output: skip files logging for ICMP packets

author Philippe Antoine <pantoine@oisf.net>

Mon, 4 Jul 2022 08:30:20 +0000 (10:30 +0200)

committer Jason Ish <jason.ish@oisf.net>

Thu, 7 Jul 2022 02:50:12 +0000 (21:50 -0500)
author Philippe Antoine <pantoine@oisf.net>
Mon, 4 Jul 2022 08:30:20 +0000 (10:30 +0200)
committer Jason Ish <jason.ish@oisf.net>
Thu, 7 Jul 2022 02:50:12 +0000 (21:50 -0500)
diff --git a/src/output-filedata.c b/src/output-filedata.c

index 35ed4968fe8dee66b02364ef3a971da0b2c87f44..d9aa82e889b4baf326f129f184da0ed693e176f8 100644 (file)
--- a/src/output-filedata.c
+++ b/src/output-filedata.c
@@ -238,6 +238,10 @@ static TmEcode OutputFiledataLog(ThreadVars *tv, Packet *p, void *thread_data)
      if (f == NULL || f->alstate == NULL) {
          SCReturnInt(TM_ECODE_OK);
      }
+    /* do not log for ICMP packets related to a TCP/UDP flow */
+    if (p->proto != IPPROTO_TCP && p->proto != IPPROTO_UDP) {
+        SCReturnInt(TM_ECODE_OK);
+    }
  
      const bool file_trunc = StreamTcpReassembleDepthReached(p);
      if (p->flowflags & FLOW_PKT_TOSERVER) {
author	Philippe Antoine <pantoine@oisf.net>
	Mon, 4 Jul 2022 08:30:20 +0000 (10:30 +0200)
committer	Jason Ish <jason.ish@oisf.net>
	Thu, 7 Jul 2022 02:50:12 +0000 (21:50 -0500)