From 6bad2dbd7964a2e465ff4829022acf1e6c34062d Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Mon, 26 Sep 2011 18:53:26 +0200
Subject: [PATCH] Don't match on IP only rules that use ports if packet is not
 (proper) TCP, UDP or SCTP. Rules out frags matching as well.

---
 src/detect-engine-iponly.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/detect-engine-iponly.c b/src/detect-engine-iponly.c
index 1ddb38c233..8196dc4769 100644
--- a/src/detect-engine-iponly.c
+++ b/src/detect-engine-iponly.c
@@ -1047,6 +1047,13 @@ void IPOnlyMatchPacket(ThreadVars *tv,
                                 continue;
                             }
                         }
+                    } else {
+                        if (!(s->flags & SIG_FLAG_DP_ANY)) {
+                            continue;
+                        }
+                        if (!(s->flags & SIG_FLAG_SP_ANY)) {
+                            continue;
+                        }
                     }
 
                     if (!IPOnlyMatchCompatSMs(tv, det_ctx, s, p)) {