Nat on last snapshot 6.0-Current

Tue Jun 14 23:17:38 GMT 2005

Hi All,

     I`ve a strange problem on my desktop firewall, i
test last netbsd-current and freebsd-current, last not
nat with pf or ppp -nat or ipnat ;-(

this ipnat.rules work in netbsd..

map tun0 192.168.0.0/24 -> 0/32 portmap tcp/udp
44000:49999 mssclamp 1440
map tun0 192.168.0.0/24 -> 0/32 mssclamp 1440

pf
....

nat on $ext_if from $internal_net to any  -> ($ext_if)
rdr on $int_if proto tcp from any to any port 21 ->
127.0.0.1 port 8021

tcpdump in internal interface .....

20:11:22.544615 IP 200.119.201.85.4662 >
192.168.0.2.3992: . ack 1 win 64240
20:11:24.119891 IP 192.168.0.2.3994 >
203.219.9.86.4662: S 2642123087:2642123087(0) win
65535 <mss 28,nop,nop,sackOK>
20:11:24.867689 IP 203.219.9.86.4662 >
192.168.0.2.3994: S 425571734:425571734(0) ack
2642123088 win 64240 <mss 1440,nop,nop,sackOK>
20:11:24.867849 IP 192.168.0.2.3994 >
203.219.9.86.4662: . ack 1 win 65535
20:11:24.868044 IP 192.168.0.2.3994 >
203.219.9.86.4662: P 1:45(44) ack 1 win 65

pfctl -ss
self tcp 192.168.0.2:3986 -> 201.1.106.26:53951 ->
82.6.184.50:4662       SYN_SENT:CLOSED
self tcp 192.168.0.2:3994 -> 201.1.106.26:53854 ->
203.219.9.86:4662       FIN_WAIT_2:FIN_WAIT_2
self tcp 192.168.0.2:3982 -> 201.1.106.26:54863 ->
200.40.185.101:4662       CLOSING:CLOSED
self tcp 192.168.0.2:3984 -> 201.1.106.26:57704 ->
172.180.84.194:4662       SYN_SENT:CLOSED
self tcp 192.168.0.2:3988 -> 201.1.106.26:57664 ->
82.158.63.218:4662       SYN_SENT:CLOSED
self tcp 192.168.0.2:3996 -> 201.1.106.26:62184 ->
85.137.17.234:4662       ESTABLISHED:ESTABLISHED
self tcp 192.168.0.2:3990 -> 201.1.106.26:50582 ->
62.21.108.248:35165       SYN_SENT:CLOS

  On the 192.168.0.2 ping work, telnet on :80 work ...
but firefox and emule not work!!!

Sorry for english!!
Thanks for advanced

Ricardo A. Reis
UNIFESP - SENAI
System Admin

__________________________________________________
Converse com seus amigos em tempo real com o Yahoo! Messenger 
http://br.download.yahoo.com/messenger/ 