libxt_sctp.man revision 27a98c71b37c8b7ecd9c72d9a275640f32973e0d
1.TP 2[\fB!\fP] \fB--source-port\fP,\fB--sport\fP \fIport\fP[\fB:\fP\fIport\fP] 3.TP 4[\fB!\fP] \fB--destination-port\fP,\fB--dport\fP \fIport\fP[\fB:\fP\fIport\fP] 5.TP 6[\fB!\fP] \fB--chunk-types\fP {\fBall\fP|\fBany\fP|\fBonly\fP} \fIchunktype\fP[\fB:\fP\fIflags\fP] [...] 7The flag letter in upper case indicates that the flag is to match if set, 8in the lower case indicates to match if unset. 9 10Chunk types: DATA INIT INIT_ACK SACK HEARTBEAT HEARTBEAT_ACK ABORT SHUTDOWN SHUTDOWN_ACK ERROR COOKIE_ECHO COOKIE_ACK ECN_ECNE ECN_CWR SHUTDOWN_COMPLETE ASCONF ASCONF_ACK 11 12chunk type available flags 13.br 14DATA U B E u b e 15.br 16ABORT T t 17.br 18SHUTDOWN_COMPLETE T t 19 20(lowercase means flag should be "off", uppercase means "on") 21.P 22Examples: 23 24iptables -A INPUT -p sctp --dport 80 -j DROP 25 26iptables -A INPUT -p sctp --chunk-types any DATA,INIT -j DROP 27 28iptables -A INPUT -p sctp --chunk-types any DATA:Be -j ACCEPT 29