Ubuntu
net-tools package

'netstat' doesn't check for sockets using SCTP protocol

Bug #174858 reported by Tomasz Jankowski
54
This bug affects 8 people
Affects Status Importance Assigned to Milestone
net-tools (Debian)
Fix Released
Unknown
net-tools (Gentoo Linux)
Fix Released
Wishlist
net-tools (Ubuntu)
Triaged
Wishlist
Unassigned
Nominated for Trusty by Alberto Salvia Novella
Nominated for Wily by Alberto Salvia Novella
Nominated for Xenial by Alberto Salvia Novella

Bug Description

Binary package hint: net-tools

'netstat' doesn't display information about listening SCTP sockets. I checked it twice. First time with my own applications and second time server - client examples provided with SCTP implementation for Linux. When server is listening command 'neststat -l' doesn't display any information about it.

Daniel T Chen (crimsun)
Changed in net-tools:
status: New → Confirmed
Revision history for this message
In , Zerthurd (zerthurd) wrote :

netstat from net-tools-1.60_p20071202044231-r1 not support SCTP

If I run SCTP-listener on some port, I cannot see it via netstat -lp

# netstat --sctp
netstat: unrecognized option `--sctp'

Revision history for this message
In , Zerthurd (zerthurd) wrote :

change severity to major

Revision history for this message
In , Jeroen Roovers (jer-gentoo) wrote :

Changed Severity back to Enhancement - this looks like a missing feature that requires a patch that should probably be introduced upstream, not in Gentoo. So far, only Fedora appears to support an SCTP patch for net-tools - maybe that's worth looking into.

Revision history for this message
In , Jeroen Roovers (jer-gentoo) wrote :

upstream bug report

Revision history for this message
Daniël van Eeden (dveeden) wrote :

Related: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=306428

Revision history for this message
In , Mike Frysinger (vapier) wrote :

ive updated the patch in the Debian tracker and added with 1.60_p20090728014017

Revision history for this message
Erik Inge Bolsø (knan-lp) wrote :

This seems a security issue to me - you can have a backdoor listening on SCTP and it won't show in netstat. And even established connections - like a file transfer or shell.

Red Hat & SuSE have had SCTP patches in their netstat flavors for years. And the debian bug has patches. What's the holdup?

Simple tests:

netsend sctp receive (opens a listening socket on port 6666)
socat SCTP-LISTEN:8080 TCP-CONNECT:localhost:22 (proxies ssh on sctp/8080)

Bug Watch Updater (bug-watch-updater)
Changed in net-tools (Debian):
status: Unknown → New
Bug Watch Updater (bug-watch-updater)
Changed in net-tools (Debian):
status: New → Fix Released
Revision history for this message
Ken Sharp (kennybobs) wrote :

Upstream git is patched to support SCTP but it hasn't made it into Debian yet.

tags: added: amd64 i386 patch-accepted-upstream trusty wily xenial
Bug Watch Updater (bug-watch-updater)
Changed in net-tools (Gentoo Linux):
importance: Unknown → Wishlist
status: Unknown → Fix Released
Alberto Salvia Novella (es20490446e)
Changed in net-tools (Ubuntu):
importance: Undecided → Wishlist
status: Confirmed → Triaged
Revision history for this message
Ken Sharp (kennybobs) wrote :

Bug trackers doesn't seem to like https://sourceforge.net/p/net-tools/bugs/21/

Once that's fixed, Debian should be ready to update their package.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.