Date: Wed, 03 Aug 2016 21:40:10 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-pf@FreeBSD.org Subject: [Bug 201519] pf NAT translates ICMP type 3 packects incorrectly Message-ID: <bug-201519-17777-6K1SN8PJCY@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-201519-17777@https.bugs.freebsd.org/bugzilla/> References: <bug-201519-17777@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D201519 --- Comment #11 from clbuisson@orange.fr --- There is nothing complicated in my setup ! 1. An Internal network with "private" IPv4 addresses 2. A Gateway/Router/Firewall connected to this internal network, and to the Internet (ADSL), and NATing the traffic betwwen 1 and 3 3. The Internet with any system, for exemple www.freebsd.org On a system on the internal network, if I do traceroute www.freebsd.org I get - first line: the internal address/name of the gateway (OK) - a number of lines, one for each intermediate router on the Internet, but labelled with the address/name of www.freebsd.org (!OK) - last line: the address/name of www.freebsd.org (OK) Details seem irrelevant (anyone can find the address of www/freebsd.org ..), and the effect of outgoing NAT on UDP or ICMP (in case of traceroute -I) is supposed known. It is clear that the bug is in the NAT of the ICMP TIME_EXCEEDED received from the Internet (invalid substitution of the address of the responding ro= uter with address of the traceroute target). --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-201519-17777-6K1SN8PJCY>