ipfw: avoid critical error for broadcast

In some setup, suricata may receive broadcast packets and the call
to sendto may fail if the wrong interface is choosen by kernel.
This patch change the error treatment to avoid to leave when
this problem occurs.

diff --git a/src/source-ipfw.c b/src/source-ipfw.c
index 36e7d682257140892dc3ae601faa4fafd62f2868..573ef5d7e73da16f40a29db0f28a1121a6ccbe8c 100644 (file)
--- a/src/source-ipfw.c
+++ b/src/source-ipfw.c
@@ -626,9 +626,16 @@ TmEcode IPFWSetVerdict(ThreadVars *tv, IPFWThreadVars *ptv, Packet *p)
 
         IPFWMutexLock(nq);
         if (sendto(nq->fd, GET_PKT_DATA(p), GET_PKT_LEN(p), 0,(struct sockaddr *)&nq->ipfw_sin, nq->ipfw_sinlen) == -1) {
-            SCLogWarning(SC_WARN_IPFW_XMIT,"Write to ipfw divert socket failed: %s",strerror(errno));
-            IPFWMutexUnlock(nq);
-            SCReturnInt(TM_ECODE_FAILED);
+            int r = errno;
+            switch (r) {
+                default:
+                    SCLogWarning(SC_WARN_IPFW_XMIT,"Write to ipfw divert socket failed: %s",strerror(r));
+                    IPFWMutexUnlock(nq);
+                    SCReturnInt(TM_ECODE_FAILED);
+                case EHOSTDOWN:
+                case ENETDOWN:
+                    break;
+            }
         }
 
         IPFWMutexUnlock(nq);