From 2c7c7cf315dfe018f1c9c871db0c7de8257979fa Mon Sep 17 00:00:00 2001
From: Philippe Antoine <pantoine@oisf.net>
Date: Mon, 4 Jul 2022 10:30:20 +0200
Subject: [PATCH] output: skip files logging for ICMP packets

Ticket: #5408
(cherry picked from commit f8bf5817752f19565f1b7449710d1e6a2a96d00a)
---
 src/output-filedata.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/output-filedata.c b/src/output-filedata.c
index 35ed4968fe..d9aa82e889 100644
--- a/src/output-filedata.c
+++ b/src/output-filedata.c
@@ -238,6 +238,10 @@ static TmEcode OutputFiledataLog(ThreadVars *tv, Packet *p, void *thread_data)
     if (f == NULL || f->alstate == NULL) {
         SCReturnInt(TM_ECODE_OK);
     }
+    /* do not log for ICMP packets related to a TCP/UDP flow */
+    if (p->proto != IPPROTO_TCP && p->proto != IPPROTO_UDP) {
+        SCReturnInt(TM_ECODE_OK);
+    }
 
     const bool file_trunc = StreamTcpReassembleDepthReached(p);
     if (p->flowflags & FLOW_PKT_TOSERVER) {
-- 
2.47.2