完成第二次握手后,需要对一些数据进行处理,代码如下:
- /*
- (如果有数据存在或者修列号不等于确认号的)并且
- 序列号在窗口之外
- 已经确认过的序号
- */
-
- if (
- ! (!datalen &&ntohl(this_tcphdr->th_seq)== rcv->ack_seq)
- &&
-
- /*th_seq - (ack_seq+ wscale) > 0 或者th_seq+datalen - ack_sql < 0*/
- ( !before(ntohl(this_tcphdr->th_seq), rcv->ack_seq+ rcv->window*rcv->wscale)||
- before(ntohl(this_tcphdr->th_seq)+ datalen, rcv->ack_seq)
- )
- )
- return;
-
-
-
- /*发送th_rst 重新开启一个连接*/
- if ((this_tcphdr->th_flags& TH_RST)){
- /*是tcp 数据*/
- if (a_tcp->nids_state== NIDS_DATA){
- struct lurker_node *i;
- a_tcp->nids_state= NIDS_RESET;
- for (i= a_tcp->listeners; i; i= i->next)
- (i->item)(a_tcp, &i->data);
- }
- nids_free_tcp_stream(a_tcp);
- return;
- }
然后开始第三次握手
/*******************************************************************************
第三次握手
******************************************************************************/
- 从client --> server的包
- 是从三次握手的第三个包分析开始的,进行一部分数据分析,和初始化
- 连接状态
- */
-
- if ((this_tcphdr->th_flags& TH_ACK)){
- if (from_client&& a_tcp->client.state== TCP_SYN_SENT&&
- a_tcp->server.state== TCP_SYN_RECV){
- if (ntohl(this_tcphdr->th_ack)== a_tcp->server.seq){
- a_tcp->client.state= TCP_ESTABLISHED;
- a_tcp->client.ack_seq= ntohl(this_tcphdr->th_ack);
- {
- struct proc_node *i;
- struct lurker_node *j;
- void *data;
-
- a_tcp->server.state= TCP_ESTABLISHED;
- a_tcp->nids_state= NIDS_JUST_EST;
- /*开始全双工传输,client server 连接已经建立起来了*/
-
- /*三次握手tcp ip 连接建立*/
- for (i= tcp_procs; i; i= i->next){
- char whatto = 0;
-
- char cc = a_tcp->client.collect;
- char sc = a_tcp->server.collect;
- char ccu = a_tcp->client.collect_urg;
- char scu = a_tcp->server.collect_urg;
-
- /*进入回调函数处理*/
-
- /*
- 如果在相应端口出现
- client.collect ++ ;
- 测审计次数据
- 对应用来说tcp 连接已经建立
- */
-
-
- (i->item)(a_tcp, &data);
-
- /**/
- if (cc< a_tcp->client.collect)
- whatto |= COLLECT_cc;
- if (ccu< a_tcp->client.collect_urg)
- whatto |= COLLECT_ccu;
- if (sc< a_tcp->server.collect)
- whatto |= COLLECT_sc;
- if (scu< a_tcp->server.collect_urg)
- whatto |= COLLECT_scu;
- if (nids_params.one_loop_less){
- if (a_tcp->client.collect>=2){
- a_tcp->client.collect=cc;
- whatto&=~COLLECT_cc;
- }
- if (a_tcp->server.collect>=2 ) {
- a_tcp->server.collect=sc;
- whatto&=~COLLECT_sc;
- }
- }
-
- /*加入监听队列,开始数据接收*/
- if (whatto){
- j = mknew(struct lurker_node);
- j->item= i->item;/*放入监听队列*/
- j->data= data;
- j->whatto= whatto;
-
- j->next= a_tcp->listeners;
- a_tcp->listeners= j;
- }
-
- }
-
-
- /*不存在监听着*/{
- nids_free_tcp_stream(a_tcp);
- return;
- }
- if (!a_tcp->listeners)
-
- a_tcp->nids_state= NIDS_DATA;
- }
- }
- // return;
- }
- }