1 .TP 2 \fB--source-port\fR,\fB--sport \fR[\fB!\fR] \fIport\fR[\fB:\fIport\fR] 3 .TP 4 \fB--destination-port\fR,\fB--dport \fR[\fB!\fR] \fIport\fR[\fB:\fIport\fR] 5 .TP 6 \fB--chunk-types\fR [\fB!\fR] \fBall\fR|\fBany\fR|\fBonly \fIchunktype\fR[\fB:\fIflags\fR] [...] 7 The flag letter in upper case indicates that the flag is to match if set, 8 in the lower case indicates to match if unset. 9 10 Chunk types: DATA INIT INIT_ACK SACK HEARTBEAT HEARTBEAT_ACK ABORT SHUTDOWN SHUTDOWN_ACK ERROR COOKIE_ECHO COOKIE_ACK ECN_ECNE ECN_CWR SHUTDOWN_COMPLETE ASCONF ASCONF_ACK 11 12 chunk type available flags 13 .br 14 DATA U B E u b e 15 .br 16 ABORT T t 17 .br 18 SHUTDOWN_COMPLETE T t 19 20 (lowercase means flag should be "off", uppercase means "on") 21 .P 22 Examples: 23 24 iptables -A INPUT -p sctp --dport 80 -j DROP 25 26 iptables -A INPUT -p sctp --chunk-types any DATA,INIT -j DROP 27 28 iptables -A INPUT -p sctp --chunk-types any DATA:Be -j ACCEPT 29
