#288 SCTP (and other protocol) support


SCTP, DCCP, and UDPLite are all transport-layer protocols that can carry traffic and whose first few header fields carry source/destination port numbers in the same range as TCP and UDP. While support for filtering these probably needs to be added in the Linux Kernel (uncertain about other OSes and firewall tools), long-term, I think it would be good to support filtering these protocols by source/destination IPs and ports rather than having to define specific IP protocol #'s.


  • Vadim Kurland

    Vadim Kurland - 2011-08-21

    I see iptables modules that can match sctp and dccp (in iptables 1.4.4) but not for UDPLite. Converting this to a feature request.

  • Joshua Kinard

    Joshua Kinard - 2011-08-21

    SCTP has usage in telephony mostly (was designed for SIGTRAN and SS7). There doesn't even exist a Windows driver for it, and Linux has just a handful of apps. But it's got potential to emerge as a general-purpose transport-layer protocol down the road, so I figured getting this in would be useful down the road as the telephony and IP networks begin to merge more.

    DCCP, I haven't looked into a whole lot yet. I see it as being more similar to UDP (whereas SCTP is more similar to TCP).

    UDPLite is very similar to UDP, except that it allows for partial checksums. It's possible iptables might loop it in under the main udp stuff, but with a special flag or something. I ahven't looked, to be honest.

    Thanks for considering!


Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.

No, thanks