|
|
@ -167,10 +167,13 @@ log.Notice("r.saddr: ", r.saddr, "src: ", src , "sandboxed ", sandboxed, "optstr
|
|
|
|
if r.saddr == nil && src != nil && sandboxed {
|
|
|
|
if r.saddr == nil && src != nil && sandboxed {
|
|
|
|
log.Notice("! Skipping comparison against incompatible rule types: rule src = ", r.saddr, " / packet src = ", src)
|
|
|
|
log.Notice("! Skipping comparison against incompatible rule types: rule src = ", r.saddr, " / packet src = ", src)
|
|
|
|
continue
|
|
|
|
continue
|
|
|
|
|
|
|
|
} else if r.saddr == nil && src == nil && sandboxed {
|
|
|
|
|
|
|
|
continue
|
|
|
|
} else if r.saddr != nil && !r.saddr.Equal(src) && r.proto != "icmp" {
|
|
|
|
} else if r.saddr != nil && !r.saddr.Equal(src) && r.proto != "icmp" {
|
|
|
|
log.Notice("! Skipping comparison of mismatching source ips")
|
|
|
|
log.Notice("! Skipping comparison of mismatching source ips")
|
|
|
|
continue
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
log.Notice("r.saddr = ", r.saddr, "src = ", src, "\n")
|
|
|
|
if r.pid >= 0 && r.pid != pinfo.Pid {
|
|
|
|
if r.pid >= 0 && r.pid != pinfo.Pid {
|
|
|
|
//log.Notice("! Skipping comparison of mismatching PIDs")
|
|
|
|
//log.Notice("! Skipping comparison of mismatching PIDs")
|
|
|
|
continue
|
|
|
|
continue
|
|
|
|