Date: Thu, 09 Nov 2006 12:42:30 -0500 From: Randall Stewart <rrs@cisco.com> To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> Cc: Peter Lei <peterlei@cisco.com>, freebsd-current@freebsd.org Subject: Re: SCTP is in the Tree :-) Message-ID: <45536886.4090905@cisco.com> In-Reply-To: <20061109173256.G54329@maildrop.int.zabbadoz.net> References: <45524517.1060501@cisco.com> <eitijt$4r8$1@sea.gmane.org> <45525E52.6090608@cisco.com> <20061109173256.G54329@maildrop.int.zabbadoz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Bjoern:
I will send this to Peter and let him test it..
Peter: let me know if this fixes at least some of it to
go though.
Bjoern: if you want we may want to get together sometime and
discuss getting the f/w and maybe nat to support
SCTP.. I assume you are the owner??
R
Bjoern A. Zeeb wrote:
> On Wed, 8 Nov 2006, Randall Stewart wrote:
>
>> Ivan Voras wrote:
>>
>>> Randall Stewart wrote:
>>>
>>>
>>>> Stream Control Transmission Protocol (SCTP) - is a reliable message
>>>> oriented transport protocol which provides network fault tolerance
>>>> It supports multiple streams and multihoming. A very good overview
>>>> of the protocol is given in RFC 3268.
>>>
>>>
>>>
>>> Looks cool :)
>>>
>>> It's under IP so it's routable, but I imagine it probably needs routers
>>> along the way to know about it in order to use the more advanced
>>> features?
>>
>>
>> Nope.. not at all..
>>
>> The only issue is when you cross a firewall or NAT :-(
>>
>> Note that I have heard that the latest FreeBSD IPv6 FW for
>> some reason drops SCTP packets even if you have typed in
>> allow ip from any to any...
>>
>> Something about not liking protocol 132 in the extension
>> headers :(
>
>
> would that patch help you (I'd have to investigate in detail but like
> some of us I am currently in Milan and I still don't know the details
> of SCTP [as in I haven't read the RFC yet]):
>
> Index: ip_fw2.c
> ===================================================================
> RCS file: /local/mirror/FreeBSD/r/ncvs/src/sys/netinet/ip_fw2.c,v
> retrieving revision 1.153
> diff -u -p -r1.153 ip_fw2.c
> --- ip_fw2.c 6 Nov 2006 13:42:04 -0000 1.153
> +++ ip_fw2.c 9 Nov 2006 17:32:22 -0000
> @@ -311,6 +311,7 @@ static int fw_deny_unknown_exthdrs = 1;
> */
> #define L3HDR(T, ip) ((T *)((u_int32_t *)(ip) + (ip)->ip_hl))
> #define TCP(p) ((struct tcphdr *)(p))
> +#define SCTP(p) ((struct sctphdr *)(p))
> #define UDP(p) ((struct udphdr *)(p))
> #define ICMP(p) ((struct icmphdr *)(p))
> #define ICMP6(p) ((struct icmp6_hdr *)(p))
> @@ -2222,6 +2223,12 @@ do
> { \
> args->f_id.flags = TCP(ulp)->th_flags;
> break;
>
> + case IPPROTO_SCTP:
> + PULLUP_TO(hlen, ulp, struct sctphdr);
> + src_port = SCTP(ulp)->src_port;
> + dst_port = SCTP(ulp)->dest_port;
> + break;
> +
> case IPPROTO_UDP:
> PULLUP_TO(hlen, ulp, struct udphdr);
> dst_port = UDP(ulp)->uh_dport;
>
>
--
Randall Stewart
NSSTG - Cisco Systems Inc.
803-345-0369 <or> 803-317-4952 (cell)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45536886.4090905>