kern/153415: Port numbers always zero in dynamic IPFW rules for
SCTP over IPv4
Sebastian Zander
szander at swin.edu.au
Fri Dec 24 00:10:12 UTC 2010
>Number: 153415
>Category: kern
>Synopsis: Port numbers always zero in dynamic IPFW rules for SCTP over IPv4
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Dec 24 00:10:10 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Sebastian Zander
>Release: FreeBSD-CURRENT (revision 216463)
>Organization:
Swinburne University
>Environment:
FreeBSD szander.caia.swin.edu.au 9.0-CURRENT FreeBSD 9.0-CURRENT #5: Thu Dec 16 16:47:32 EST 2010 szander at szander.caia.swin.edu.au:/usr/obj/usr/home/szander/dev/diffuse_head/sys/GENERIC+DIFFUSE i386
>Description:
Source and destination port numbers for dynamic rules created by IPFW are always zero for SCTP over IPv4, e.g.
# ipfw -d show
00050 250 25080 count sctp from any to any keep-state
65000 1218 128492 allow ip from any to any
65535 0 0 deny ip from any to any
## Dynamic rules (1):
00050 5 184 (4s) STATE sctp 127.0.0.1 0 <-> 127.0.0.1 0
>How-To-Repeat:
Run IPFW with a keep-state rule that matches SCTP traffic, e.g.
ipfw add count sctp from any to any keep-state
Create SCTP traffic and run ipfw -d show.
>Fix:
--- a/sys/netinet/ipfw/ip_fw2.c Wed Dec 22 18:59:59 2010 +1100
+++ b/sys/netinet/ipfw/ip_fw2.c Fri Dec 24 10:58:03 2010 +1100
@@ -1139,6 +1139,12 @@
src_port = UDP(ulp)->uh_sport;
break;
+ case IPPROTO_SCTP:
+ PULLUP_TO(hlen, ulp, struct sctphdr);
+ src_port = SCTP(ulp)->src_port;
+ dst_port = SCTP(ulp)->dest_port;
+ break;
+
case IPPROTO_ICMP:
PULLUP_TO(hlen, ulp, struct icmphdr);
//args->f_id.flags = ICMP(ulp)->icmp_type;
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list