Bug 2103743

Summary: sctp: add more chunks support on iptables
Product: Red Hat Enterprise Linux 9 Reporter: Xin Long <lxin>
Component: iptablesAssignee: Phil Sutter <psutter>
Status: CLOSED MIGRATED QA Contact: qe-baseos-daemons
Severity: medium Docs Contact: Jaroslav Klech <jklech>
Priority: medium    
Version: 9.0CC: egarver, jklech, psutter, sukulkar, todoleza
Target Milestone: rcKeywords: MigratedToJIRA, TestCaseProvided, Triaged
Target Release: 9.2   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
.The `iptables` utility supports matching of new SCTP chunk types With this update, the Stream Control Transmission Protocol (SCTP) chunk type matching has been added for the following types: * `I-DATA` (initial data): used to initiate data transmission during the establishment of an SCTP association * `RE-CONFIG`: used to carry information related to the reconfiguration of an SCTP association (such as addition or removal of IP addresses) * `PAD`: used to add padding to an SCTP packet, allowing it to reach the minimum size specified in the SCTP specification * `I-FORWARD-TSN` (initial forward TSN): used to support forwarding of SCTP data chunks between endpoints during the establishment of an SCTP association
 Story Points: ---
Clone Of: Environment:
Last Closed: 2023-09-21 12:28:58 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Xin Long 2022-07-04 16:56:59 UTC 
There are new chunks added in Linux SCTP not being traced by iptables, and we're planning to support them in iptables xt_sctp.

The patch has been posted by Yuxuan on: https://lore.kernel.org/all/20220629200545.75362-1-yuluo@redhat.com/T/
Comment 1 Phil Sutter 2022-07-12 22:33:47 UTC 
Upstream commit to backport:

commit 6b04d9c34e25e2aa3e6b28c74e683021fc7c0c08
Author: Yuxuan Luo <luoyuxuan.carl>
Date:   Mon Jul 11 12:12:38 2022 -0400

    xt_sctp: support a couple of new chunk types
    
    There are new chunks added in Linux SCTP not being traced by iptables.
    
    This patch introduces the following chunks for tracing:
    I_DATA, I_FORWARD_TSN (RFC8260), RE_CONFIG(RFC6525) and PAD(RFC4820)
    
    Signed-off-by: Yuxuan Luo <luoyuxuan.carl>
    Signed-off-by: Phil Sutter <phil>


Luo Yuxuan, should I take over from here on or do you want to continue with this?
Comment 2 yuluo@redhat.com 2022-07-15 21:18:51 UTC 
(In reply to Phil Sutter from comment #1)
> Upstream commit to backport:
> 
> commit 6b04d9c34e25e2aa3e6b28c74e683021fc7c0c08
> Author: Yuxuan Luo <luoyuxuan.carl>
> Date:   Mon Jul 11 12:12:38 2022 -0400
> 
>     xt_sctp: support a couple of new chunk types
>     
>     There are new chunks added in Linux SCTP not being traced by iptables.
>     
>     This patch introduces the following chunks for tracing:
>     I_DATA, I_FORWARD_TSN (RFC8260), RE_CONFIG(RFC6525) and PAD(RFC4820)
>     
>     Signed-off-by: Yuxuan Luo <luoyuxuan.carl>
>     Signed-off-by: Phil Sutter <phil>
> 
> 
> Luo Yuxuan, should I take over from here on or do you want to continue with
> this?

I would really appreciate it if you take over from here.
Comment 3 Phil Sutter 2022-08-04 16:23:18 UTC 
(In reply to yuluo from comment #2)
> I would really appreciate it if you take over from here.

Will do, thanks again for your work upstream!
Comment 9 Phil Sutter 2023-02-21 19:41:34 UTC 
We're late for features in RHEL9.2, will postpone. Also one follow-up upstream:

commit f7c8d896f3305471746a8690f73587a65854d8fa
Author: Xin Long <lucien.xin>
Date:   Tue Feb 21 12:19:42 2023 -0500

    xt_sctp: add the missing chunk types in sctp_help
    
    Add the missing chunk types in sctp_help(), so that the help cmd can
    display these chunk types as below:
    
      # iptables -p sctp --help
    
      chunktypes - ... I_DATA RE_CONFIG PAD ... I_FORWARD_TSN ALL NONE
    
    Fixes: 6b04d9c34e25 ("xt_sctp: support a couple of new chunk types")
    Signed-off-by: Xin Long <lucien.xin>
    Signed-off-by: Phil Sutter <phil>
Comment 11 RHEL Program Management 2023-09-21 12:26:40 UTC 
Issue migration from Bugzilla to Jira is in process at this time. This will be the last message in Jira copied from the Bugzilla bug.
Comment 12 RHEL Program Management 2023-09-21 12:28:58 UTC 
This BZ has been automatically migrated to the issues.redhat.com Red Hat Issue Tracker. All future work related to this report will be managed there.

Due to differences in account names between systems, some fields were not replicated.  Be sure to add yourself to Jira issue's "Watchers" field to continue receiving updates and add others to the "Need Info From" field to continue requesting information.

To find the migrated issue, look in the "Links" section for a direct link to the new issue location. The issue key will have an icon of 2 footprints next to it, and begin with "RHEL-" followed by an integer.  You can also find this issue by visiting https://issues.redhat.com/issues/?jql= and searching the "Bugzilla Bug" field for this BZ's number, e.g. a search like:

"Bugzilla Bug" = 1234567

In the event you have trouble locating or viewing this issue, you can file an issue by sending mail to rh-issues. You can also visit https://access.redhat.com/articles/7032570 for general account information.