unified2: only call stream callback for TCP

diff --git a/src/alert-unified2-alert.c b/src/alert-unified2-alert.c
index f131b3321cc9ccfb3fefa17c9bdcc04cf240186e..04388f5bc0664b38c099b7e8c11772a682df4c2a 100644 (file)
--- a/src/alert-unified2-alert.c
+++ b/src/alert-unified2-alert.c
@@ -734,8 +734,10 @@ int Unified2IPv6TypeAlert (ThreadVars *t, Packet *p, void *data, PacketQueue *pq
         aun->length = 0;
         aun->offset = 0;
 
-        ret = Unified2PacketTypeAlert(aun, p, phdr->event_id,
-                pa->flags & (PACKET_ALERT_FLAG_STATE_MATCH|PACKET_ALERT_FLAG_STREAM_MATCH) ? 1 : 0);
+        /* stream flag based on state match, but only for TCP */
+        int stream = (gphdr.protocol == IPPROTO_TCP) ?
+            (pa->flags & (PACKET_ALERT_FLAG_STATE_MATCH|PACKET_ALERT_FLAG_STREAM_MATCH) ? 1 : 0) : 0;
+        ret = Unified2PacketTypeAlert(aun, p, phdr->event_id, stream);
         if (ret != 1) {
             SCLogError(SC_ERR_FWRITE, "Error: fwrite failed: %s", strerror(errno));
             aun->file_ctx->alerts += i;