Date: Wed, 20 Jul 2016 21:30:45 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-standards@FreeBSD.org Subject: [Bug 211256] FreeBSD 11 ipfw nat tablearg Message-ID: <bug-211256-15@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D211256 Bug ID: 211256 Summary: FreeBSD 11 ipfw nat tablearg Product: Base System Version: 11.0-BETA1 Hardware: amd64 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: standards Assignee: freebsd-standards@FreeBSD.org Reporter: chernov_victor@list.ru CC: freebsd-amd64@FreeBSD.org CC: freebsd-amd64@FreeBSD.org Hi, sorry for my english, but there was a problem when testing FreeBSD 11 w= ith IPFW NAT. There rc.firewall configuration rules, which FreeBSD 10{0,1,2,3} works without problems rc.firewall ... ${fwcmd} nat 1 config log ip xx.yy.zz.254 reset same_ports deny_in unreg_on= ly ${fwcmd} nat 2 config log ip xx.yy.zz.253 reset same_ports deny_in unreg_on= ly ${fwcmd} nat 3 config log ip xx.yy.zz.252 reset same_ports deny_in unreg_on= ly ${fwcmd} nat 4 config log ip xx.yy.zz.251 reset same_ports deny_in unreg_on= ly ${fwcmd} nat 5 config log ip xx.yy.zz.250 reset same_ports deny_in unreg_on= ly ... ${fwcmd} add 10000 nat tablearg ip4 from not me to table\(3\) in recv vlan0 ... ${fwcmd} add 15000 nat tablearg ip4 from table\(4\) to not me out xmit vlan0 ... ${fwcmd} table 3 add xx.yy.zz.254/32 1 ${fwcmd} table 3 add xx.yy.zz.253/32 2 ${fwcmd} table 3 add xx.yy.zz.252/32 3 ${fwcmd} table 3 add xx.yy.zz.251/32 4 ${fwcmd} table 3 add xx.yy.zz.250/32 5 ... ${fwcmd} table 4 add 10.11.0.0/22 1 ${fwcmd} table 4 add 10.11.4.0/22 2 ${fwcmd} table 4 add 10.11.8.0/22 3 ${fwcmd} table 4 add 10.11.12.0/22 4 ${fwcmd} table 4 add 10.11.16.0/22 5 when viewing the rules in FreeBSD 10.3 command: ipfw list, result: ... 10000 nat tablearg ip4 from not me to table(3) in recv vlan0 ... 15000 nat tablearg ip4 from table(4) to not me out xmit vlan0 ... but in freebsd 11 result: ... 10000 nat global ip4 from not me to table(3) in recv vlan0 ... 15000 nat global ip4 from table(4) to not me out xmit vlan0 and IPFW NAT don't work This is a BUG or a new mechanism of work IPFW NAT in FreeBSD 11? --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-211256-15>