From f2e0ddb40aa26dafadad9b6a94a23fae0538af7d Mon Sep 17 00:00:00 2001
From: fyodor <fyodor@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Sat, 11 Aug 2007 04:20:48 +0000
Subject: [PATCH] merge soc07 r4916 - If we get a ICMP Protocol Unreachable
 from a host other than our target, we set the state to 'filtered' rather than
 'closed'. Now it works like Port Unreachables and UDP.

---
 scan_engine.cc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/scan_engine.cc b/scan_engine.cc
index dbb828218..72b311ccc 100644
--- a/scan_engine.cc
+++ b/scan_engine.cc
@@ -3080,7 +3080,8 @@ static bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
 	    newstate = PORT_FILTERED;
 	    break;
 	  case 2: /* protocol unreachable */
-	    if (USI->scantype == IPPROT_SCAN) {
+	    if (USI->scantype == IPPROT_SCAN && 
+		hss->target->v4hostip()->s_addr == ip->ip_src.s_addr) {
 	      newstate = PORT_CLOSED;
 	    } else
 	      newstate = PORT_FILTERED;