]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a6ed9b1)
reject: don't respond to tunnel packets
authorVictor Julien <victor@inliniac.net>
Fri, 12 Jun 2020 13:51:30 +0000 (15:51 +0200)
committerVictor Julien <victor@inliniac.net>
Sun, 28 Jun 2020 13:20:56 +0000 (15:20 +0200)
src/respond-reject.c patch | blob | blame | history

diff --git a/src/respond-reject.c b/src/respond-reject.c
index 8212396a9d1abec5b11a8f00cc77e96a34118755..6f054fc8ae6a3ae8eee46c82e715bd9b7e683a8f 100644 (file)
--- a/src/respond-reject.c
+++ b/src/respond-reject.c
@@ -62,6 +62,10 @@ static TmEcode RespondRejectFunc(ThreadVars *tv, Packet *p, void *data)
         return TM_ECODE_OK;
     }
 
+    if (IS_TUNNEL_PKT(p)) {
+        return TM_ECODE_OK;
+    }
+
     if (PKT_IS_IPV4(p)) {
         if (PKT_IS_TCP(p)) {
             (void)RejectSendIPv4TCP(tv, p, data);
Mirror of https://github.com/OISF/suricata.git