Reject ICMP traffic, not only TCP/UDP

author Alexander Gozman <a.gozman@securitycode.ru>

Tue, 7 Apr 2015 14:04:52 +0000 (17:04 +0300)

committer Victor Julien <victor@inliniac.net>

Fri, 17 Apr 2015 12:52:38 +0000 (14:52 +0200)
author Alexander Gozman <a.gozman@securitycode.ru>
Tue, 7 Apr 2015 14:04:52 +0000 (17:04 +0300)
committer Victor Julien <victor@inliniac.net>
Fri, 17 Apr 2015 12:52:38 +0000 (14:52 +0200)
diff --git a/src/respond-reject.c b/src/respond-reject.c

index 42aabbaa816a85368b7e82468d7a2fccf7657813..ea756d7e720e42aa896762033a5fe9bba6eead2c 100644 (file)
--- a/src/respond-reject.c
+++ b/src/respond-reject.c
@@ -70,18 +70,14 @@ TmEcode RespondRejectFunc(ThreadVars *tv, Packet *p, void *data, PacketQueue *pq
      if (PKT_IS_IPV4(p)) {
          if (PKT_IS_TCP(p)) {
              ret = RejectSendIPv4TCP(tv, p, data);
-        } else if(PKT_IS_UDP(p)) {
-            ret = RejectSendIPv4ICMP(tv, p, data);
          } else {
-            return TM_ECODE_OK;
+            ret = RejectSendIPv4ICMP(tv, p, data);
          }
      } else if (PKT_IS_IPV6(p)) {
          if (PKT_IS_TCP(p)) {
              ret = RejectSendIPv6TCP(tv, p, data);
-        } else if(PKT_IS_UDP(p)){
-            ret = RejectSendIPv6ICMP(tv, p, data);
          } else {
-            return TM_ECODE_OK;
+            ret = RejectSendIPv6ICMP(tv, p, data);
          }
      } else {
          /* we're only supporting IPv4 and IPv6 */
author	Alexander Gozman <a.gozman@securitycode.ru>
	Tue, 7 Apr 2015 14:04:52 +0000 (17:04 +0300)
committer	Victor Julien <victor@inliniac.net>
	Fri, 17 Apr 2015 12:52:38 +0000 (14:52 +0200)