From 1658b8dc847ae7ce8fea1b041c1383bb2ac5aee0 Mon Sep 17 00:00:00 2001
From: Jan Grashoefer <jan.grashoefer@gmail.com>
Date: Wed, 23 Sep 2020 15:46:11 +0200
Subject: [PATCH] Fix handling of session analysis.

This reverts commit 0e51be18ac59d7a176f18780f1f8df85561449b9.
---
 src/Sessions.cc        | 6 ++----
 src/iosource/Packet.cc | 3 +++
 src/iosource/Packet.h  | 4 ++--
 3 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/src/Sessions.cc b/src/Sessions.cc
index 64b110e8ee..79725bff5d 100644
--- a/src/Sessions.cc
+++ b/src/Sessions.cc
@@ -174,9 +174,7 @@ void NetSessions::NextPacket(double t, const Packet* pkt)
 		DoNextPacket(t, pkt, &ip_hdr, nullptr);
 		}
 
-	// Check that it wasn't set to L3_ARP here, or there's a bunch of extra weirds
-	// that get reported.
-	else if ( pkt->l3_proto != L3_ARP)
+	else
 		{
 		Weird("unknown_packet_type", pkt);
 		return;
@@ -340,7 +338,7 @@ void NetSessions::DoNextPacket(double t, const Packet* pkt, const IP_Hdr* ip_hdr
 	// last if present.
 	if ( ip_hdr->LastHeader() == IPPROTO_MOBILITY )
 		{
-		dump_this_packet = true;
+		pkt->dump_packet = true;
 
 		if ( ! ignore_checksums && mobility_header_checksum(ip_hdr) != 0xffff )
 			{
diff --git a/src/iosource/Packet.cc b/src/iosource/Packet.cc
index d8e985d153..152723f866 100644
--- a/src/iosource/Packet.cc
+++ b/src/iosource/Packet.cc
@@ -45,6 +45,9 @@ void Packet::Init(int arg_link_type, pkt_timeval *arg_ts, uint32_t arg_caplen,
 	else
 		data = arg_data;
 
+	session_analysis = false;
+	dump_packet = false;
+
 	time = ts.tv_sec + double(ts.tv_usec) / 1e6;
 	hdr_size = 0;
 	eth_type = 0;
diff --git a/src/iosource/Packet.h b/src/iosource/Packet.h
index ecb98ad7ea..8d4e5ba60d 100644
--- a/src/iosource/Packet.h
+++ b/src/iosource/Packet.h
@@ -212,12 +212,12 @@ public:
 	 * Indicates whether the packet should be processed by zeek's
 	 * session analysis in NetSessions.
 	 */
-	bool session_analysis = false;
+	bool session_analysis;
 
 	/**
 	 * Indicates whether this packet should be recorded.
 	 */
-	mutable bool dump_packet = false;
+	mutable bool dump_packet;
 
 	// Wrapper to generate a packet-level weird. Has to be public for packet analyzers to use it.
 	void Weird(const char* name);