[Bug 763] New: dnat and snat not changing port numbers on sctp packets

Mon Dec 5 21:49:38 CET 2011

http://bugzilla.netfilter.org/show_bug.cgi?id=763

           Summary: dnat and snat not changing port numbers on sctp packets
           Product: netfilter/iptables
           Version: linux-2.6.x
          Platform: x86_64
        OS/Version: RedHat Linux
            Status: NEW
          Severity: normal
          Priority: P3
         Component: NAT
        AssignedTo: netfilter-buglog at lists.netfilter.org
        ReportedBy: nbollinger at gmail.com
   Estimated Hours: 0.0

Looking at this patch, dnat and snat were changed to modify sctp packets

"Add SCTP/DCCP support to NAT targets"
http://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commit;h=5a942f9501f7ce287e1c37c553eb02a1e269e081

While dnat and snat do change the destination/source ips, its not changing the
port numbers when specified. Is it possible to fix this so that ports can also
be modified?

I'm using iptables v1.4.12.1 with centos 6 kernel 2.6.32-71.29.1.el6.x86_64

This is an example of how I'm trying to use it to forward a sctp port:

iptables -t nat -A PREROUTING  -p sctp -s 1.1.1.1 -d 2.2.2.2 --dport 9901 -j
DNAT --to-destination 3.3.3.3:9900

iptables -t nat -A POSTROUTING -p sctp -s 2.2.2.2 -d 3.3.3.3 --dport 9900 -j
SNAT --to-source 2.2.2.2:9901

-- 
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.