From owner-freebsd-pf@FreeBSD.ORG  Fri Mar 28 13:55:17 2014
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 3E9D2738
 for <freebsd-pf@freebsd.org>; Fri, 28 Mar 2014 13:55:17 +0000 (UTC)
Received: from plane.gmane.org (plane.gmane.org [80.91.229.3])
 (using TLSv1 with cipher AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id EB9A0F48
 for <freebsd-pf@freebsd.org>; Fri, 28 Mar 2014 13:55:16 +0000 (UTC)
Received: from list by plane.gmane.org with local (Exim 4.69)
 (envelope-from <gofdp-freebsd-pf@m.gmane.org>) id 1WTXFP-0002Of-2C
 for freebsd-pf@freebsd.org; Fri, 28 Mar 2014 14:55:03 +0100
Received: from c-98-212-192-10.hsd1.il.comcast.net ([98.212.192.10])
 by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
 id 1AlnuQ-0007hv-00
 for <freebsd-pf@freebsd.org>; Fri, 28 Mar 2014 14:55:03 +0100
Received: from njriley by c-98-212-192-10.hsd1.il.comcast.net with local
 (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00
 for <freebsd-pf@freebsd.org>; Fri, 28 Mar 2014 14:55:03 +0100
X-Injected-Via-Gmane: http://gmane.org/
To: freebsd-pf@freebsd.org
From: Nicholas Riley <njriley@illinois.edu>
Subject: Re: pf + NAT + ICMP issues?
Date: Fri, 28 Mar 2014 08:53:49 -0500
Organization: University of Illinois College of Medicine at Urbana-Champaign
Lines: 12
Message-ID: <njriley-241E62.08534828032014@news.gmane.org>
References: <bb283711b2bff8164472bae449d1e4ed@pyret.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: c-98-212-192-10.hsd1.il.comcast.net
User-Agent: MT-NewsWatcher/3.5.3b3 (Intel Mac OS X)
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Mar 2014 13:55:17 -0000

In article <bb283711b2bff8164472bae449d1e4ed@pyret.net>,
 Daniel Engberg <daniel.engberg.lists@pyret.net> wrote:

> Tried that and no go, actually allowing all types of ICMP doesn't seem 
> to help either so I guess it might be something within pf? Does anyone 
> have this working on HEAD?

Have you had any luck with this since?  I just tried pf on HEAD and am 
running into NAT breakage, including the "first ping lost" issue you 
documented.  natd/ipfw works fine on the same machine.
-- 
Nicholas Riley <njriley@illinois.edu>