diff --git a/daemon/call.c b/daemon/call.c
index 5f6c19c7d..39a4a5ded 100644
--- a/daemon/call.c
+++ b/daemon/call.c
@@ -326,24 +326,24 @@ static int call_savp2avp_rtcp(str *s, struct streamrelay *r) {
 static int call_avpf2savp_rtcp(str *s, struct streamrelay *r) {
 	int ret;
 	ret = rtcp_avpf2avp(s);
-	if (ret)
+	if (ret < 0)
 		return ret;
 	return rtcp_avp2savp(s, &r->other->crypto.out);
 }
 static int call_savpf2avp_rtcp(str *s, struct streamrelay *r) {
 	int ret;
 	ret = rtcp_savp2avp(s, &r->crypto.in);
-	if (ret)
+	if (ret < 0)
 		return ret;
 	return rtcp_avpf2avp(s);
 }
 static int call_savpf2savp_rtcp(str *s, struct streamrelay *r) {
 	int ret;
 	ret = rtcp_savp2avp(s, &r->crypto.in);
-	if (ret)
+	if (ret < 0)
 		return ret;
 	ret = rtcp_avpf2avp(s);
-	if (ret)
+	if (ret < 0)
 		return ret;
 	return rtcp_avp2savp(s, &r->other->crypto.out);
 }
@@ -555,6 +555,11 @@ static int stream_packet(struct streamrelay *sr_incoming, str *s, struct sockadd
 	determine_handler(sr_in_rtcp);
 	if (sr_in_rtcp->handler->rewrite)
 		handler_ret = sr_in_rtcp->handler->rewrite(s, sr_in_rtcp);
+		/* return values are: 0 = forward packet, -1 = error/dont forward,
+		 * 1 = forward and push update to redis */
+
+	if (handler_ret > 0)
+		update = 1;
 
 use_cand:
 	if (p_incoming->confirmed || !p_incoming->filled || sr_incoming->idx != 0)
@@ -598,7 +603,7 @@ peerinfo:
 forward:
 	if (is_addr_unspecified(&sr_incoming->peer_advertised.ip46)
 			|| !sr_incoming->peer_advertised.port
-			|| stun_ret || handler_ret)
+			|| stun_ret || handler_ret < 0)
 		goto drop;
 
 	if (muxed_rtcp == 2) {
diff --git a/daemon/rtcp.c b/daemon/rtcp.c
index 0eea8efc1..70eb1b861 100644
--- a/daemon/rtcp.c
+++ b/daemon/rtcp.c
@@ -409,7 +409,7 @@ int rtcp_avp2savp(str *s, struct crypto_context *c) {
 	c->crypto_suite->hash_rtcp(c, s->s + s->len, &to_auth);
 	s->len += c->crypto_suite->srtcp_auth_tag;
 
-	return 0;
+	return 1;
 }
 
 
@@ -444,7 +444,7 @@ int rtcp_savp2avp(str *s, struct crypto_context *c) {
 	if (str_memcmp(&auth_tag, hmac))
 		goto error;
 
-	if (idx & 0x80000000ULL) {
+	if ((idx & 0x80000000ULL)) {
 		if (crypto_decrypt_rtcp(c, rtcp, &to_decrypt, idx & 0x7fffffffULL))
 			return -1;
 	}