From owner-freebsd-ipfw@FreeBSD.ORG Thu Sep 10 06:58:49 2009 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 666CC1065697 for ; Thu, 10 Sep 2009 06:58:49 +0000 (UTC) (envelope-from luigi@onelab2.iet.unipi.it) Received: from onelab2.iet.unipi.it (onelab2.iet.unipi.it [131.114.59.238]) by mx1.freebsd.org (Postfix) with ESMTP id 2D25E8FC19 for ; Thu, 10 Sep 2009 06:58:49 +0000 (UTC) Received: by onelab2.iet.unipi.it (Postfix, from userid 275) id CAF4C730DA; Thu, 10 Sep 2009 08:47:44 +0200 (CEST) Date: Thu, 10 Sep 2009 08:47:44 +0200 From: Luigi Rizzo To: mkarjal Message-ID: <20090910064744.GA1149@onelab2.iet.unipi.it> References: <25377926.post@talk.nabble.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <25377926.post@talk.nabble.com> User-Agent: Mutt/1.4.2.3i Cc: freebsd-ipfw@freebsd.org Subject: Re: IPFW and SCTP port number X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Sep 2009 06:58:49 -0000 On Wed, Sep 09, 2009 at 11:17:50PM -0700, mkarjal wrote: > > Hi, > > I'm trying to catch SCTP packets with IPFW by SCTP port numbers, should it > be working or not? > Or is there some different syntax for this? > > "ipfw add count sctp from any to any" works, counts all SCTP packets. > > "ipfw add count sctp from any 49606 to any" does not work. Counters show > zero reading. > > I have tried adding IP address, with different port ranges and combinations. > I have tested this with 7.2-RELEASE and 8.0-BETA3. i think at the moment ipfw is not parsing sctp headers so it does not fetch port numbers. cheers luigi