rename session_direction to flow_direction
This commit is contained in:
luwenpeng
@@ -50,12 +50,12 @@ const struct tuple6 *session_get_tuple(const struct session *sess)
|
||||
return &sess->tuple;
|
||||
}
|
||||
|
||||
void session_set_tuple_direction(struct session *sess, enum session_direction dir)
|
||||
void session_set_tuple_direction(struct session *sess, enum flow_direction dir)
|
||||
{
|
||||
sess->tuple_dir = dir;
|
||||
}
|
||||
|
||||
enum session_direction session_get_tuple_direction(const struct session *sess)
|
||||
enum flow_direction session_get_tuple_direction(const struct session *sess)
|
||||
{
|
||||
return sess->tuple_dir;
|
||||
}
|
||||
@@ -65,14 +65,24 @@ const char *session_get_tuple_str(const struct session *sess)
|
||||
return sess->tuple_str;
|
||||
}
|
||||
|
||||
void session_set_current_direction(struct session *sess, enum session_direction dir)
|
||||
void session_set_direction(struct session *sess, enum session_direction dir)
|
||||
{
|
||||
sess->cur_dir = dir;
|
||||
sess->sess_dir = dir;
|
||||
}
|
||||
|
||||
enum session_direction session_get_current_direction(const struct session *sess)
|
||||
enum session_direction session_get_direction(const struct session *sess)
|
||||
{
|
||||
return sess->cur_dir;
|
||||
return sess->sess_dir;
|
||||
}
|
||||
|
||||
void session_set_flow_direction(struct session *sess, enum flow_direction dir)
|
||||
{
|
||||
sess->flow_dir = dir;
|
||||
}
|
||||
|
||||
enum flow_direction session_get_flow_direction(const struct session *sess)
|
||||
{
|
||||
return sess->flow_dir;
|
||||
}
|
||||
|
||||
void session_set_state(struct session *sess, enum session_state state)
|
||||
@@ -115,12 +125,12 @@ enum closing_reason session_get_closing_reason(const struct session *sess)
|
||||
return sess->reason;
|
||||
}
|
||||
|
||||
void session_inc_stat(struct session *sess, enum session_direction dir, enum session_stat stat, uint64_t val)
|
||||
void session_inc_stat(struct session *sess, enum flow_direction dir, enum session_stat stat, uint64_t val)
|
||||
{
|
||||
sess->stats[dir][stat] += val;
|
||||
}
|
||||
|
||||
uint64_t session_get_stat(const struct session *sess, enum session_direction dir, enum session_stat stat)
|
||||
uint64_t session_get_stat(const struct session *sess, enum flow_direction dir, enum session_stat stat)
|
||||
{
|
||||
return sess->stats[dir][stat];
|
||||
}
|
||||
@@ -135,42 +145,42 @@ uint64_t session_get_timestamp(const struct session *sess, enum session_timestam
|
||||
return sess->timestamps[type];
|
||||
}
|
||||
|
||||
void session_clear_sid_list(struct session *sess, enum session_direction dir)
|
||||
void session_clear_sid_list(struct session *sess, enum flow_direction dir)
|
||||
{
|
||||
memset(&sess->sids[dir], 0, sizeof(struct sid_list));
|
||||
}
|
||||
|
||||
void session_set_sid_list(struct session *sess, enum session_direction dir, const struct sid_list *list)
|
||||
void session_set_sid_list(struct session *sess, enum flow_direction dir, const struct sid_list *list)
|
||||
{
|
||||
sess->sids[dir] = *list;
|
||||
}
|
||||
|
||||
void session_get_sid_list(const struct session *sess, enum session_direction dir, struct sid_list *list)
|
||||
void session_get_sid_list(const struct session *sess, enum flow_direction dir, struct sid_list *list)
|
||||
{
|
||||
*list = sess->sids[dir];
|
||||
}
|
||||
|
||||
void session_clear_route_ctx(struct session *sess, enum session_direction dir)
|
||||
void session_clear_route_ctx(struct session *sess, enum flow_direction dir)
|
||||
{
|
||||
memset(&sess->route_ctx[dir], 0, sizeof(struct route_ctx));
|
||||
}
|
||||
|
||||
void session_set_route_ctx(struct session *sess, enum session_direction dir, const struct route_ctx *ctx)
|
||||
void session_set_route_ctx(struct session *sess, enum flow_direction dir, const struct route_ctx *ctx)
|
||||
{
|
||||
sess->route_ctx[dir] = *ctx;
|
||||
}
|
||||
|
||||
void session_get_route_ctx(const struct session *sess, enum session_direction dir, struct route_ctx *ctx)
|
||||
void session_get_route_ctx(const struct session *sess, enum flow_direction dir, struct route_ctx *ctx)
|
||||
{
|
||||
*ctx = sess->route_ctx[dir];
|
||||
}
|
||||
|
||||
void session_set_1st_packet(struct session *sess, enum session_direction dir, const struct packet *pkt)
|
||||
void session_set_first_packet(struct session *sess, enum flow_direction dir, const struct packet *pkt)
|
||||
{
|
||||
sess->first_pkt[dir] = packet_dup(pkt);
|
||||
}
|
||||
|
||||
const struct packet *session_get_1st_packet(const struct session *sess, enum session_direction dir)
|
||||
const struct packet *session_get_first_packet(const struct session *sess, enum flow_direction dir)
|
||||
{
|
||||
return sess->first_pkt[dir];
|
||||
}
|
||||
@@ -197,7 +207,7 @@ void *session_get_user_data(const struct session *sess)
|
||||
|
||||
struct tcp_segment *session_get_tcp_segment(struct session *sess)
|
||||
{
|
||||
enum session_direction dir = session_get_current_direction(sess);
|
||||
enum flow_direction dir = session_get_flow_direction(sess);
|
||||
struct tcp_half *half = &sess->tcp_halfs[dir];
|
||||
|
||||
if (half->in_order.data != NULL && half->in_order.len > 0)
|
||||
@@ -225,7 +235,7 @@ void session_free_tcp_segment(struct session *sess, struct tcp_segment *seg)
|
||||
return;
|
||||
}
|
||||
|
||||
enum session_direction dir = session_get_current_direction(sess);
|
||||
enum flow_direction dir = session_get_flow_direction(sess);
|
||||
struct tcp_half *half = &sess->tcp_halfs[dir];
|
||||
|
||||
if (seg == &half->in_order)
|
||||
@@ -405,13 +415,13 @@ const char *session_type_to_str(enum session_type type)
|
||||
}
|
||||
}
|
||||
|
||||
const char *session_direction_to_str(enum session_direction dir)
|
||||
const char *flow_direction_to_str(enum flow_direction dir)
|
||||
{
|
||||
switch (dir)
|
||||
{
|
||||
case SESSION_DIRECTION_C2S:
|
||||
case FLOW_DIRECTION_C2S:
|
||||
return "C2S";
|
||||
case SESSION_DIRECTION_S2C:
|
||||
case FLOW_DIRECTION_S2C:
|
||||
return "S2C";
|
||||
default:
|
||||
return "unknown";
|
||||
@@ -458,7 +468,7 @@ int session_to_json(struct session *sess, char *buff, int size)
|
||||
used += snprintf(buff + used, size - used, "\"current_packet\":\"%p\",", session_get_current_packet(sess));
|
||||
|
||||
const char *str[] = {"c2s", "s2c"};
|
||||
enum session_direction dir[] = {SESSION_DIRECTION_C2S, SESSION_DIRECTION_S2C};
|
||||
enum flow_direction dir[] = {FLOW_DIRECTION_C2S, FLOW_DIRECTION_S2C};
|
||||
for (int i = 0; i < 2; i++)
|
||||
{
|
||||
if (session_get_type(sess) == SESSION_TYPE_TCP)
|
||||
@@ -486,7 +496,7 @@ int session_to_json(struct session *sess, char *buff, int size)
|
||||
used += snprintf(buff + used, size - used, "\"%s_tcp_plds_released\":%" PRIu64 ",", str[i], session_get_stat(sess, dir[i], STAT_TCP_PLDS_RELEASED));
|
||||
}
|
||||
|
||||
used += snprintf(buff + used, size - used, "\"%s_1st_pkt\":\"%p\",", str[i], session_get_1st_packet(sess, dir[i]));
|
||||
used += snprintf(buff + used, size - used, "\"%s_1st_pkt\":\"%p\",", str[i], session_get_first_packet(sess, dir[i]));
|
||||
used += snprintf(buff + used, size - used, "\"%s_raw_pkts_rx\":%" PRIu64 ",", str[i], session_get_stat(sess, dir[i], STAT_RAW_PKTS_RX));
|
||||
used += snprintf(buff + used, size - used, "\"%s_raw_bytes_rx\":%" PRIu64 ",", str[i], session_get_stat(sess, dir[i], STAT_RAW_BYTES_RX));
|
||||
used += snprintf(buff + used, size - used, "\"%s_raw_pkts_tx\":%" PRIu64 ",", str[i], session_get_stat(sess, dir[i], STAT_RAW_PKTS_TX));
|
||||
|
||||
@@ -227,15 +227,15 @@ static int check_options(const struct session_manager_options *opts)
|
||||
|
||||
static void tcp_clean(struct session_manager *mgr, struct session *sess)
|
||||
{
|
||||
struct tcp_reassembly *c2s_ssembler = sess->tcp_halfs[SESSION_DIRECTION_C2S].assembler;
|
||||
struct tcp_reassembly *s2c_ssembler = sess->tcp_halfs[SESSION_DIRECTION_S2C].assembler;
|
||||
struct tcp_reassembly *c2s_ssembler = sess->tcp_halfs[FLOW_DIRECTION_C2S].assembler;
|
||||
struct tcp_reassembly *s2c_ssembler = sess->tcp_halfs[FLOW_DIRECTION_S2C].assembler;
|
||||
struct tcp_segment *seg;
|
||||
if (c2s_ssembler)
|
||||
{
|
||||
while ((seg = tcp_reassembly_expire(c2s_ssembler, UINT64_MAX)))
|
||||
{
|
||||
session_inc_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_SEGS_RELEASED, 1);
|
||||
session_inc_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_PLDS_RELEASED, seg->len);
|
||||
session_inc_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_SEGS_RELEASED, 1);
|
||||
session_inc_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_PLDS_RELEASED, seg->len);
|
||||
mgr->stat.nr_tcp_seg_released++;
|
||||
tcp_segment_free(seg);
|
||||
}
|
||||
@@ -245,8 +245,8 @@ static void tcp_clean(struct session_manager *mgr, struct session *sess)
|
||||
{
|
||||
while ((seg = tcp_reassembly_expire(s2c_ssembler, UINT64_MAX)))
|
||||
{
|
||||
session_inc_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_SEGS_RELEASED, 1);
|
||||
session_inc_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_PLDS_RELEASED, seg->len);
|
||||
session_inc_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_SEGS_RELEASED, 1);
|
||||
session_inc_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_PLDS_RELEASED, seg->len);
|
||||
mgr->stat.nr_tcp_seg_released++;
|
||||
tcp_segment_free(seg);
|
||||
}
|
||||
@@ -261,9 +261,9 @@ static int tcp_init(struct session_manager *mgr, struct session *sess)
|
||||
return 0;
|
||||
}
|
||||
|
||||
sess->tcp_halfs[SESSION_DIRECTION_C2S].assembler = tcp_reassembly_new(mgr->opts.tcp_reassembly_max_timeout, mgr->opts.tcp_reassembly_max_segments);
|
||||
sess->tcp_halfs[SESSION_DIRECTION_S2C].assembler = tcp_reassembly_new(mgr->opts.tcp_reassembly_max_timeout, mgr->opts.tcp_reassembly_max_segments);
|
||||
if (sess->tcp_halfs[SESSION_DIRECTION_C2S].assembler == NULL || sess->tcp_halfs[SESSION_DIRECTION_S2C].assembler == NULL)
|
||||
sess->tcp_halfs[FLOW_DIRECTION_C2S].assembler = tcp_reassembly_new(mgr->opts.tcp_reassembly_max_timeout, mgr->opts.tcp_reassembly_max_segments);
|
||||
sess->tcp_halfs[FLOW_DIRECTION_S2C].assembler = tcp_reassembly_new(mgr->opts.tcp_reassembly_max_timeout, mgr->opts.tcp_reassembly_max_segments);
|
||||
if (sess->tcp_halfs[FLOW_DIRECTION_C2S].assembler == NULL || sess->tcp_halfs[FLOW_DIRECTION_S2C].assembler == NULL)
|
||||
{
|
||||
tcp_clean(mgr, sess);
|
||||
return -1;
|
||||
@@ -271,13 +271,13 @@ static int tcp_init(struct session_manager *mgr, struct session *sess)
|
||||
|
||||
SESSION_LOG_DEBUG("session %lu %s new c2s tcp assembler %p, s2c tcp assembler %p",
|
||||
session_get_id(sess), session_get_tuple_str(sess),
|
||||
sess->tcp_halfs[SESSION_DIRECTION_C2S].assembler,
|
||||
sess->tcp_halfs[SESSION_DIRECTION_S2C].assembler);
|
||||
sess->tcp_halfs[FLOW_DIRECTION_C2S].assembler,
|
||||
sess->tcp_halfs[FLOW_DIRECTION_S2C].assembler);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void tcp_update(struct session_manager *mgr, struct session *sess, enum session_direction dir, const struct packet_layer *tcp_layer, uint64_t now)
|
||||
static void tcp_update(struct session_manager *mgr, struct session *sess, enum flow_direction dir, const struct packet_layer *tcp_layer, uint64_t now)
|
||||
{
|
||||
struct tcp_segment *seg;
|
||||
struct tcphdr *hdr = (struct tcphdr *)tcp_layer->hdr_ptr;
|
||||
@@ -400,25 +400,25 @@ static void tcp_update(struct session_manager *mgr, struct session *sess, enum s
|
||||
* Session Direction
|
||||
******************************************************************************/
|
||||
|
||||
static enum session_direction identify_direction_by_port(uint16_t src_port, uint16_t dst_port)
|
||||
static enum flow_direction identify_direction_by_port(uint16_t src_port, uint16_t dst_port)
|
||||
{
|
||||
// big port is client
|
||||
if (src_port > dst_port)
|
||||
{
|
||||
return SESSION_DIRECTION_C2S;
|
||||
return FLOW_DIRECTION_C2S;
|
||||
}
|
||||
else if (src_port < dst_port)
|
||||
{
|
||||
return SESSION_DIRECTION_S2C;
|
||||
return FLOW_DIRECTION_S2C;
|
||||
}
|
||||
else
|
||||
{
|
||||
// if port is equal, first packet is C2S
|
||||
return SESSION_DIRECTION_C2S;
|
||||
return FLOW_DIRECTION_C2S;
|
||||
}
|
||||
}
|
||||
|
||||
static enum session_direction identify_direction_by_history(const struct session *sess, const struct tuple6 *key)
|
||||
static enum flow_direction identify_direction_by_history(const struct session *sess, const struct tuple6 *key)
|
||||
{
|
||||
if (tuple6_cmp(session_get_tuple(sess), key) == 0)
|
||||
{
|
||||
@@ -426,7 +426,7 @@ static enum session_direction identify_direction_by_history(const struct session
|
||||
}
|
||||
else
|
||||
{
|
||||
return (session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S ? SESSION_DIRECTION_S2C : SESSION_DIRECTION_C2S);
|
||||
return (session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S ? FLOW_DIRECTION_S2C : FLOW_DIRECTION_C2S);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -471,7 +471,7 @@ static int duplicated_packet_bypass(struct session_manager *mgr, struct session
|
||||
return 0;
|
||||
}
|
||||
|
||||
enum session_direction dir = identify_direction_by_history(sess, key);
|
||||
enum flow_direction dir = identify_direction_by_history(sess, key);
|
||||
if (session_get_stat(sess, dir, STAT_RAW_PKTS_RX) < 3 || session_has_dup_traffic(sess))
|
||||
{
|
||||
if (duplicated_packet_filter_lookup(mgr->dup_pkt_filter, pkt, now))
|
||||
@@ -507,7 +507,7 @@ static int duplicated_packet_bypass(struct session_manager *mgr, struct session
|
||||
* Session Manager
|
||||
******************************************************************************/
|
||||
|
||||
static void session_update(struct session *sess, enum session_state next_state, const struct packet *pkt, const struct tuple6 *key, enum session_direction dir)
|
||||
static void session_update(struct session *sess, enum session_state next_state, const struct packet *pkt, const struct tuple6 *key, enum flow_direction dir)
|
||||
{
|
||||
struct timespec real;
|
||||
clock_gettime(CLOCK_REALTIME, &real); // must be realtime
|
||||
@@ -517,6 +517,32 @@ static void session_update(struct session *sess, enum session_state next_state,
|
||||
session_set_id(sess, id_generator_alloc());
|
||||
session_set_tuple(sess, key);
|
||||
session_set_tuple_direction(sess, dir);
|
||||
|
||||
enum packet_direction pkt_dir = packet_get_direction(pkt);
|
||||
|
||||
if (dir == FLOW_DIRECTION_C2S)
|
||||
{
|
||||
if (pkt_dir == PACKET_DIRECTION_OUTGOING) // Internal -> External
|
||||
{
|
||||
session_set_direction(sess, SESSION_DIRECTION_OUTBOUND);
|
||||
}
|
||||
else
|
||||
{
|
||||
session_set_direction(sess, SESSION_DIRECTION_INBOUND);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if (pkt_dir == PACKET_DIRECTION_OUTGOING) // Internal -> External
|
||||
{
|
||||
session_set_direction(sess, SESSION_DIRECTION_INBOUND);
|
||||
}
|
||||
else
|
||||
{
|
||||
session_set_direction(sess, SESSION_DIRECTION_OUTBOUND);
|
||||
}
|
||||
}
|
||||
|
||||
tuple6_to_str(key, sess->tuple_str, sizeof(sess->tuple_str));
|
||||
session_set_timestamp(sess, SESSION_TIMESTAMP_START, real.tv_sec);
|
||||
switch (key->ip_proto)
|
||||
@@ -536,20 +562,20 @@ static void session_update(struct session *sess, enum session_state next_state,
|
||||
session_inc_stat(sess, dir, STAT_RAW_PKTS_RX, 1);
|
||||
session_inc_stat(sess, dir, STAT_RAW_BYTES_RX, packet_get_len(pkt));
|
||||
|
||||
if (!session_get_1st_packet(sess, dir))
|
||||
if (!session_get_first_packet(sess, dir))
|
||||
{
|
||||
struct route_ctx ctx = {0};
|
||||
struct sid_list list = {0};
|
||||
packet_get_route_ctx(pkt, &ctx);
|
||||
packet_get_sid_list(pkt, &list);
|
||||
|
||||
session_set_1st_packet(sess, dir, pkt);
|
||||
session_set_first_packet(sess, dir, pkt);
|
||||
session_set_route_ctx(sess, dir, &ctx);
|
||||
session_set_sid_list(sess, dir, &list);
|
||||
}
|
||||
|
||||
session_set_current_packet(sess, pkt);
|
||||
session_set_current_direction(sess, dir);
|
||||
session_set_flow_direction(sess, dir);
|
||||
session_set_timestamp(sess, SESSION_TIMESTAMP_LAST, real.tv_sec);
|
||||
session_set_state(sess, next_state);
|
||||
}
|
||||
@@ -615,7 +641,7 @@ static struct session *session_manager_new_tcp_session(struct session_manager *m
|
||||
session_manager_evicte_session(mgr, evic_sess, now);
|
||||
}
|
||||
|
||||
enum session_direction dir = (flags & TH_ACK) ? SESSION_DIRECTION_S2C : SESSION_DIRECTION_C2S;
|
||||
enum flow_direction dir = (flags & TH_ACK) ? FLOW_DIRECTION_S2C : FLOW_DIRECTION_C2S;
|
||||
struct session *sess = session_pool_pop(mgr->sess_pool);
|
||||
if (sess == NULL)
|
||||
{
|
||||
@@ -671,7 +697,7 @@ static struct session *session_manager_new_udp_session(struct session_manager *m
|
||||
session_init(sess);
|
||||
sess->mgr_stat = &mgr->stat;
|
||||
|
||||
enum session_direction dir = identify_direction_by_port(ntohs(key->src_port), ntohs(key->dst_port));
|
||||
enum flow_direction dir = identify_direction_by_port(ntohs(key->src_port), ntohs(key->dst_port));
|
||||
enum session_state next_state = session_transition_run(SESSION_STATE_INIT, UDP_DATA);
|
||||
session_update(sess, next_state, pkt, key, dir);
|
||||
session_transition_log(sess, SESSION_STATE_INIT, next_state, UDP_DATA);
|
||||
@@ -690,7 +716,7 @@ static int session_manager_update_tcp_session(struct session_manager *mgr, struc
|
||||
{
|
||||
const struct packet_layer *tcp_layer = packet_get_innermost_layer(pkt, LAYER_TYPE_TCP);
|
||||
const struct tcphdr *hdr = (const struct tcphdr *)tcp_layer->hdr_ptr;
|
||||
enum session_direction dir = identify_direction_by_history(sess, key);
|
||||
enum flow_direction dir = identify_direction_by_history(sess, key);
|
||||
uint8_t flags = tcp_hdr_get_flags(hdr);
|
||||
int inputs = 0;
|
||||
inputs |= (flags & TH_SYN) ? TCP_SYN : NONE;
|
||||
@@ -714,17 +740,17 @@ static int session_manager_update_tcp_session(struct session_manager *mgr, struc
|
||||
{
|
||||
if (flags & TH_FIN)
|
||||
{
|
||||
session_set_closing_reason(sess, (dir == SESSION_DIRECTION_C2S ? CLOSING_BY_CLIENT_FIN : CLOSING_BY_SERVER_FIN));
|
||||
session_set_closing_reason(sess, (dir == FLOW_DIRECTION_C2S ? CLOSING_BY_CLIENT_FIN : CLOSING_BY_SERVER_FIN));
|
||||
}
|
||||
if (flags & TH_RST)
|
||||
{
|
||||
session_set_closing_reason(sess, (dir == SESSION_DIRECTION_C2S ? CLOSING_BY_CLIENT_RST : CLOSING_BY_SERVER_RST));
|
||||
session_set_closing_reason(sess, (dir == FLOW_DIRECTION_C2S ? CLOSING_BY_CLIENT_RST : CLOSING_BY_SERVER_RST));
|
||||
}
|
||||
}
|
||||
|
||||
// update timeout
|
||||
struct tcp_half *curr = &sess->tcp_halfs[dir];
|
||||
struct tcp_half *peer = &sess->tcp_halfs[(dir == SESSION_DIRECTION_C2S ? SESSION_DIRECTION_S2C : SESSION_DIRECTION_C2S)];
|
||||
struct tcp_half *peer = &sess->tcp_halfs[(dir == FLOW_DIRECTION_C2S ? FLOW_DIRECTION_S2C : FLOW_DIRECTION_C2S)];
|
||||
uint64_t timeout = 0;
|
||||
switch (next_state)
|
||||
{
|
||||
@@ -773,7 +799,7 @@ static int session_manager_update_tcp_session(struct session_manager *mgr, struc
|
||||
|
||||
static int session_manager_update_udp_session(struct session_manager *mgr, struct session *sess, const struct packet *pkt, const struct tuple6 *key, uint64_t now)
|
||||
{
|
||||
enum session_direction dir = identify_direction_by_history(sess, key);
|
||||
enum flow_direction dir = identify_direction_by_history(sess, key);
|
||||
enum session_state curr_state = session_get_state(sess);
|
||||
enum session_state next_state = session_transition_run(curr_state, UDP_DATA);
|
||||
session_update(sess, next_state, pkt, key, dir);
|
||||
@@ -951,16 +977,16 @@ void session_manager_free_session(struct session_manager *mgr, struct session *s
|
||||
}
|
||||
|
||||
session_free_all_ex_data(sess);
|
||||
packet_free((struct packet *)session_get_1st_packet(sess, SESSION_DIRECTION_C2S));
|
||||
packet_free((struct packet *)session_get_1st_packet(sess, SESSION_DIRECTION_S2C));
|
||||
session_set_1st_packet(sess, SESSION_DIRECTION_C2S, NULL);
|
||||
session_set_1st_packet(sess, SESSION_DIRECTION_S2C, NULL);
|
||||
session_clear_route_ctx(sess, SESSION_DIRECTION_C2S);
|
||||
session_clear_route_ctx(sess, SESSION_DIRECTION_S2C);
|
||||
session_clear_sid_list(sess, SESSION_DIRECTION_C2S);
|
||||
session_clear_sid_list(sess, SESSION_DIRECTION_S2C);
|
||||
packet_free((struct packet *)session_get_first_packet(sess, FLOW_DIRECTION_C2S));
|
||||
packet_free((struct packet *)session_get_first_packet(sess, FLOW_DIRECTION_S2C));
|
||||
session_set_first_packet(sess, FLOW_DIRECTION_C2S, NULL);
|
||||
session_set_first_packet(sess, FLOW_DIRECTION_S2C, NULL);
|
||||
session_clear_route_ctx(sess, FLOW_DIRECTION_C2S);
|
||||
session_clear_route_ctx(sess, FLOW_DIRECTION_S2C);
|
||||
session_clear_sid_list(sess, FLOW_DIRECTION_C2S);
|
||||
session_clear_sid_list(sess, FLOW_DIRECTION_S2C);
|
||||
session_set_current_packet(sess, NULL);
|
||||
session_set_current_direction(sess, SESSION_DIRECTION_NONE);
|
||||
session_set_flow_direction(sess, FLOW_DIRECTION_NONE);
|
||||
session_pool_push(mgr->sess_pool, sess);
|
||||
sess = NULL;
|
||||
}
|
||||
|
||||
@@ -43,9 +43,9 @@ struct tcp_half
|
||||
struct session
|
||||
{
|
||||
uint64_t id;
|
||||
uint64_t stats[MAX_DIRECTION][MAX_STAT];
|
||||
uint64_t stats[MAX_FLOW_DIRECTION][MAX_STAT];
|
||||
uint64_t timestamps[MAX_TIMESTAMP];
|
||||
struct tcp_half tcp_halfs[MAX_DIRECTION];
|
||||
struct tcp_half tcp_halfs[MAX_FLOW_DIRECTION];
|
||||
struct timeout timeout;
|
||||
struct list_head lru;
|
||||
struct list_head free;
|
||||
@@ -55,16 +55,17 @@ struct session
|
||||
UT_hash_handle hh3;
|
||||
struct tuple6 tuple;
|
||||
char tuple_str[TUPLE6_STR_SIZE];
|
||||
struct sid_list sids[MAX_DIRECTION];
|
||||
struct route_ctx route_ctx[MAX_DIRECTION];
|
||||
const struct packet *first_pkt[MAX_DIRECTION];
|
||||
struct sid_list sids[MAX_FLOW_DIRECTION];
|
||||
struct route_ctx route_ctx[MAX_FLOW_DIRECTION];
|
||||
const struct packet *first_pkt[MAX_FLOW_DIRECTION];
|
||||
const struct packet *curr_pkt;
|
||||
void *ex_data[EX_DATA_MAX_COUNT];
|
||||
void *user_data;
|
||||
int is_symmetric;
|
||||
int dup;
|
||||
enum session_direction tuple_dir;
|
||||
enum session_direction cur_dir;
|
||||
enum session_direction sess_dir;
|
||||
enum flow_direction tuple_dir;
|
||||
enum flow_direction flow_dir;
|
||||
enum session_type type;
|
||||
enum session_state state;
|
||||
enum closing_reason reason;
|
||||
@@ -73,28 +74,37 @@ struct session
|
||||
|
||||
void session_init(struct session *sess);
|
||||
void session_set_id(struct session *sess, uint64_t id);
|
||||
|
||||
void session_set_tuple(struct session *sess, const struct tuple6 *key);
|
||||
const struct tuple6 *session_get_tuple(const struct session *sess);
|
||||
void session_set_tuple_direction(struct session *sess, enum session_direction dir);
|
||||
enum session_direction session_get_tuple_direction(const struct session *sess);
|
||||
void session_set_current_direction(struct session *sess, enum session_direction dir);
|
||||
|
||||
void session_set_tuple_direction(struct session *sess, enum flow_direction dir);
|
||||
enum flow_direction session_get_tuple_direction(const struct session *sess);
|
||||
|
||||
void session_set_direction(struct session *sess, enum session_direction dir);
|
||||
void session_set_flow_direction(struct session *sess, enum flow_direction dir);
|
||||
void session_set_state(struct session *sess, enum session_state state);
|
||||
void session_set_type(struct session *sess, enum session_type type);
|
||||
void session_set_dup_traffic(struct session *sess);
|
||||
void session_set_closing_reason(struct session *sess, enum closing_reason reason);
|
||||
void session_inc_stat(struct session *sess, enum session_direction dir, enum session_stat stat, uint64_t val);
|
||||
void session_inc_stat(struct session *sess, enum flow_direction dir, enum session_stat stat, uint64_t val);
|
||||
void session_set_timestamp(struct session *sess, enum session_timestamp type, uint64_t value);
|
||||
void session_clear_sid_list(struct session *sess, enum session_direction dir);
|
||||
void session_set_sid_list(struct session *sess, enum session_direction dir, const struct sid_list *list);
|
||||
void session_get_sid_list(const struct session *sess, enum session_direction dir, struct sid_list *list);
|
||||
void session_clear_route_ctx(struct session *sess, enum session_direction dir);
|
||||
void session_set_route_ctx(struct session *sess, enum session_direction dir, const struct route_ctx *ctx);
|
||||
void session_get_route_ctx(const struct session *sess, enum session_direction dir, struct route_ctx *ctx);
|
||||
void session_set_1st_packet(struct session *sess, enum session_direction dir, const struct packet *pkt);
|
||||
|
||||
void session_clear_sid_list(struct session *sess, enum flow_direction dir);
|
||||
void session_set_sid_list(struct session *sess, enum flow_direction dir, const struct sid_list *list);
|
||||
void session_get_sid_list(const struct session *sess, enum flow_direction dir, struct sid_list *list);
|
||||
|
||||
void session_clear_route_ctx(struct session *sess, enum flow_direction dir);
|
||||
void session_set_route_ctx(struct session *sess, enum flow_direction dir, const struct route_ctx *ctx);
|
||||
void session_get_route_ctx(const struct session *sess, enum flow_direction dir, struct route_ctx *ctx);
|
||||
|
||||
void session_set_first_packet(struct session *sess, enum flow_direction dir, const struct packet *pkt);
|
||||
void session_set_current_packet(struct session *sess, const struct packet *pkt);
|
||||
const struct packet *session_get_current_packet(const struct session *sess);
|
||||
|
||||
void session_set_user_data(struct session *sess, void *user_data);
|
||||
void *session_get_user_data(const struct session *sess);
|
||||
|
||||
struct tcp_segment *session_get_tcp_segment(struct session *sess);
|
||||
void session_free_tcp_segment(struct session *sess, struct tcp_segment *seg);
|
||||
|
||||
@@ -133,6 +143,10 @@ void session_free_all_ex_data(struct session *sess);
|
||||
* debug
|
||||
******************************************************************************/
|
||||
|
||||
const char *session_type_to_str(enum session_type type);
|
||||
const char *session_state_to_str(enum session_state state);
|
||||
const char *flow_direction_to_str(enum flow_direction dir);
|
||||
const char *closing_reason_to_str(enum closing_reason reason);
|
||||
void session_print(struct session *sess);
|
||||
int session_to_json(struct session *sess, char *buff, int size);
|
||||
|
||||
|
||||
@@ -319,60 +319,60 @@ TEST(CASE, TCP_FAST_OPEN)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "2400:ac40:620:a4d8:484f:d2b0:d539:bd4c:51682 -> 2001:4860:4860::8844:853, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 280);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 280);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) == NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) == NULL);
|
||||
|
||||
// TCP Segment
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_SEGS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_PLDS_RX) == 166);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_SEGS_EXPIRED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_PLDS_EXPIRED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_SEGS_RETRANSMIT) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_PLDS_RETRANSMIT) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_SEGS_OVERLAP) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_PLDS_OVERLAP) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_SEGS_NOSPACE) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_PLDS_NOSPACE) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_SEGS_INORDER) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_PLDS_INORDER) == 166);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_SEGS_REORDERED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_PLDS_REORDERED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_SEGS_BUFFERED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_PLDS_BUFFERED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_SEGS_RELEASED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_TCP_PLDS_RELEASED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_SEGS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_PLDS_RX) == 166);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_SEGS_EXPIRED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_PLDS_EXPIRED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_SEGS_RETRANSMIT) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_PLDS_RETRANSMIT) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_SEGS_OVERLAP) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_PLDS_OVERLAP) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_SEGS_NOSPACE) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_PLDS_NOSPACE) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_SEGS_INORDER) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_PLDS_INORDER) == 166);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_SEGS_REORDERED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_PLDS_REORDERED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_SEGS_BUFFERED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_PLDS_BUFFERED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_SEGS_RELEASED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_TCP_PLDS_RELEASED) == 0);
|
||||
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_SEGS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_PLDS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_SEGS_EXPIRED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_PLDS_EXPIRED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_SEGS_RETRANSMIT) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_PLDS_RETRANSMIT) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_SEGS_OVERLAP) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_PLDS_OVERLAP) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_SEGS_NOSPACE) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_PLDS_NOSPACE) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_SEGS_INORDER) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_PLDS_INORDER) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_SEGS_REORDERED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_PLDS_REORDERED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_SEGS_BUFFERED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_PLDS_BUFFERED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_SEGS_RELEASED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_TCP_PLDS_RELEASED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_SEGS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_PLDS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_SEGS_EXPIRED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_PLDS_EXPIRED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_SEGS_RETRANSMIT) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_PLDS_RETRANSMIT) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_SEGS_OVERLAP) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_PLDS_OVERLAP) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_SEGS_NOSPACE) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_PLDS_NOSPACE) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_SEGS_INORDER) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_PLDS_INORDER) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_SEGS_REORDERED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_PLDS_REORDERED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_SEGS_BUFFERED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_PLDS_BUFFERED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_SEGS_RELEASED) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_TCP_PLDS_RELEASED) == 0);
|
||||
|
||||
session_print(sess);
|
||||
|
||||
|
||||
@@ -117,21 +117,21 @@ TEST(TCP_ACTIVE_TO_CLOSING, BY_FIN_FIN)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_FIN);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 145 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 145 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -203,21 +203,21 @@ TEST(TCP_ACTIVE_TO_CLOSING, BY_C2S_RST)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_RST);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 145 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 145 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) == NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) == NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -289,21 +289,21 @@ TEST(TCP_ACTIVE_TO_CLOSING, BY_S2C_RST)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_SERVER_RST);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 145);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 145);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -415,21 +415,21 @@ TEST(TCP_ACTIVE_TO_CLOSING, BY_C2S_HALF_CLOSED_TIMEOUT)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_FIN);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 145 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 145 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) == NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) == NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -494,21 +494,21 @@ TEST(TCP_ACTIVE_TO_CLOSING, BY_S2C_HALF_CLOSED_TIMEOUT)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_SERVER_FIN);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 145);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 145);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
|
||||
@@ -76,21 +76,21 @@ TEST(TCP_INIT_TO_OPENING, BY_SYN)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) == NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) == NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -153,21 +153,21 @@ TEST(TCP_INIT_TO_OPENING, BY_SYNACK)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "93.184.216.34:80 -> 192.168.38.105:60111, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) == NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) == NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -241,21 +241,21 @@ TEST(TCP_INIT_TO_OPENING, BY_SYN_SYNACK)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -340,21 +340,21 @@ TEST(TCP_INIT_TO_OPENING, BY_SYN_SYNACK_ACK)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -435,21 +435,21 @@ TEST(TCP_INIT_TO_OPENING, BY_SYN_RETRANSMISSION)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 78);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 78);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) == NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) == NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -531,21 +531,21 @@ TEST(TCP_INIT_TO_OPENING, BY_SYNACK_RETRANSMISSION)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "93.184.216.34:80 -> 192.168.38.105:60111, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) == NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) == NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -619,21 +619,21 @@ TEST(TCP_INIT_TO_OPENING, BY_C2S_ASMMETRIC)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) == NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) == NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -707,21 +707,21 @@ TEST(TCP_INIT_TO_OPENING, BY_S2C_ASMMETRIC)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "93.184.216.34:80 -> 192.168.38.105:60111, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) == NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) == NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
|
||||
@@ -72,21 +72,21 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
|
||||
memset(buffer, 0, sizeof(buffer));
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) == NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) == NULL);
|
||||
|
||||
// S2C SYNACK Packet
|
||||
printf("\n=> Packet Parse: TCP S2C SYNACK packet\n");
|
||||
@@ -103,21 +103,21 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
|
||||
memset(buffer, 0, sizeof(buffer));
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
|
||||
// C2S ACK Packet
|
||||
printf("\n=> Packet Parse: TCP C2S ACK packet\n");
|
||||
@@ -134,21 +134,21 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
|
||||
memset(buffer, 0, sizeof(buffer));
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
|
||||
// C2S REQ Packet
|
||||
printf("\n=> Packet Parse: TCP C2S REQ packet\n");
|
||||
@@ -165,21 +165,21 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
|
||||
memset(buffer, 0, sizeof(buffer));
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_ACTIVE);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66 + 145);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66 + 145);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
|
||||
// S2C ACK Packet
|
||||
printf("\n=> Packet Parse: TCP S2C ACK packet\n");
|
||||
@@ -196,21 +196,21 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
|
||||
memset(buffer, 0, sizeof(buffer));
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_ACTIVE);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66 + 145);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66 + 145);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
|
||||
// S2C HTTP Resp Packet1
|
||||
printf("\n=> Packet Parse: TCP S2C Resp packet1\n");
|
||||
@@ -227,21 +227,21 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
|
||||
memset(buffer, 0, sizeof(buffer));
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_ACTIVE);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66 + 145);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 66 + 1354);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66 + 145);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 66 + 1354);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
|
||||
// S2C HTTP Resp Packet2
|
||||
printf("\n=> Packet Parse: TCP S2C Resp packet2\n");
|
||||
@@ -258,21 +258,21 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
|
||||
memset(buffer, 0, sizeof(buffer));
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_ACTIVE);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66 + 145);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 66 + 1354 + 385);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66 + 145);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 66 + 1354 + 385);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
|
||||
// C2S ACK Packet
|
||||
printf("\n=> Packet Parse: TCP C2S ACK packet\n");
|
||||
@@ -289,21 +289,21 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
|
||||
memset(buffer, 0, sizeof(buffer));
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_ACTIVE);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66 + 145 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 66 + 1354 + 385);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66 + 145 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 66 + 1354 + 385);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
|
||||
// C2S FIN Packet
|
||||
printf("\n=> Packet Parse: TCP C2S FIN packet\n");
|
||||
@@ -320,21 +320,21 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
|
||||
memset(buffer, 0, sizeof(buffer));
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_FIN);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66 + 145 + 66 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 66 + 1354 + 385);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66 + 145 + 66 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 66 + 1354 + 385);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
|
||||
// S2C FIN Packet
|
||||
printf("\n=> Packet Parse: TCP S2C FIN packet\n");
|
||||
@@ -351,21 +351,21 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
|
||||
memset(buffer, 0, sizeof(buffer));
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_FIN);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66 + 145 + 66 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 66 + 1354 + 385 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66 + 145 + 66 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 66 + 1354 + 385 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
|
||||
// C2S ACK Packet
|
||||
printf("\n=> Packet Parse: TCP C2S ACK packet\n");
|
||||
@@ -382,21 +382,21 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
|
||||
memset(buffer, 0, sizeof(buffer));
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_FIN);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66 + 145 + 66 + 66 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 66 + 1354 + 385 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66 + 145 + 66 + 66 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 66 + 1354 + 385 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1 + 1 + 1 + 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
|
||||
// check stat
|
||||
stat = session_manager_stat(mgr);
|
||||
|
||||
@@ -86,21 +86,21 @@ TEST(TCP_OPENING_TO_ACTIVE, BY_SYN_C2S_DATA)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_ACTIVE);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 145);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 145);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) == NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) == NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -174,21 +174,21 @@ TEST(TCP_OPENING_TO_ACTIVE, BY_SYNACK_S2C_DATA)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "93.184.216.34:80 -> 192.168.38.105:60111, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_ACTIVE);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 1354);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74 + 1354);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) == NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) == NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
|
||||
@@ -98,21 +98,21 @@ TEST(TCP_OPENING_TO_CLOSING, BY_FIN_FIN)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_FIN);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -192,21 +192,21 @@ TEST(TCP_OPENING_TO_CLOSING, BY_C2S_RST)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_RST);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) == NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) == NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -286,21 +286,21 @@ TEST(TCP_OPENING_TO_CLOSING, BY_S2C_RST)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_SERVER_RST);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -429,21 +429,21 @@ TEST(TCP_OPENING_TO_CLOSING, BY_HANDSHAKE_TIMEOUT)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -528,21 +528,21 @@ TEST(TCP_OPENING_TO_CLOSING, BY_DATA_TIMEOUT)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -616,21 +616,21 @@ TEST(TCP_OPENING_TO_CLOSING, BY_C2S_HALF_FIN)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_FIN);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78 + 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1 + 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) == NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) == NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -703,21 +703,21 @@ TEST(TCP_OPENING_TO_CLOSING, BY_S2C_HALF_FIN)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_SERVER_FIN);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 78);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 66);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
|
||||
@@ -71,21 +71,21 @@ TEST(UDP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING, TEST)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:61099 -> 121.14.154.93:53, proto: 17, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_UDP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) == NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) == NULL);
|
||||
|
||||
// S2C RESP Packet
|
||||
printf("\n=> Packet Parse: UDP S2C RESP packet\n");
|
||||
@@ -101,21 +101,21 @@ TEST(UDP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING, TEST)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:61099 -> 121.14.154.93:53, proto: 17, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_ACTIVE);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_UDP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 550);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 550);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
|
||||
@@ -76,21 +76,21 @@ TEST(UDP_INIT_TO_OPENING_TO_CLOSING, BY_C2S)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "192.168.38.105:61099 -> 121.14.154.93:53, proto: 17, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_UDP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 74);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) == NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_C2S);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) != NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) == NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
@@ -154,21 +154,21 @@ TEST(UDP_INIT_TO_OPENING_TO_CLOSING, BY_S2C)
|
||||
EXPECT_TRUE(session_get_id(sess) != 0);
|
||||
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
|
||||
EXPECT_STREQ(buffer, "121.14.154.93:53 -> 192.168.38.105:61099, proto: 17, domain: 0");
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_tuple_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
|
||||
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_UDP);
|
||||
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
|
||||
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 550);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, SESSION_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_BYTES_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_BYTES_RX) == 550);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_C2S, STAT_RAW_PKTS_RX) == 0);
|
||||
EXPECT_TRUE(session_get_stat(sess, FLOW_DIRECTION_S2C, STAT_RAW_PKTS_RX) == 1);
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_START));
|
||||
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
|
||||
EXPECT_TRUE(session_get_current_packet(sess) == &pkt);
|
||||
EXPECT_TRUE(session_get_current_direction(sess) == SESSION_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_C2S) == NULL);
|
||||
EXPECT_TRUE(session_get_1st_packet(sess, SESSION_DIRECTION_S2C) != NULL);
|
||||
EXPECT_TRUE(session_get_flow_direction(sess) == FLOW_DIRECTION_S2C);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_C2S) == NULL);
|
||||
EXPECT_TRUE(session_get_first_packet(sess, FLOW_DIRECTION_S2C) != NULL);
|
||||
session_print(sess);
|
||||
|
||||
// check stat
|
||||
|
||||
Reference in New Issue
Block a user