1 files changed, 8 insertions, 28 deletions

diff --git a/entry/src/kni_entry.cpp b/entry/src/kni_entry.cpp
index b9706a7..a3da110 100644
--- a/entry/src/kni_entry.cpp
+++ b/entry/src/kni_entry.cpp
@@ -1217,16 +1217,19 @@ static void set_timestamp_depend_first_data(struct streaminfo *stream, struct pm
 	}
 }
 
-static int is_stream_can_intercept(struct streaminfo *stream, struct pme_info *pmeinfo, struct pkt_info *pktinfo, int thread_seq){
+static int first_data_intercept(struct streaminfo *stream, struct pme_info *pmeinfo, struct pkt_info *pktinfo, int thread_seq){
 	FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_INTCP_READY_STM], 0, FS_OP_ADD, 1);
+	//FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_INTCP_READY_BYTE], 0, FS_OP_ADD, pktinfo->ip_totlen);
 	void *logger = g_kni_handle->local_logger;
-	int ret;
+	char *buff = NULL;
+	int ret, len;
     //intercept_error: TCP CTEAT LINK NOT BYSYN or TCP_CREATE_LINK_MODE error
 	unsigned char intercept_stream_link_mode;
 	int intercept_stream_link_mode_len = sizeof(unsigned char);
 	unsigned short stream_tunnel_type = STREAM_TUNNLE_NON;
 	int stream_tunnel_type_len = sizeof(unsigned short);
-
+	int has_dup_traffic;
+	int have_dup_pkt_len = sizeof(has_dup_traffic);
 	ret=MESA_get_stream_opt(stream, MSO_TCP_CREATE_LINK_MODE, (void *)&intercept_stream_link_mode, &intercept_stream_link_mode_len);
 	if(ret == 0){
 		if(intercept_stream_link_mode != TCP_CTEAT_LINK_BYSYN){
@@ -1242,6 +1245,7 @@ static int is_stream_can_intercept(struct streaminfo *stream, struct pme_info *p
 		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_INTCPERR_GET_LINK_MODE_ERR], 0, FS_OP_ADD, 1);
 		goto error_out;
 	}
+
 	ret=MESA_get_stream_opt(stream, MSO_STREAM_TUNNEL_TYPE, (void *)&stream_tunnel_type, &stream_tunnel_type_len);
 	if(ret == 0){
 		if(stream_tunnel_type != STREAM_TUNNLE_NON){
@@ -1308,19 +1312,6 @@ static int is_stream_can_intercept(struct streaminfo *stream, struct pme_info *p
 		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_INTCPERR_NO_TFE], 0, FS_OP_ADD, 1);
 		goto error_out;
 	}
-	return 1;
-error_out:
-	return 0;
-}
-
-static int first_data_intercept(struct streaminfo *stream, struct pme_info *pmeinfo, struct pkt_info *pktinfo, int thread_seq){
-	FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_INTCP_READY_STM], 0, FS_OP_ADD, 1);
-	//FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_INTCP_READY_BYTE], 0, FS_OP_ADD, pktinfo->ip_totlen);
-	void *logger = g_kni_handle->local_logger;
-	char *buff = NULL;
-	int ret, len;
-	int has_dup_traffic;
-	int have_dup_pkt_len = sizeof(has_dup_traffic);
 
 	//dup_traffic_check
 	if(g_kni_handle->dup_traffic_switch == 1){
@@ -1406,8 +1397,7 @@ static int first_data_intercept(struct streaminfo *stream, struct pme_info *pmei
 					}
 				}
 			}
-			return INTERCEPT_RET_CODE_BYPASS;
-			//return APP_STATE_FAWPKT  | APP_STATE_KILL_FOLLOW | APP_STATE_GIVEME;
+			return APP_STATE_FAWPKT | APP_STATE_KILL_FOLLOW | APP_STATE_GIVEME;
 		}
 	}
 
@@ -1474,14 +1464,12 @@ static int first_data_intercept(struct streaminfo *stream, struct pme_info *pmei
 	}
 	FREE(&buff);
 	return 0;
-	//return APP_STATE_DROPPKT | APP_STATE_KILL_FOLLOW | APP_STATE_GIVEME;
 
 error_out:
 	if(buff != NULL){
 		FREE(&buff);
 	}
 	return -1;
-	//return APP_STATE_FAWPKT  | APP_STATE_KILL_FOLLOW | APP_STATE_DROPME;
 }
 
 static int dabloom_search(struct pkt_info *pktinfo, int thread_seq){
@@ -1672,14 +1660,6 @@ char first_data_process(struct streaminfo *stream, struct pme_info *pmeinfo, con
 	void *logger = g_kni_handle->local_logger;
 
 	read_stream_intercept_status(stream, pmeinfo, thread_seq);
-	
-	if(pmeinfo->check_data_packets_num == 1)
-	{
-		int ret = is_stream_can_intercept(stream, pmeinfo, pktinfo, thread_seq);
-		if(ret == 0){
-			return APP_STATE_FAWPKT | APP_STATE_DROPME;
-		}
-	}
 
 	if(pmeinfo->action == KNI_ACTION_INTERCEPT){
 		pmeinfo->ssl_intercept_state = 1;