From 235ee362119b4351e2e0cc3be9bbb5cf90bd20d9 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Thu, 4 May 2023 06:47:58 +0200 Subject: [PATCH] respond/reject: fix IPv6 TCP resets Fix length and next header field settings. Bug: #6038. --- src/respond-reject-libnet11.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/respond-reject-libnet11.c b/src/respond-reject-libnet11.c index b9c55583b3..95ff114484 100644 --- a/src/respond-reject-libnet11.c +++ b/src/respond-reject-libnet11.c @@ -432,7 +432,7 @@ int RejectSendLibnet11IPv6TCP(ThreadVars *tv, Packet *p, void *data, enum Reject if (c == NULL) return 1; - lpacket.len = LIBNET_IPV6_H + LIBNET_TCP_H; + lpacket.len = LIBNET_TCP_H; lpacket.dsize = p->payload_len; switch (dir) { @@ -453,7 +453,7 @@ int RejectSendLibnet11IPv6TCP(ThreadVars *tv, Packet *p, void *data, enum Reject BuildTCP(c, &lpacket); - if (BuildIPv6(c, &lpacket, IPPROTO_ICMP) < 0) + if (BuildIPv6(c, &lpacket, IPPROTO_TCP) < 0) goto cleanup; if (t_inject_mode == LIBNET_LINK) {