ipfw: avoid critical error for broadcast

In some setup, suricata may receive broadcast packets and the call to sendto may fail if the wrong interface is choosen by kernel. This patch change the error treatment to avoid to leave when this problem occurs.
13 years ago · 6d55446655
parent 41cb365a39
commit 6d55446655
1 changed files with 10 additions and 3 deletions
--- a/src/source-ipfw.c
+++ b/src/source-ipfw.c
@ -626,9 +626,16 @@ TmEcode IPFWSetVerdict(ThreadVars *tv, IPFWThreadVars *ptv, Packet *p)

        IPFWMutexLock(nq);
        if (sendto(nq->fd, GET_PKT_DATA(p), GET_PKT_LEN(p), 0,(struct sockaddr *)&nq->ipfw_sin, nq->ipfw_sinlen) == -1) {
-            SCLogWarning(SC_WARN_IPFW_XMIT,"Write to ipfw divert socket failed: %s",strerror(errno));
-            IPFWMutexUnlock(nq);
-            SCReturnInt(TM_ECODE_FAILED);
+            int r = errno;
+            switch (r) {
+                default:
+                    SCLogWarning(SC_WARN_IPFW_XMIT,"Write to ipfw divert socket failed: %s",strerror(r));
+                    IPFWMutexUnlock(nq);
+                    SCReturnInt(TM_ECODE_FAILED);
+                case EHOSTDOWN:
+                case ENETDOWN:
+                    break;
+            }
        }

        IPFWMutexUnlock(nq);