output: skip files logging for ICMP packets

author Philippe Antoine <pantoine@oisf.net>

Mon, 4 Jul 2022 08:30:20 +0000 (10:30 +0200)

committer Philippe Antoine <pantoine@oisf.net>

Mon, 4 Jul 2022 08:30:20 +0000 (10:30 +0200)
author Philippe Antoine <pantoine@oisf.net>
Mon, 4 Jul 2022 08:30:20 +0000 (10:30 +0200)
committer Philippe Antoine <pantoine@oisf.net>
Mon, 4 Jul 2022 08:30:20 +0000 (10:30 +0200)
diff --git a/src/output-filedata.c b/src/output-filedata.c

index 2dea84817fe9b7ce3b9602f88f4253a8265ef0bf..dd943d2f809cb7f5907f870f05bd90158eb9f60f 100644 (file)
--- a/src/output-filedata.c
+++ b/src/output-filedata.c
@@ -229,6 +229,10 @@ static TmEcode OutputFiledataLog(ThreadVars *tv, Packet *p, void *thread_data)
      if (f == NULL || f->alstate == NULL) {
          SCReturnInt(TM_ECODE_OK);
      }
+    /* do not log for ICMP packets related to a TCP/UDP flow */
+    if (p->proto != IPPROTO_TCP && p->proto != IPPROTO_UDP) {
+        SCReturnInt(TM_ECODE_OK);
+    }
  
      const bool file_trunc = StreamTcpReassembleDepthReached(p);
      if (p->flowflags & FLOW_PKT_TOSERVER) {
author	Philippe Antoine <pantoine@oisf.net>
	Mon, 4 Jul 2022 08:30:20 +0000 (10:30 +0200)
committer	Philippe Antoine <pantoine@oisf.net>
	Mon, 4 Jul 2022 08:30:20 +0000 (10:30 +0200)