Add: Added call to PQPing in dbConnectionStatusPOSTGRESQL().

     This modification can allow to detect a dead VPN tunnel
     (Requested fix)
Fix: configure directive disable_alert_on_each_packet_in_stream, will
     work properly.

configure.in

@@ -815,7 +815,8 @@ if test "x$with_postgresql" != "xno"; then
     postgresql_fail="no"
   fi
 
-  AC_MSG_CHECKING(for postgresql)
+
+    AC_MSG_CHECKING([for postgresql])
 
   if test "x$with_pgsql_includes" != "xno"; then
     for i in $with_pgsql_includes $postgresql_directory; do
@@ -861,6 +862,7 @@ if test "x$with_postgresql" != "xno"; then
     fi
   fi
 
+
   if test -z "$POSTGRESQL_DIR"; then
     for dir in $postgresql_directory; do
        for i in "lib" "lib/pgsql"; do
@@ -898,6 +900,36 @@ if test "x$with_postgresql" != "xno"; then
         exit 1
      fi
   fi
+
+AC_DEFUN([AC_CHECK_PGSQL_PQPING],
+[
+AC_MSG_CHECKING([PGSQL_API_VERSION for PQping support])
+AC_LINK_IFELSE([
+AC_LANG_SOURCE(
+[[
+#include <$2/pg_config.h>
+int main()
+{
+#ifdef PG_VERSION_NUM
+if(PG_VERSION_NUM >= $1)
+{
+return 0;
+}
+#endif
+return 1;
+}]])],
+[
+AC_DEFINE([HAVE_PQPING], 1,[libpq support PQping()])
+AC_MSG_RESULT([yes])
+],
+[
+AC_DEFINE([HAVE_PQPING],[0],[libpq does not support PQping()])
+AC_MSG_RESULT([no])
+])
+])
+
+AC_CHECK_PGSQL_PQPING([90100],[$POSTGRESQL_INC_DIR])
+
 fi
 
 AC_ARG_WITH(oracle, 

src/barnyard2.c

@@ -1585,8 +1585,17 @@ static Barnyard2Config * MergeBarnyard2Confs(Barnyard2Config *cmd_line, Barnyard
 
     if (cmd_line->pid_path[0] != '\0')
         ConfigPidPath(config_file, cmd_line->pid_path);
-
-    config_file->alert_on_each_packet_in_stream_flag = cmd_line->alert_on_each_packet_in_stream_flag;
+
+    if( (config_file->alert_on_each_packet_in_stream_flag == 0) &&
+	(cmd_line->alert_on_each_packet_in_stream_flag == 1))
+    {
+	config_file->alert_on_each_packet_in_stream_flag = 0;
+    }
+    else
+    {
+	config_file->alert_on_each_packet_in_stream_flag  = cmd_line->alert_on_each_packet_in_stream_flag;
+    }
+
     config_file->process_new_records_only_flag = cmd_line->process_new_records_only_flag;
 
 #ifdef SUP_IP6

src/output-plugins/spo_database.c

@@ -3950,6 +3950,21 @@ void Connect(DatabaseData * data)
 
 #ifdef ENABLE_POSTGRESQL
     case DB_POSTGRESQL:
+
+#ifdef HAVE_PQPING
+	/* Set PQPing String */
+	memset(data->p_pingString,'\0',1024);
+	if(SnortSnprintf(data->p_pingString,1024,"host='%s' port='%s' user='%s' dbname='%s'",
+			 data->host,
+			 data->port == NULL ? "5432" : data->port,
+			 data->user,
+			 data->dbname))
+	{
+	    /* XXX */
+	    FatalError("[%s()],unable to create PQPing connection string.. bailing \n",
+		       __FUNCTION__);
+	}
+#endif
 
         if (data->use_ssl == 1)
         {
@@ -5039,6 +5054,8 @@ u_int32_t dbConnectionStatusPOSTGRESQL(dbReliabilityHandle *pdbRH)
 {
     DatabaseData *data = NULL;
 
+    int PQpingRet = 0;
+
     if( (pdbRH == NULL) ||
         (pdbRH->dbdata == NULL))
     {
@@ -5051,6 +5068,40 @@ u_int32_t dbConnectionStatusPOSTGRESQL(dbReliabilityHandle *pdbRH)
 conn_test:
     if(data->p_connection != NULL)
     {
+
+#ifdef HAVE_PQPING
+	switch( (PQpingRet = PQping(data->p_pingString)))
+        {
+        case PQPING_OK:
+            break;
+
+        case PQPING_NO_ATTEMPT:
+	    LogMessage("[%s()], PQPing call assumed [PQPING_NO_ATTEMPT] using connection string [%s], continuing \n",
+		       __FUNCTION__,
+		       data->p_pingString);
+	    break;
+
+        case PQPING_REJECT:
+        case PQPING_NO_RESPONSE:
+        default:
+
+            LogMessage("[%s()], PQPing call retval[%d] seem's to indicate unreacheable server, assuming connection is dead \n",
+                       __FUNCTION__,
+		       PQpingRet);
+
+            if(checkTransactionState(pdbRH))
+            {
+                /* ResetState for the caller */
+                setReconnectState(pdbRH,1);
+                setTransactionCallFail(pdbRH);
+                setTransactionState(pdbRH);
+            }
+
+            PQreset(data->p_connection);
+            break;
+        }
+#endif
+
 	switch(PQstatus(data->p_connection))
 	{
 	case CONNECTION_OK:

src/output-plugins/spo_database.h

@@ -422,6 +422,10 @@ typedef struct _DatabaseData
 #ifdef ENABLE_POSTGRESQL
     PGconn * p_connection;
     PGresult * p_result;
+
+#ifdef HAVE_PQPING
+    char p_pingString[1024];
+#endif
 #endif
 #ifdef ENABLE_MYSQL
     MYSQL * m_sock;