Source Ports in Abuse Reporting Format (ARF) Reports
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: RFC Editor <firstname.lastname@example.org> Subject: Protocol Action: 'Source Ports in ARF Reports' to Proposed Standard (draft-kucherawy-marf-source-ports-05.txt) The IESG has approved the following document: - 'Source Ports in ARF Reports' (draft-kucherawy-marf-source-ports-05.txt) as Proposed Standard This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Barry Leiba. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-kucherawy-marf-source-ports/
Technical Summary The information included in an ARF report has not included the source port number on which a message was received. As RFC 6032 notes, the increasing use of NAT on IPv4 networks means that the port number for a connection is often needed to determine the actual host. This draft adds a new report field for the port number. Working Group Summary This individual submission was briefly disucssed at the MARF meeting at IETF 83 and has had some discussion on the MARF mailing list. Because it is simple and uncontroversial, and MARF is scheduled to close once its existing documents are done, it wasn't worth the hassle of keeping MARF open to handle it. Document Quality The quality is good. It's a tiny tweak to ARF which I added to my reporting scripts in about 15 minutes. No formal reviews are required. Personnel John Levine is the Document Shepherd. Barry Leiba is the Responsible Area Director.