info.h"#include "util-unittest-helper.h"#include "util-byte.h"#include "util-device.h"#include "stream-tcp.h"#include "stream-tcp-private.h"#include "stream-tcp-cache.h"#include "stream-tcp-reassemble.h"#include "stream-tcp-inline.h"#include "stream-tcp-list.h"#include "stream-tcp-util.h"#include "stream.h"#include "util-debug.h"#include "app-layer-protos.h"#include "app-layer.h"#include "app-layer-events.h"#include "app-layer-parser.h"#include "app-layer-frames.h"#include "detect-engine-state.h"#include "util-profiling.h"#include "util-validate.h"#include "util-exception-policy.h"#include "tests/stream-tcp-reassemble.c"
Go to the source code of this file.
Macros | |
| #define | STREAMTCP_STREAM_FLAG_FLUSH_FLAGS |
| #define | SET_ISN(stream, setseq) |
| #define | MISSED_START(isn) |
| #define | MISSED_END |
| #define | MISSED_STEP(seq, seg, seglen, buf, buflen) |
| #define | MISSED_ADD_PAYLOAD(seq, seg, seglen) StreamTcpUTAddPayload(&tv, ra_ctx, &ssn, stream, (seq), (uint8_t *)(seg), (seglen)); |
Functions | |
| SC_ATOMIC_DECLARE (uint64_t, ra_memuse) | |
| bool | IsTcpSessionDumpingEnabled (void) |
| void | EnableTcpSessionDumping (void) |
| TcpSegment * | StreamTcpGetSegment (ThreadVars *tv, TcpReassemblyThreadCtx *ra_ctx) |
| get a segment from the pool More... | |
| void | StreamTcpCreateTestPacket (uint8_t *payload, uint8_t value, uint8_t payload_len, uint8_t len) |
| The Function to create the packet with given payload, which is used to test the reassembly of the engine. More... | |
| void | StreamTcpReassembleInitMemuse (void) |
| void | StreamTcpReassembleIncrMemuse (uint64_t size) |
| Function to Increment the memory usage counter for the TCP reassembly segments. More... | |
| void | StreamTcpReassembleDecrMemuse (uint64_t size) |
| Function to Decrease the memory usage counter for the TCP reassembly segments. More... | |
| uint64_t | StreamTcpReassembleMemuseGlobalCounter (void) |
| int | StreamTcpReassembleCheckMemcap (uint64_t size) |
| Function to Check the reassembly memory usage counter against the allowed max memory usage for TCP segments. More... | |
| int | StreamTcpReassembleSetMemcap (uint64_t size) |
| Update memcap value. More... | |
| uint64_t | StreamTcpReassembleGetMemcap (void) |
| Return memcap value. More... | |
| void * | StreamTcpReassembleRealloc (void *optr, size_t orig_size, size_t size) |
| void | StreamTcpSegmentReturntoPool (TcpSegment *seg) |
| Function to return the segment back to the pool. More... | |
| void | StreamTcpReturnStreamSegments (TcpStream *stream) |
| return all segments in this stream into the pool(s) More... | |
| uint64_t | StreamDataRightEdge (const TcpStream *stream, const bool eof) |
| uint64_t | StreamTcpGetUsable (const TcpStream *stream, const bool eof) |
| void | StreamTcpDisableAppLayer (Flow *f) |
| int | StreamTcpAppLayerIsDisabled (Flow *f) |
| int | StreamTcpReassembleInit (bool quiet) |
| void | StreamTcpReassembleFree (bool quiet) |
| TcpReassemblyThreadCtx * | StreamTcpReassembleInitThreadCtx (ThreadVars *tv) |
| void | StreamTcpReassembleFreeThreadCtx (TcpReassemblyThreadCtx *ra_ctx) |
| int | StreamTcpReassembleDepthReached (Packet *p) |
| check if stream in pkt direction has depth reached More... | |
| uint32_t | StreamDataAvailableForProtoDetect (TcpStream *stream) |
| int | StreamTcpReassembleHandleSegmentHandleData (ThreadVars *tv, TcpReassemblyThreadCtx *ra_ctx, TcpSession *ssn, TcpStream *stream, Packet *p) |
| Insert a packets TCP data into the stream reassembly engine. More... | |
| uint8_t | StreamNeedsReassembly (const TcpSession *ssn, uint8_t direction) |
| see what if any work the TCP session still needs More... | |
| int | StreamTcpReassembleAppLayer (ThreadVars *tv, TcpReassemblyThreadCtx *ra_ctx, TcpSession *ssn, TcpStream *stream, Packet *p, enum StreamUpdateDir app_update_dir) |
| Update the stream reassembly upon receiving a packet. More... | |
| bool | StreamReassembleRawHasDataReady (TcpSession *ssn, Packet *p) |
| does the stream engine have data to inspect? More... | |
| void | StreamReassembleRawUpdateProgress (TcpSession *ssn, Packet *p, const uint64_t progress) |
| update stream engine after detection More... | |
| int | StreamReassembleForFrame (TcpSession *ssn, TcpStream *stream, StreamReassembleRawFunc Callback, void *cb_data, const uint64_t offset, const bool eof) |
| int | StreamReassembleRaw (TcpSession *ssn, const Packet *p, StreamReassembleRawFunc Callback, void *cb_data, uint64_t *progress_out, bool respect_inspect_depth) |
| int | StreamReassembleLog (const TcpSession *ssn, const TcpStream *stream, StreamReassembleRawFunc Callback, void *cb_data, const uint64_t progress_in, uint64_t *progress_out, const bool eof) |
| int | StreamTcpReassembleHandleSegment (ThreadVars *tv, TcpReassemblyThreadCtx *ra_ctx, TcpSession *ssn, TcpStream *stream, Packet *p) |
| void | StreamTcpReassembleTriggerRawReassembly (TcpSession *ssn, int direction) |
| Trigger RAW stream reassembly. More... | |
| void | StreamTcpReassemblySetMinInspectDepth (TcpSession *ssn, int direction, uint32_t depth) |
| int | UTHCheckGapAtPosition (TcpStream *stream, int pos, uint64_t offset, uint32_t len) |
| int | UTHCheckDataAtPosition (TcpStream *stream, int pos, uint64_t offset, const char *data, uint32_t len) |
| void | StreamTcpReassembleRegisterTests (void) |
| The Function Register the Unit tests to test the reassembly engine for various OS policies. More... | |
Variables | |
| thread_local uint64_t | t_pcapcnt = UINT64_MAX |
| PoolThread * | segment_thread_pool = NULL |
Detailed Description
Reference: Judy Novak, Steve Sturges: Target-Based TCP Stream Reassembly August, 2007
Definition in file stream-tcp-reassemble.c.
Macro Definition Documentation
◆ MISSED_ADD_PAYLOAD
| #define MISSED_ADD_PAYLOAD | ( | seq, | |
| seg, | |||
| seglen | |||
| ) | StreamTcpUTAddPayload(&tv, ra_ctx, &ssn, stream, (seq), (uint8_t *)(seg), (seglen)); |
Definition at line 2205 of file stream-tcp-reassemble.c.
◆ MISSED_END
| #define MISSED_END |
Definition at line 2196 of file stream-tcp-reassemble.c.
◆ MISSED_START
| #define MISSED_START | ( | isn | ) |
Definition at line 2182 of file stream-tcp-reassemble.c.
◆ MISSED_STEP
| #define MISSED_STEP | ( | seq, | |
| seg, | |||
| seglen, | |||
| buf, | |||
| buflen | |||
| ) |
Definition at line 2201 of file stream-tcp-reassemble.c.
◆ SET_ISN
| #define SET_ISN | ( | stream, | |
| setseq | |||
| ) |
unit tests and it's support functions below
Definition at line 2139 of file stream-tcp-reassemble.c.
◆ STREAMTCP_STREAM_FLAG_FLUSH_FLAGS
| #define STREAMTCP_STREAM_FLAG_FLUSH_FLAGS |
Function Documentation
◆ EnableTcpSessionDumping()
| void EnableTcpSessionDumping | ( | void | ) |
Definition at line 94 of file stream-tcp-reassemble.c.
◆ IsTcpSessionDumpingEnabled()
|
inline |
Definition at line 89 of file stream-tcp-reassemble.c.
◆ SC_ATOMIC_DECLARE()
| SC_ATOMIC_DECLARE | ( | uint64_t | , |
| ra_memuse | |||
| ) |
◆ StreamDataAvailableForProtoDetect()
| uint32_t StreamDataAvailableForProtoDetect | ( | TcpStream * | stream | ) |
Definition at line 712 of file stream-tcp-reassemble.c.
References StreamingBufferRegion_::buf_offset, DEBUG_VALIDATE_BUG_ON, StreamingBuffer_::head, RB_EMPTY, StreamingBuffer_::region, TcpStream_::sb, StreamingBuffer_::sbb_size, StreamingBuffer_::sbb_tree, and StreamingBufferRegion_::stream_offset.
◆ StreamDataRightEdge()
| uint64_t StreamDataRightEdge | ( | const TcpStream * | stream, |
| const bool | eof | ||
| ) |
Definition at line 416 of file stream-tcp-reassemble.c.
References TcpStream_::base_seq, MIN, TcpStream_::segs_right_edge, STREAM_BASE_OFFSET, and StreamTcpInlineMode().
◆ StreamNeedsReassembly()
| uint8_t StreamNeedsReassembly | ( | const TcpSession * | ssn, |
| uint8_t | direction | ||
| ) |
see what if any work the TCP session still needs
Definition at line 914 of file stream-tcp-reassemble.c.
References TcpStream_::base_seq, TcpSession_::client, TcpStream_::flags, TcpSession_::flags, SCLogDebug, TcpStream_::segs_right_edge, TcpSession_::server, STREAM_APP_PROGRESS, STREAM_BASE_OFFSET, STREAM_HAS_UNPROCESSED_SEGMENTS_NEED_ONLY_DETECTION, STREAM_RAW_PROGRESS, STREAMTCP_FLAG_APP_LAYER_DISABLED, and STREAMTCP_STREAM_FLAG_DISABLE_RAW.
Referenced by FlowNeedsReassembly().
◆ StreamReassembleForFrame()
| int StreamReassembleForFrame | ( | TcpSession * | ssn, |
| TcpStream * | stream, | ||
| StreamReassembleRawFunc | Callback, | ||
| void * | cb_data, | ||
| const uint64_t | offset, | ||
| const bool | eof | ||
| ) |
Definition at line 1828 of file stream-tcp-reassemble.c.
References SCLogDebug, and STREAM_APP_PROGRESS.
◆ StreamReassembleLog()
| int StreamReassembleLog | ( | const TcpSession * | ssn, |
| const TcpStream * | stream, | ||
| StreamReassembleRawFunc | Callback, | ||
| void * | cb_data, | ||
| const uint64_t | progress_in, | ||
| uint64_t * | progress_out, | ||
| const bool | eof | ||
| ) |
Definition at line 1905 of file stream-tcp-reassemble.c.
References TcpStream_::flags, and STREAMTCP_STREAM_FLAG_NOREASSEMBLY.
◆ StreamReassembleRaw()
| int StreamReassembleRaw | ( | TcpSession * | ssn, |
| const Packet * | p, | ||
| StreamReassembleRawFunc | Callback, | ||
| void * | cb_data, | ||
| uint64_t * | progress_out, | ||
| bool | respect_inspect_depth | ||
| ) |
Definition at line 1840 of file stream-tcp-reassemble.c.
References StreamTcpInlineMode().
Referenced by DetectEngineInspectStreamPayload().
◆ StreamReassembleRawHasDataReady()
| bool StreamReassembleRawHasDataReady | ( | TcpSession * | ssn, |
| Packet * | p | ||
| ) |
does the stream engine have data to inspect?
Returns true if there is data to inspect. In IDS case this is about ACK'd data in the packet's direction.
In the IPS case this is about the packet itself.
Definition at line 1445 of file stream-tcp-reassemble.c.
References TcpStream_::base_seq, TcpSession_::client, TcpStream_::flags, PKT_IS_TOSERVER, RB_EMPTY, TcpStream_::seg_tree, TcpStream_::segs_right_edge, TcpSession_::server, STREAM_BASE_OFFSET, STREAM_RAW_PROGRESS, STREAMTCP_STREAM_FLAG_DISABLE_RAW, STREAMTCP_STREAM_FLAG_NOREASSEMBLY, and StreamTcpInlineMode().
◆ StreamReassembleRawUpdateProgress()
| void StreamReassembleRawUpdateProgress | ( | TcpSession * | ssn, |
| Packet * | p, | ||
| const uint64_t | progress | ||
| ) |
update stream engine after detection
Tasked with progressing the 'progress' for Raw reassembly. 2 main scenario's:
- progress is != 0, so we use this
- progress is 0, meaning the detect engine didn't touch raw at all. In this case we need to look into progressing raw anyway.
Additionally, this function is tasked with disabling raw reassembly if the app-layer requested to disable it.
Definition at line 1491 of file stream-tcp-reassemble.c.
References TcpSession_::client, DEBUG_VALIDATE_BUG_ON, TcpStream_::flags, TcpSession_::flags, PKT_IS_TOSERVER, TcpStream_::raw_progress_rel, TcpSession_::server, STREAM_APP_PROGRESS, STREAM_RAW_PROGRESS, STREAMTCP_FLAG_APP_LAYER_DISABLED, and STREAMTCP_STREAM_FLAG_TRIGGER_RAW.
◆ StreamTcpAppLayerIsDisabled()
| int StreamTcpAppLayerIsDisabled | ( | Flow * | f | ) |
- Parameters
-
f locked flow
Definition at line 462 of file stream-tcp-reassemble.c.
References TcpSession_::flags, Flow_::proto, Flow_::protoctx, and STREAMTCP_FLAG_APP_LAYER_DISABLED.
◆ StreamTcpCreateTestPacket()
| void StreamTcpCreateTestPacket | ( | uint8_t * | payload, |
| uint8_t | value, | ||
| uint8_t | payload_len, | ||
| uint8_t | len | ||
| ) |
The Function to create the packet with given payload, which is used to test the reassembly of the engine.
- Parameters
-
payload The variable used to store the payload contents of the current packet. value The value which current payload will have for this packet payload_len The length of the filed payload for current packet. len Length of the payload array
Definition at line 2152 of file stream-tcp-reassemble.c.
References len, and payload_len.
◆ StreamTcpDisableAppLayer()
| void StreamTcpDisableAppLayer | ( | Flow * | f | ) |
- Parameters
-
f locked flow
Definition at line 446 of file stream-tcp-reassemble.c.
References Flow_::alparser, APP_LAYER_PARSER_EOF_TC, APP_LAYER_PARSER_EOF_TS, AppLayerParserStateSetFlag(), TcpSession_::client, Flow_::protoctx, TcpSession_::server, StreamTcpDisableAppLayerReassembly, and StreamTcpSetStreamFlagAppProtoDetectionCompleted.
◆ StreamTcpGetSegment()
| TcpSegment * StreamTcpGetSegment | ( | ThreadVars * | tv, |
| TcpReassemblyThreadCtx * | ra_ctx | ||
| ) |
get a segment from the pool
- Return values
-
seg Segment from the pool or NULL
Definition at line 2065 of file stream-tcp-reassemble.c.
References TcpReassemblyThreadCtx_::counter_tcp_segment_from_cache, TcpReassemblyThreadCtx_::counter_tcp_segment_from_pool, TcpReassemblyThreadCtx_::counter_tcp_segment_memcap, PoolThreadGetById(), TcpSegment::sbseg, SCLogDebug, segment_thread_pool, TcpReassemblyThreadCtx_::segment_thread_pool_id, StatsIncr(), StreamTcpThreadCacheGetSegment(), and tv.
Referenced by StreamTcpUTAddSegmentWithByte(), and StreamTcpUTAddSegmentWithPayload().
◆ StreamTcpGetUsable()
| uint64_t StreamTcpGetUsable | ( | const TcpStream * | stream, |
| const bool | eof | ||
| ) |
Definition at line 425 of file stream-tcp-reassemble.c.
Referenced by FrameJsonLogOneFrame().
◆ StreamTcpReassembleAppLayer()
| int StreamTcpReassembleAppLayer | ( | ThreadVars * | tv, |
| TcpReassemblyThreadCtx * | ra_ctx, | ||
| TcpSession * | ssn, | ||
| TcpStream * | stream, | ||
| Packet * | p, | ||
| enum StreamUpdateDir | app_update_dir | ||
| ) |
Update the stream reassembly upon receiving a packet.
For IDS mode, the stream is in the opposite direction of the packet, as the ACK-packet is ACK'ing the stream.
One of the utilities call by this function AppLayerHandleTCPData(), has a feature where it will call this very same function for the stream opposing the stream it is called with. This shouldn't cause any issues, since processing of each stream is independent of the other stream.
Definition at line 1334 of file stream-tcp-reassemble.c.
References AppLayerHandleTCPData(), TcpStream_::flags, TcpSession_::flags, Packet_::flags, Packet_::flow, PKT_PSEUDO_STREAM_END, RB_MIN, SCEnter, SCLogDebug, SCReturnInt, TcpStream_::seg_tree, TcpSession_::state, STREAM_APP_PROGRESS, STREAM_HAS_SEEN_DATA, STREAM_RIGHT_EDGE, STREAMTCP_FLAG_APP_LAYER_DISABLED, STREAMTCP_STREAM_FLAG_NOREASSEMBLY, TCP_CLOSING, and tv.
◆ StreamTcpReassembleCheckMemcap()
| int StreamTcpReassembleCheckMemcap | ( | uint64_t | size | ) |
Function to Check the reassembly memory usage counter against the allowed max memory usage for TCP segments.
- Parameters
-
size Size of the TCP segment and its payload length memory allocated
- Return values
-
1 if in bounds 0 if not in bounds
Definition at line 162 of file stream-tcp-reassemble.c.
References SC_ATOMIC_GET, SCLogNotice, stream_config, t_pcapcnt, and unlikely.
Referenced by StreamTcpReassembleRealloc().
◆ StreamTcpReassembleDecrMemuse()
| void StreamTcpReassembleDecrMemuse | ( | uint64_t | size | ) |
Function to Decrease the memory usage counter for the TCP reassembly segments.
- Parameters
-
size Size of the TCP segment and its payload length memory allocated
Definition at line 127 of file stream-tcp-reassemble.c.
References BUG_ON, RunmodeIsUnittests(), SC_ATOMIC_GET, SC_ATOMIC_SUB, SCLogDebug, and StreamTcpReassembleMemuseGlobalCounter().
Referenced by StreamTcpReassembleRealloc().
◆ StreamTcpReassembleDepthReached()
| int StreamTcpReassembleDepthReached | ( | Packet * | p | ) |
check if stream in pkt direction has depth reached
- Parameters
-
p packet with LOCKED flow
- Return values
-
1 stream has depth reached 0 stream does not have depth reached
Definition at line 615 of file stream-tcp-reassemble.c.
References TcpSession_::client, TcpStream_::flags, Packet_::flow, FLOW_PKT_TOSERVER, Packet_::flowflags, Flow_::protoctx, TcpSession_::server, and STREAMTCP_STREAM_FLAG_DEPTH_REACHED.
◆ StreamTcpReassembleFree()
| void StreamTcpReassembleFree | ( | bool | quiet | ) |
Definition at line 538 of file stream-tcp-reassemble.c.
References SCMutexLock.
Referenced by StreamTcpFreeConfig().
◆ StreamTcpReassembleFreeThreadCtx()
| void StreamTcpReassembleFreeThreadCtx | ( | TcpReassemblyThreadCtx * | ra_ctx | ) |
Definition at line 595 of file stream-tcp-reassemble.c.
References TcpReassemblyThreadCtx_::app_tctx, AppLayerDestroyCtxThread(), SCEnter, SCFree, SCReturn, and StreamTcpThreadCacheCleanup().
Referenced by StreamTcpThreadDeinit(), and StreamTcpUTDeinit().
◆ StreamTcpReassembleGetMemcap()
| uint64_t StreamTcpReassembleGetMemcap | ( | void | ) |
Return memcap value.
- Returns
- memcap memcap value
Definition at line 198 of file stream-tcp-reassemble.c.
References SC_ATOMIC_GET, and stream_config.
◆ StreamTcpReassembleHandleSegment()
| int StreamTcpReassembleHandleSegment | ( | ThreadVars * | tv, |
| TcpReassemblyThreadCtx * | ra_ctx, | ||
| TcpSession * | ssn, | ||
| TcpStream * | stream, | ||
| Packet * | p | ||
| ) |
Definition at line 1945 of file stream-tcp-reassemble.c.
References DEBUG_VALIDATE_BUG_ON, and SCEnter.
◆ StreamTcpReassembleHandleSegmentHandleData()
| int StreamTcpReassembleHandleSegmentHandleData | ( | ThreadVars * | tv, |
| TcpReassemblyThreadCtx * | ra_ctx, | ||
| TcpSession * | ssn, | ||
| TcpStream * | stream, | ||
| Packet * | p | ||
| ) |
Insert a packets TCP data into the stream reassembly engine.
- Return values
-
0 good segment, as far as we checked. -1 insert failure due to memcap
If the retval is 0 the segment is inserted correctly, or overlap is handled, or it wasn't added because of reassembly depth.
Definition at line 736 of file stream-tcp-reassemble.c.
References TcpSession_::data_first_seen_dir, TcpStream_::flags, TcpSession_::flags, TcpStream_::os_policy, PKT_IS_TOSERVER, SCEnter, SCLogDebug, SCReturnInt, STREAMTCP_FLAG_APP_LAYER_DISABLED, STREAMTCP_STREAM_FLAG_NEW_RAW_DISABLED, and StreamTcpSetOSPolicy().
Referenced by StreamTcpUTAddPayload().
◆ StreamTcpReassembleIncrMemuse()
| void StreamTcpReassembleIncrMemuse | ( | uint64_t | size | ) |
Function to Increment the memory usage counter for the TCP reassembly segments.
- Parameters
-
size Size of the TCP segment and its payload length memory allocated
Definition at line 114 of file stream-tcp-reassemble.c.
References SC_ATOMIC_ADD, SCLogDebug, and StreamTcpReassembleMemuseGlobalCounter().
Referenced by StreamTcpReassembleRealloc().
◆ StreamTcpReassembleInit()
| int StreamTcpReassembleInit | ( | bool | quiet | ) |
Definition at line 522 of file stream-tcp-reassemble.c.
References StreamTcpReassembleInitMemuse().
◆ StreamTcpReassembleInitMemuse()
| void StreamTcpReassembleInitMemuse | ( | void | ) |
Definition at line 103 of file stream-tcp-reassemble.c.
References SC_ATOMIC_INIT.
Referenced by StreamTcpReassembleInit(), and UtRunTests().
◆ StreamTcpReassembleInitThreadCtx()
| TcpReassemblyThreadCtx* StreamTcpReassembleInitThreadCtx | ( | ThreadVars * | tv | ) |
Definition at line 556 of file stream-tcp-reassemble.c.
References TcpReassemblyThreadCtx_::app_tctx, AppLayerGetCtxThread(), SCCalloc, SCEnter, SCMutexLock, and unlikely.
Referenced by StreamTcpUTInit().
◆ StreamTcpReassembleMemuseGlobalCounter()
| uint64_t StreamTcpReassembleMemuseGlobalCounter | ( | void | ) |
Definition at line 148 of file stream-tcp-reassemble.c.
References SC_ATOMIC_GET.
Referenced by StreamTcpReassembleDecrMemuse(), and StreamTcpReassembleIncrMemuse().
◆ StreamTcpReassembleRealloc()
| void* StreamTcpReassembleRealloc | ( | void * | optr, |
| size_t | orig_size, | ||
| size_t | size | ||
| ) |
Definition at line 227 of file stream-tcp-reassemble.c.
References SC_ATOMIC_GET, SC_ELIMIT, SC_ENOMEM, sc_errno, SCLogDebug, SCRealloc, stream_config, StreamTcpReassembleCheckMemcap(), StreamTcpReassembleDecrMemuse(), and StreamTcpReassembleIncrMemuse().
◆ StreamTcpReassembleRegisterTests()
| void StreamTcpReassembleRegisterTests | ( | void | ) |
The Function Register the Unit tests to test the reassembly engine for various OS policies.
Definition at line 3847 of file stream-tcp-reassemble.c.
References UtRegisterTest().
◆ StreamTcpReassembleSetMemcap()
| int StreamTcpReassembleSetMemcap | ( | uint64_t | size | ) |
Update memcap value.
- Parameters
-
size new memcap value
Definition at line 183 of file stream-tcp-reassemble.c.
References SC_ATOMIC_GET, SC_ATOMIC_SET, and stream_config.
◆ StreamTcpReassembleTriggerRawReassembly()
| void StreamTcpReassembleTriggerRawReassembly | ( | TcpSession * | ssn, |
| int | direction | ||
| ) |
Trigger RAW stream reassembly.
Used by AppLayerTriggerRawStreamReassembly to trigger RAW stream reassembly from the applayer, for example upon completion of a HTTP request.
It sets a flag in the stream so that the next Raw call will return the data.
- Parameters
-
ssn TcpSession
Definition at line 2101 of file stream-tcp-reassemble.c.
References BUG_ON, TcpSession_::client, TcpStream_::flags, SCLogDebug, TcpSession_::server, and STREAMTCP_STREAM_FLAG_TRIGGER_RAW.
Referenced by AppLayerParserTriggerRawStreamReassembly().
◆ StreamTcpReassemblySetMinInspectDepth()
| void StreamTcpReassemblySetMinInspectDepth | ( | TcpSession * | ssn, |
| int | direction, | ||
| uint32_t | depth | ||
| ) |
Definition at line 2118 of file stream-tcp-reassemble.c.
References BUG_ON, TcpSession_::client, TcpStream_::min_inspect_depth, SCLogDebug, and TcpSession_::server.
◆ StreamTcpReturnStreamSegments()
| void StreamTcpReturnStreamSegments | ( | TcpStream * | stream | ) |
return all segments in this stream into the pool(s)
- Parameters
-
stream the stream to cleanup
Definition at line 396 of file stream-tcp-reassemble.c.
References RB_FOREACH_SAFE, RB_REMOVE, TcpStream_::seg_tree, and StreamTcpSegmentReturntoPool().
Referenced by StreamTcpPruneSession(), StreamTcpSessionPktFree(), and StreamTcpStreamCleanup().
◆ StreamTcpSegmentReturntoPool()
| void StreamTcpSegmentReturntoPool | ( | TcpSegment * | seg | ) |
Function to return the segment back to the pool.
- Parameters
-
seg Segment which will be returned back to the pool.
Definition at line 379 of file stream-tcp-reassemble.c.
References TcpSegment::pcap_hdr_storage, TcpSegmentPcapHdrStorage_::pktlen, and StreamTcpThreadCacheReturnSegment().
Referenced by StreamTcpReturnStreamSegments().
◆ UTHCheckDataAtPosition()
| int UTHCheckDataAtPosition | ( | TcpStream * | stream, |
| int | pos, | ||
| uint64_t | offset, | ||
| const char * | data, | ||
| uint32_t | len | ||
| ) |
Definition at line 2232 of file stream-tcp-reassemble.c.
References cnt, len, StreamingBufferBlock::len, offset, StreamingBufferBlock::offset, RB_FOREACH, TcpStream_::sb, StreamingBuffer_::sbb_tree, and StreamingBufferSBBGetData().
◆ UTHCheckGapAtPosition()
| int UTHCheckGapAtPosition | ( | TcpStream * | stream, |
| int | pos, | ||
| uint64_t | offset, | ||
| uint32_t | len | ||
| ) |
Definition at line 2209 of file stream-tcp-reassemble.c.
References cnt, len, StreamingBufferBlock::len, offset, StreamingBufferBlock::offset, RB_FOREACH, TcpStream_::sb, and StreamingBuffer_::sbb_tree.
Variable Documentation
◆ segment_thread_pool
| PoolThread* segment_thread_pool = NULL |
Definition at line 80 of file stream-tcp-reassemble.c.
Referenced by StreamTcpGetSegment(), and StreamTcpThreadCacheReturnSegment().
◆ t_pcapcnt
| thread_local uint64_t t_pcapcnt = UINT64_MAX |
Definition at line 78 of file stream-tcp-reassemble.c.
Referenced by StreamTcp(), and StreamTcpReassembleCheckMemcap().
