Jon Siwek 066473b1f1 Improve analysis of TCP SYN/SYN-ACK reversal situations. ...

- Since it's just the handshake packets out of order, they're no
  longer treated as partial connections, which some protocol analyzers
  immediately refuse to look at.

- The TCP_Reassembler "is_orig" state failed to change, which led to
  protocol analyzers sometimes using the wrong value for that.

- Add a unit test which exercises the Connection::FlipRoles() code
  path (i.e. the SYN/SYN-ACK reversal situation).

Addresses BIT-1148.

2014-03-11 17:03:59 -05:00

6.2 KiB

Raw History

View raw