From owner-freebsd-bugs@FreeBSD.ORG Fri Dec 24 00:10:12 2010 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B6FD11065694 for ; Fri, 24 Dec 2010 00:10:12 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id C24158FC19 for ; Fri, 24 Dec 2010 00:10:10 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id oBO0AApG009614 for ; Fri, 24 Dec 2010 00:10:10 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id oBO0AAiS009613; Fri, 24 Dec 2010 00:10:10 GMT (envelope-from gnats) Resent-Date: Fri, 24 Dec 2010 00:10:10 GMT Resent-Message-Id: <201012240010.oBO0AAiS009613@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Sebastian Zander Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BB7ED1065679 for ; Fri, 24 Dec 2010 00:03:38 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from red.freebsd.org (unknown [IPv6:2001:4f8:fff6::22]) by mx1.freebsd.org (Postfix) with ESMTP id AAF2B8FC12 for ; Fri, 24 Dec 2010 00:03:38 +0000 (UTC) Received: from red.freebsd.org (localhost [127.0.0.1]) by red.freebsd.org (8.14.4/8.14.4) with ESMTP id oBO03caR018072 for ; Fri, 24 Dec 2010 00:03:38 GMT (envelope-from nobody@red.freebsd.org) Received: (from nobody@localhost) by red.freebsd.org (8.14.4/8.14.4/Submit) id oBO03cNP018071; Fri, 24 Dec 2010 00:03:38 GMT (envelope-from nobody) Message-Id: <201012240003.oBO03cNP018071@red.freebsd.org> Date: Fri, 24 Dec 2010 00:03:38 GMT From: Sebastian Zander To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: kern/153415: Port numbers always zero in dynamic IPFW rules for SCTP over IPv4 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Dec 2010 00:10:12 -0000 >Number: 153415 >Category: kern >Synopsis: Port numbers always zero in dynamic IPFW rules for SCTP over IPv4 >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Dec 24 00:10:10 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Sebastian Zander >Release: FreeBSD-CURRENT (revision 216463) >Organization: Swinburne University >Environment: FreeBSD szander.caia.swin.edu.au 9.0-CURRENT FreeBSD 9.0-CURRENT #5: Thu Dec 16 16:47:32 EST 2010 szander@szander.caia.swin.edu.au:/usr/obj/usr/home/szander/dev/diffuse_head/sys/GENERIC+DIFFUSE i386 >Description: Source and destination port numbers for dynamic rules created by IPFW are always zero for SCTP over IPv4, e.g. # ipfw -d show 00050 250 25080 count sctp from any to any keep-state 65000 1218 128492 allow ip from any to any 65535 0 0 deny ip from any to any ## Dynamic rules (1): 00050 5 184 (4s) STATE sctp 127.0.0.1 0 <-> 127.0.0.1 0 >How-To-Repeat: Run IPFW with a keep-state rule that matches SCTP traffic, e.g. ipfw add count sctp from any to any keep-state Create SCTP traffic and run ipfw -d show. >Fix: --- a/sys/netinet/ipfw/ip_fw2.c Wed Dec 22 18:59:59 2010 +1100 +++ b/sys/netinet/ipfw/ip_fw2.c Fri Dec 24 10:58:03 2010 +1100 @@ -1139,6 +1139,12 @@ src_port = UDP(ulp)->uh_sport; break; + case IPPROTO_SCTP: + PULLUP_TO(hlen, ulp, struct sctphdr); + src_port = SCTP(ulp)->src_port; + dst_port = SCTP(ulp)->dest_port; + break; + case IPPROTO_ICMP: PULLUP_TO(hlen, ulp, struct icmphdr); //args->f_id.flags = ICMP(ulp)->icmp_type; >Release-Note: >Audit-Trail: >Unformatted: