From 338ce59ae4b419144e6d44959a774364860886d7 Mon Sep 17 00:00:00 2001
From: Daniel <dhaavi@users.noreply.github.com>
Date: Thu, 3 Feb 2022 15:38:27 +0100
Subject: [PATCH] Fix fast-tracking non-echo ICMP/v6 messages

---
 firewall/interception.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/firewall/interception.go b/firewall/interception.go
index 393dee9f..cbb5bd8e 100644
--- a/firewall/interception.go
+++ b/firewall/interception.go
@@ -226,6 +226,7 @@ func fastTrackedPermit(pkt packet.Packet) (handled bool) {
 
 		// Permit all ICMP/v6 packets that are not echo requests or replies.
 		log.Debugf("filter: fast-track accepting ICMP/v6: %s", pkt)
+		_ = pkt.PermanentAccept()
 		return true
 
 	case packet.UDP, packet.TCP:
@@ -318,8 +319,8 @@ func fastTrackedPermit(pkt packet.Packet) (handled bool) {
 		if pkt.Info().Dst.Equal(compat.SystemIntegrationCheckDstIP) {
 			compat.SubmitSystemIntegrationCheckPacket(pkt)
 			_ = pkt.Drop()
+			return true
 		}
-		return true
 	}
 
 	return false