From nobody Wed Sep 18 21:48:01 2024 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4X8C2b3JvNz5VhyP for ; Wed, 18 Sep 2024 21:48:39 +0000 (UTC) (envelope-from herbert@gojira.at) Received: from mail.bsd4all.net (mail.bsd4all.net [IPv6:2a01:4f8:13b:240c::25]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail.bsd4all.net", Issuer "E5" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4X8C2Z37zhz542n for ; Wed, 18 Sep 2024 21:48:38 +0000 (UTC) (envelope-from herbert@gojira.at) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gojira.at header.s=mail202005 header.b=YdzBnoVb; dmarc=none; spf=pass (mx1.freebsd.org: domain of herbert@gojira.at designates 2a01:4f8:13b:240c::25 as permitted sender) smtp.mailfrom=herbert@gojira.at Date: Wed, 18 Sep 2024 23:48:01 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=gojira.at; s=mail202005; t=1726696109; bh=D0YUg+hfhlpLKmist567FrAWqPI2kQfFmdeJikNZutM=; h=Date:Message-ID:From:To:Subject:MIME-Version:Content-Type; b=YdzBnoVbfhtriZfCcrh8LIflg5dRk+75SMjsdU8GzJC+4c4Fq01kTZkEqAuoeo3E5 7NO/js7xmBMpTaUUgTQ+Mk53e4O/msQdIf0VWQeYtLr9Ce+7cqix/3t+/uHcbJIv7f tGITqiiIJH/ZQXzzLLLpf/4/0tHVn41LGdSAClPzwOFvyTuRb5+Lw8KAfZnEIF2BmL 67q4d5KQCSGcb5u04qCLXZlfUphYZ6VdolEb2QIiq1t5dOoLppicp/qMU0G7iD481l pIb4ofeUrhawizWziaBVJYE5DOWXYcJgLLLmJY1VtbIeZAeLUDq0arHVcIYlvXC4kL jaKXpORhxTKyA== Message-ID: <87v7ysiqge.wl-herbert@gojira.at> From: "Herbert J. Skuhra" To: net@FreeBSD.org Subject: Re: issue with ICMP with PF and nat and latest 14.1 In-Reply-To: <764EE8F1-BE88-4714-AD3F-9D93028FFEC4@icloud.com> References: <764EE8F1-BE88-4714-AD3F-9D93028FFEC4@icloud.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/31.0 Mule/6.0 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-Spamd-Result: default: False [-0.96 / 15.00]; MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM_MEDIUM(-0.98)[-0.984]; NEURAL_HAM_SHORT(-0.98)[-0.976]; SUBJECT_ENDS_SPACES(0.50)[]; R_SPF_ALLOW(-0.20)[+ip6:2a01:4f8:13b:240c::25]; R_DKIM_ALLOW(-0.20)[gojira.at:s=mail202005]; MIME_GOOD(-0.10)[text/plain]; RCPT_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/32, country:DE]; MIME_TRACE(0.00)[0:+]; FROM_HAS_DN(0.00)[]; DMARC_NA(0.00)[gojira.at]; ARC_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; RCVD_COUNT_ZERO(0.00)[0]; TO_DN_NONE(0.00)[]; MLMMJ_DEST(0.00)[net@FreeBSD.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[gojira.at:+] X-Rspamd-Queue-Id: 4X8C2Z37zhz542n X-Spamd-Bar: / On Wed, 18 Sep 2024 23:34:16 +0200, Benoit Chesneau wrote: > > Hi, > > It seems that since the latest update of PF in FreeBSD 14.1 mtr > doesn't provide a correct trace using the default. It works with the > ``--udp` and `-T` options so it doesn't seem to be an issue with the > next hop. Also mtr works perfectly on the firewall machine. Issue > only happen on the nated machines on the lan behind it. No issue > with ipv6. > > I tried to change the config or pass everything but I still > reproduce the issue. Any idea to troubleshoot/fix it is welcome :) Latest 14.1? Do you run stable/14 or releng/14.1? Maybe: -- Herbert