Re: udplite and ports - Mart Frauenlob

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: Mart Frauenlob <mart.frauenlob@chello.at>
To: netfilter@vger.kernel.org
Subject: Re: udplite and ports
Date: Tue, 16 Mar 2010 13:09:35 +0100	[thread overview]
Message-ID: <4B9F74FF.9000200@chello.at> (raw)
In-Reply-To: <4B9F6B49.9060805@plouf.fr.eu.org>

On 16.03.2010 12:28, Pascal Hambourg wrote:
> Mart Frauenlob a écrit :
>>>
>>> what am I missing, why is that command not working:
>>>
>>> iptables -A INPUT -i eth2 -p udplite --destination-port 123 -j ACCEPT
>>> iptables v1.4.7: unknown option `--destination-port'
>>> Try `iptables -h' or 'iptables --help' for more information.
> [...]
>>> -p udplite -m multiport --ports 123,124 ... works.
> 
> According to changelogs, support for UDPLITE in multiport was added in
> iptables 1.3.8 (the man page does not seem to have been updated though).
> 
>> I would have expect it to work like -p udp. Am I wrong?
>> But there's no libxt_udplite.so.
> 
> --dport is an option of some "-m <protocol>" matches (implicit with "-p
> <protocol>") such as tcp, udp, sctp, dccp handled by libxt_<protocol>.so
> libraries. As you pointed out, there is no libxt_udplite.so, so no "-m
> udplite" match nor --dport option for UDPLITE.

Thank you Pascal,

ok, it's simply not implemented...
It seemed somehow improbable to me, that support for udplite within
conntrack, nat and multiport was added, but no protocol match.
Relying on something not being in the man page *sigh* isn't assured to
be correct.

Best regards

Mart

     prev parent reply	other threads:[~2010-03-16 12:09 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-03-13  9:10 udplite and ports Mart Frauenlob
2010-03-14  5:43 ` ratheesh k
2010-03-16  7:28   ` Mart Frauenlob
2010-03-16  7:34 ` Mart Frauenlob
2010-03-16 11:28   ` Pascal Hambourg
2010-03-16 12:09     ` Mart Frauenlob [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4B9F74FF.9000200@chello.at \
    --to=mart.frauenlob@chello.at \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox