View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0007900 | CentOS-7 | iptables | public | 2014-11-19 01:59 | 2014-11-19 01:59 |
| Reporter | takashi_ | Assigned To | |||
| Priority | high | Severity | major | Reproducibility | always |
| Status | new | Resolution | open | ||
| Platform | x86_64 | OS | Centos7 | OS Version | Centos7 |
| Product Version | 7.0-1406 | ||||
| Summary | 0007900: SCTP destination port can not be chaged when specifying iptables rule. | ||||
| Description | We used iptables to translate the port number and ip address. iptables version we used is 1.4.21 as we check the latest Linux command of iptables and it said it support SCTP protocol and and also destination port can be changed. After our trial, the ip address was changed, however, the destination port number was NOT changed. Here is our setting sample: For example) Expected 1. Source B is sending the SCTP INIT to NAPT server(172.20.63.12(36412) -> 172.20.0.12(36412) 2. NAPT to forward the message to Target A. (172.20.63.12(36412) -> 172.20.86.50(36413) The following is the configuration of iptables ) iptables -t nat -A PREROUTING -i enp7s0f0 -d 172.20.0.2 -p sctp --dport 36412 -j DNAT --to-destination 172.20.86.50:36412 iptables -t nat -A PREROUTING -i enp7s0f0 -d 172.20.0.12 -p sctp --dport 36412 -j DNAT --to-destination 172.20.86.50:36413 iptables -t nat -A PREROUTING -i enp7s0f1 -d 172.20.0.2 -p sctp --dport 36412 -j DNAT --to-destination 172.20.86.50:36414 iptables -t nat -A PREROUTING -i enp7s0f1 -d 172.20.0.12 -p sctp --dport 36412 -j DNAT --to-destination 172.20.86.50:36415 Result 1. SCTP INIT to NAPT (172.20.63.12(36412) -> 172.20.0.12(36412) 2. NAPT to forward the message to Target A. (172.20.63.12(36412) -> 172.20.86.50(36412) Hope this issue will be solved soon. Takashi | ||||
| Tags | No tags attached. | ||||
| abrt_hash | |||||
| URL | |||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2014-11-19 01:59 | takashi_ | New Issue |
