Merge remote-tracking branch 'origin/topic/jsiwek/tunnels-merge' into topic/robin/tunnels-merge

* origin/topic/jsiwek/tunnels-merge:
  Remove &synchronized from Tunnel::active table.
  Refactor of interal tunnel analysis code.
  Add state management of NetSessions's IP tunnel map.
  Add "encap_hdr_size" option back in.
  Script-layer tunnel interface cleanup.

src/Sessions.h

@@ -16,7 +16,7 @@
 
 struct pcap_pkthdr;
 
-class Encapsulation;
+class EncapsulationStack;
 class Connection;
 class ConnID;
 class OSFingerprint;
@@ -109,9 +109,9 @@ public:
 	void GetStats(SessionStats& s) const;
 
 	void Weird(const char* name, const struct pcap_pkthdr* hdr,
-	    const u_char* pkt, const Encapsulation* encap = 0);
+	    const u_char* pkt, const EncapsulationStack* encap = 0);
 	void Weird(const char* name, const IP_Hdr* ip,
-	    const Encapsulation* encap = 0);
+	    const EncapsulationStack* encap = 0);
 
 	PacketFilter* GetPacketFilter()
 		{
@@ -134,10 +134,10 @@ public:
 		return tcp_conns.Length() + udp_conns.Length() +
 			icmp_conns.Length();
 		}
-		
+
 	void DoNextPacket(double t, const struct pcap_pkthdr* hdr,
 			const IP_Hdr* ip_hdr, const u_char* const pkt,
-			int hdr_size, const Encapsulation* encapsulation);
+			int hdr_size, const EncapsulationStack* encapsulation);
 
 	/**
 	 * Wrapper that recurses on DoNextPacket for encapsulated IP packets.
@@ -147,10 +147,15 @@ public:
 	 *        so that the fake pcap header passed to DoNextPacket will use
 	 *        the same timeval.  The caplen and len fields of the fake pcap
 	 *        header are always set to the TotalLength() of \a inner.
-	 * @param outer The encapsulation information for the inner IP packet.
+	 * @param inner Pointer to IP header wrapper of the inner packet, ownership
+	 *        of the pointer's memory is assumed by this function.
+	 * @param prev Any previous encapsulation stack of the caller, not including
+	 *        the most-recently found depth of encapsulation.
+	 * @param ec The most-recently found depth of encapsulation.
 	 */
 	void DoNextInnerPacket(double t, const struct pcap_pkthdr* hdr,
-	                      const IP_Hdr* inner, const Encapsulation* outer);
+	                      const IP_Hdr* inner, const EncapsulationStack* prev,
+	                      const EncapsulatingConn& ec);
 
 	/**
 	 * Returns a wrapper IP_Hdr object if \a pkt appears to be a valid IPv4
@@ -181,10 +186,11 @@ protected:
 	friend class RemoteSerializer;
 	friend class ConnCompressor;
 	friend class TimerMgrExpireTimer;
+	friend class IPTunnelTimer;
 
 	Connection* NewConn(HashKey* k, double t, const ConnID* id,
 			const u_char* data, int proto, uint32 flow_lable,
-			const Encapsulation* encapsulation);
+			const EncapsulationStack* encapsulation);
 
 	// Check whether the tag of the current packet is consistent with
 	// the given connection.  Returns:
@@ -233,15 +239,17 @@ protected:
 	// than that protocol's minimum header size.
 	bool CheckHeaderTrunc(int proto, uint32 len, uint32 caplen,
 			      const struct pcap_pkthdr* hdr, const u_char* pkt,
-			      const Encapsulation* encap);
+			      const EncapsulationStack* encap);
 
 	CompositeHash* ch;
 	PDict(Connection) tcp_conns;
 	PDict(Connection) udp_conns;
 	PDict(Connection) icmp_conns;
 	PDict(FragReassembler) fragments;
+
 	typedef pair<IPAddr, IPAddr> IPPair;
-	typedef std::map<IPPair, EncapsulatingConn> IPTunnelMap;
+	typedef pair<EncapsulatingConn, double> TunnelActivity;
+	typedef std::map<IPPair, TunnelActivity> IPTunnelMap;
 	IPTunnelMap ip_tunnels;
 
 	ARP_Analyzer* arp_analyzer;
@@ -261,6 +269,21 @@ protected:
 	TimerMgrMap timer_mgrs;
 };
 
+
+class IPTunnelTimer : public Timer {
+public:
+	IPTunnelTimer(double t, NetSessions::IPPair p)
+	: Timer(t + BifConst::Tunnel::ip_tunnel_timeout,
+			TIMER_IP_TUNNEL_INACTIVITY), tunnel_idx(p) {}
+
+	~IPTunnelTimer() {}
+
+	void Dispatch(double t, int is_expire);
+
+protected:
+	NetSessions::IPPair tunnel_idx;
+};
+
 // Manager for the currently active sessions.
 extern NetSessions* sessions;