From 63dab0caf61e85c041af3cbd09931322ec7e7cf9 Mon Sep 17 00:00:00 2001
From: bz <bz@FreeBSD.org>
Date: Mon, 13 Nov 2006 19:07:32 +0000
Subject: [PATCH] Add SCTP as a known upper layer protocol over v6. We are not
 yet aware of the protocol internals but this way SCTP traffic over v6 will
 not be discarded.

Reported by: Peter Lei via rrs
Tested by:   Peter Lei <peterlei cisco.com>
---
 sys/netinet/ip_fw2.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/sys/netinet/ip_fw2.c b/sys/netinet/ip_fw2.c
index a475ee2b76f6..a435d037389d 100644
--- a/sys/netinet/ip_fw2.c
+++ b/sys/netinet/ip_fw2.c
@@ -82,6 +82,7 @@
 #include <netinet/tcpip.h>
 #include <netinet/udp.h>
 #include <netinet/udp_var.h>
+#include <netinet/sctp.h>
 
 #include <netgraph/ng_ipfw.h>
 
@@ -311,6 +312,7 @@ static int fw_deny_unknown_exthdrs = 1;
  */
 #define	L3HDR(T, ip)	((T *)((u_int32_t *)(ip) + (ip)->ip_hl))
 #define	TCP(p)		((struct tcphdr *)(p))
+#define	SCTP(p)		((struct sctphdr *)(p))
 #define	UDP(p)		((struct udphdr *)(p))
 #define	ICMP(p)		((struct icmphdr *)(p))
 #define	ICMP6(p)	((struct icmp6_hdr *)(p))
@@ -2222,6 +2224,12 @@ do {									\
 				args->f_id.flags = TCP(ulp)->th_flags;
 				break;
 
+			case IPPROTO_SCTP:
+				PULLUP_TO(hlen, ulp, struct sctphdr);
+				src_port = SCTP(ulp)->src_port;
+				dst_port = SCTP(ulp)->dest_port;
+				break;
+
 			case IPPROTO_UDP:
 				PULLUP_TO(hlen, ulp, struct udphdr);
 				dst_port = UDP(ulp)->uh_dport;