From owner-freebsd-bugs Tue May 18 12:20: 4 1999 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 5B7E914EDA for ; Tue, 18 May 1999 12:20:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id MAA43032; Tue, 18 May 1999 12:20:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: by hub.freebsd.org (Postfix, from userid 32767) id 52587150E6; Tue, 18 May 1999 12:10:04 -0700 (PDT) Message-Id: <19990518191004.52587150E6@hub.freebsd.org> Date: Tue, 18 May 1999 12:10:04 -0700 (PDT) From: mitch@hardwarestreet.com To: freebsd-gnats-submit@freebsd.org X-Send-Pr-Version: www-1.0 Subject: kern/11766: Can not traceroute through ipnat. Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 11766 >Category: kern >Synopsis: Can not traceroute through ipnat. >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue May 18 12:20:01 PDT 1999 >Closed-Date: >Last-Modified: >Originator: Mitch Wright >Release: FreeBSD 3.1-RELEASE #0 >Organization: HardwareStreet.com >Environment: bash-2.02# uname -a FreeBSD bc.internetstreet.net 3.1-RELEASE FreeBSD 3.1-RELEASE #0: Sun Mar 28 09:54:29 PST 1999 mitch@bc.netline.com:/usr/src/sys/compile/BC i386 >Description: I have enabled the IPFILTER options in the kernel and am making use of ipnat. Most things work as expected; however, traceroute does not. It simply times out after hitting the NAT box and goes no further. I've cvsup'd the latest sources, but that hasn't seemed to help. >How-To-Repeat: The obvious.... enable IPFILTER in your kernel and set up ipnat. The rules I am using are quite simple.. map fxp1 10.20.30.0/24 -> 207.20.86.209/32 portmap tcp/udp 10000:65000 map fxp1 10.20.30.0/24 -> 207.20.86.209/32 # map fxp1 10.20.30.0/24 -> 207.20.86.209/32 proxy port ftp ftp/tcp >Fix: Well... I think it is simply a matter of updating the version of ipfilter being used. A similar (same?) bug is mentioned in the HISTORY file of the latest ipfilter (3.2.10). >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message