diff --git a/src/detect-engine-iponly.c b/src/detect-engine-iponly.c
index 8932a0dab5..1ddb38c233 100644
--- a/src/detect-engine-iponly.c
+++ b/src/detect-engine-iponly.c
@@ -1026,9 +1026,28 @@ void IPOnlyMatchPacket(ThreadVars *tv,
                 if (bitarray & 0x01) {
                     Signature *s = de_ctx->sig_array[u * 8 + i];
 
-                    /* Need to check the protocol first */
-                    if (!(s->proto.proto[(IP_GET_IPPROTO(p)/8)] & (1 << (IP_GET_IPPROTO(p) % 8))))
+                    if (DetectProtoContainsProto(&s->proto, IP_GET_IPPROTO(p)) == 0) {
+                        SCLogDebug("proto didn't match");
                         continue;
+                    }
+
+                    /* check the source & dst port in the sig */
+                    if (p->proto == IPPROTO_TCP || p->proto == IPPROTO_UDP || p->proto == IPPROTO_SCTP) {
+                        if (!(s->flags & SIG_FLAG_DP_ANY)) {
+                            DetectPort *dport = DetectPortLookupGroup(s->dp,p->dp);
+                            if (dport == NULL) {
+                                SCLogDebug("dport didn't match.");
+                                continue;
+                            }
+                        }
+                        if (!(s->flags & SIG_FLAG_SP_ANY)) {
+                            DetectPort *sport = DetectPortLookupGroup(s->sp,p->sp);
+                            if (sport == NULL) {
+                                SCLogDebug("sport didn't match.");
+                                continue;
+                            }
+                        }
+                    }
 
                     if (!IPOnlyMatchCompatSMs(tv, det_ctx, s, p)) {
                         continue;
@@ -1534,10 +1553,10 @@ static int IPOnlyTestSig02 (void) {
     if (s == NULL) {
         goto end;
     }
-    if(!(SignatureIsIPOnly(&de_ctx, s)))
-        result=1;
+    if ((SignatureIsIPOnly(&de_ctx, s)))
+        result = 1;
     else
-        printf("got a IPOnly signature: ");
+        printf("got a non-IPOnly signature: ");
 
     SigFree(s);
 
diff --git a/src/detect-threshold.c b/src/detect-threshold.c
index a60afc3a8d..a6be04d20f 100644
--- a/src/detect-threshold.c
+++ b/src/detect-threshold.c
@@ -411,7 +411,7 @@ static int DetectThresholdTestSig1(void) {
 
     de_ctx->flags |= DE_QUIET;
 
-    s = de_ctx->sig_list = SigInit(de_ctx,"alert tcp any any -> any 80 (msg:\"Threshold limit\"; threshold: type limit, track by_dst, count 5, seconds 60; sid:1;)");
+    s = de_ctx->sig_list = SigInit(de_ctx,"alert tcp any any -> any 80 (msg:\"Threshold limit\"; content:\"A\"; threshold: type limit, track by_dst, count 5, seconds 60; sid:1;)");
     if (s == NULL) {
         goto end;
     }
diff --git a/src/detect.c b/src/detect.c
index 197d3ceffb..f65363be19 100644
--- a/src/detect.c
+++ b/src/detect.c
@@ -1917,25 +1917,6 @@ int SignatureIsIPOnly(DetectEngineCtx *de_ctx, Signature *s) {
     if (s->alproto != ALPROTO_UNKNOWN)
         return 0;
 
-    /* for tcp/udp, only consider sigs that don't have ports set, as ip-only */
-    if (!(s->proto.flags & DETECT_PROTO_ANY)) {
-        if (s->proto.proto[IPPROTO_TCP / 8] & (1 << (IPPROTO_TCP % 8)) ||
-            s->proto.proto[IPPROTO_UDP / 8] & (1 << (IPPROTO_UDP % 8)) ||
-            s->proto.proto[IPPROTO_SCTP / 8] & (1 << (IPPROTO_SCTP % 8))) {
-            if (!(s->flags & SIG_FLAG_SP_ANY))
-                return 0;
-
-            if (!(s->flags & SIG_FLAG_DP_ANY))
-                return 0;
-/*
-        } else if ((s->proto.proto[IPPROTO_ICMP / 8] & (1 << (IPPROTO_ICMP % 8))) ||
-                   (s->proto.proto[IPPROTO_ICMPV6 / 8] & (1 << (IPPROTO_ICMPV6 % 8)))) {
-            SCLogDebug("ICMP sigs are not IP-Only until we support ICMP in flow.");
-            return 0;
-*/
-        }
-    }
-
     if (s->sm_lists[DETECT_SM_LIST_PMATCH] != NULL)
         return 0;