]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2fe39cf)
ipfw: avoid critical error for broadcast 62/head
authorEric Leblond <eric@regit.org>
Fri, 7 Sep 2012 11:18:35 +0000 (13:18 +0200)
committerEric Leblond <eric@regit.org>
Fri, 7 Sep 2012 14:02:40 +0000 (16:02 +0200)
In some setup, suricata may receive broadcast packets and the call
to sendto may fail if the wrong interface is choosen by kernel.
This patch change the error treatment to avoid to leave when
this problem occurs.

src/source-ipfw.c patch | blob | blame | history

diff --git a/src/source-ipfw.c b/src/source-ipfw.c
index 83d440327ea40b57088e980911ced63db77c4ac7..174f0bb999b0141da8efc108d02f47b863e10347 100644 (file)
--- a/src/source-ipfw.c
+++ b/src/source-ipfw.c
@@ -634,9 +634,16 @@ TmEcode IPFWSetVerdict(ThreadVars *tv, IPFWThreadVars *ptv, Packet *p)
 
         IPFWMutexLock(nq);
         if (sendto(nq->fd, GET_PKT_DATA(p), GET_PKT_LEN(p), 0,(struct sockaddr *)&nq->ipfw_sin, nq->ipfw_sinlen) == -1) {
-            SCLogWarning(SC_WARN_IPFW_XMIT,"Write to ipfw divert socket failed: %s",strerror(errno));
-            IPFWMutexUnlock(nq);
-            SCReturnInt(TM_ECODE_FAILED);
+            int r = errno;
+            switch (r) {
+                default:
+                    SCLogWarning(SC_WARN_IPFW_XMIT,"Write to ipfw divert socket failed: %s",strerror(r));
+                    IPFWMutexUnlock(nq);
+                    SCReturnInt(TM_ECODE_FAILED);
+                case EHOSTDOWN:
+                case ENETDOWN:
+                    break;
+            }
         }
 
         IPFWMutexUnlock(nq);
Mirror of https://github.com/OISF/suricata.git