From: Victor Julien <vjulien@oisf.net>
Date: Wed, 16 Nov 2022 09:44:13 +0000 (+0100)
Subject: detect: apply drops to tunnel root
X-Git-Tag: suricata-6.0.9~32
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=778faaed966c6c06a08c6ecb04bee26cc453f374;p=thirdparty%2Fsuricata.git

detect: apply drops to tunnel root

`PacketDrop` applied a DROP to the current packet unconditionally,
while in tunnel/encapsulated cases the DROP should have been applied
to the root packet.

Fixes: 6742ecbc9e87 ("decode: make PacketDrop use action as parameter")

Bug: #5600.
---

diff --git a/src/decode.h b/src/decode.h
index 223e3c67ef..e141acb9f8 100644
--- a/src/decode.h
+++ b/src/decode.h
@@ -916,7 +916,7 @@ static inline void PacketDrop(Packet *p, const uint8_t action, enum PacketDropRe
     if (p->drop_reason == PKT_DROP_REASON_NOT_SET)
         p->drop_reason = (uint8_t)r;
 
-    PACKET_UPDATE_ACTION(p, action);
+    PacketUpdateAction(p, action);
 }
 #define PACKET_DROP(p) PacketDrop((p), PKT_DROP_REASON_NOT_SET)