From owner-freebsd-ipfw@FreeBSD.ORG  Thu Oct  6 09:57:27 2011
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C67A1106566C;
	Thu,  6 Oct 2011 09:57:27 +0000 (UTC) (envelope-from ae@FreeBSD.org)
Received: from mail.kirov.so-ups.ru (ns.kirov.so-ups.ru [178.74.170.1])
	by mx1.freebsd.org (Postfix) with ESMTP id 704EE8FC0A;
	Thu,  6 Oct 2011 09:57:27 +0000 (UTC)
Received: from kas30pipe.localhost (localhost.kirov.so-ups.ru [127.0.0.1])
	by mail.kirov.so-ups.ru (Postfix) with SMTP id 6FA4BB8024;
	Thu,  6 Oct 2011 13:38:49 +0400 (MSD)
Received: from kirov.so-ups.ru (unknown [172.21.81.1])
	by mail.kirov.so-ups.ru (Postfix) with ESMTP id 6A2E9B801B;
	Thu,  6 Oct 2011 13:38:49 +0400 (MSD)
Received: by ns.kirov.so-ups.ru (Postfix, from userid 1010)
	id 64AA4B8F36; Thu,  6 Oct 2011 13:38:49 +0400 (MSD)
Received: from [127.0.0.1] (elsukov.kirov.oduur.so [10.118.3.52])
	by ns.kirov.so-ups.ru (Postfix) with ESMTP id E6F74B8F28;
	Thu,  6 Oct 2011 13:38:48 +0400 (MSD)
Message-ID: <4E8D7728.6050608@FreeBSD.org>
Date: Thu, 06 Oct 2011 13:38:48 +0400
From: "Andrey V. Elsukov" <ae@FreeBSD.org>
User-Agent: Mozilla Thunderbird 1.5 (FreeBSD/20051231)
MIME-Version: 1.0
To: Oleg Strizhak <oleg@pcbtech.ru>
References: <4E8D6702.9070707@pcbtech.ru>
In-Reply-To: <4E8D6702.9070707@pcbtech.ru>
X-Enigmail-Version: 1.3.2
Content-Type: text/plain; charset=KOI8-R
Content-Transfer-Encoding: 7bit
X-SpamTest-Version: SMTP-Filter Version 3.0.0 [0284], KAS30/Release
X-SpamTest-Info: Not protected
Cc: freebsd-ipfw@FreeBSD.org, "Alexander V. Chernikov" <melifaro@FreeBSD.org>
Subject: Re: ipfw nat drops icmp packets from localhost
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Oct 2011 09:57:27 -0000

On 06.10.2011 12:29, Oleg Strizhak wrote:
> After an investigation I've found out a very strange situation - it seems to me, that ipfw nat drops
> some (type 11?) icmp reply packets, whose udp request packets it hasn't rewritten/seen before, e.g:
> 
> So, I wonder whether someone else has seen the same case under the similar circumstances? Isn't it a
> bug within ipfw nat module and is there any work-around/patch for that? I've surely googled, but in
> vain =( The only thing, that seems alike to my problem, is
> http://www.freebsd.org/cgi/query-pr.cgi?pr=129093, but the patch for 8 branch didn't cure anything =(

Can you describe how you did apply and test this patch?

-- 
WBR, Andrey V. Elsukov