detect/analyzer: Suppress direction warnings

This commit ensures direction warnings for ICMP v4 and v6 are suppressed and corrects check so that both protocols are checked (instead of the same protocol being checked twice).
6 years ago · fcfb679893
parent 1b9009ea0e
commit fcfb679893
1 changed files with 1 additions and 1 deletions
--- a/src/detect-engine-analyzer.c
+++ b/src/detect-engine-analyzer.c
@ -1199,7 +1199,7 @@ void EngineAnalysisRules(const DetectEngineCtx *de_ctx,
    }

    /* No warning about direction for ICMP protos */
-    if (!(DetectProtoContainsProto(&s->proto, IPPROTO_ICMP) && DetectProtoContainsProto(&s->proto, IPPROTO_ICMP))) {
+    if (!(DetectProtoContainsProto(&s->proto, IPPROTO_ICMPV6) && DetectProtoContainsProto(&s->proto, IPPROTO_ICMP))) {
        if ((s->flags & (SIG_FLAG_TOSERVER|SIG_FLAG_TOCLIENT)) == (SIG_FLAG_TOSERVER|SIG_FLAG_TOCLIENT)) {
            warn_both_direction += 1;
            rule_warning += 1;