Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 23 Feb 2023 03:44:48 +0000
From:      bugzilla-noreply@freebsd.org
To:        bugs@FreeBSD.org
Subject:   [Bug 269770] libalias udp redirect_port temporary translation failure
Message-ID:  <bug-269770-227@https.bugs.freebsd.org/bugzilla/>

next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D269770

            Bug ID: 269770
           Summary: libalias udp redirect_port temporary translation
                    failure
           Product: Base System
           Version: 13.1-STABLE
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: pmc@citylink.dinoex.sub.org

I occasionally observe temporary failures on my public UDP ports.

The problem seems to be with libalias when used for UDP port_redirect:

ipfw nat 3 config log same_ports unreg_only ip <public-ip> \
        redirect_port udp 192.168.xx.xx:5007 5006 \
        redirect_port tcp 192.168.xx.xx:5007 5006

02420     0       0 count log proto ip4 src-port 64000-64010
02425     0       0 nat 3 proto ip4
02430     0       0 count log proto ip4 src-port 64000-64010

Then randomly
# nc -u4p 64000 <public-ip> 5006
# nc -u4p 64001 <public-ip> 5006
# nc -u4p 64002 <public-ip> 5006

Feb 23 03:51:45 <security.info> edge kernel: [75643] ipfw-oper: 2420 Count =
UDP
91.12.117.156:64000 <public-ip>:5006 in via tun3
Feb 23 03:51:45 <security.info> edge kernel: [75643] ipfw-oper: 2430 Count =
UDP
91.12.117.156:64000 192.168.xx.xx:5007 in via tun3
Feb 23 03:52:08 <security.info> edge kernel: [75666] ipfw-oper: 2420 Count =
UDP
91.12.117.156:64001 <public-ip>:5006 in via tun3
Feb 23 03:52:08 <security.info> edge kernel: [75666] ipfw-oper: 2430 Count =
UDP
91.12.117.156:64001 192.168.xx.xx:5007 in via tun3
Feb 23 03:52:29 <security.info> edge kernel: [75687] ipfw-oper: 2420 Count =
UDP
91.12.117.156:64001 <public-ip>:5006 in via tun3
Feb 23 03:52:29 <security.info> edge kernel: [75687] ipfw-oper: 2430 Count =
UDP
91.12.117.156:64001 192.168.xx.xx:5007 in via tun3
Feb 23 03:52:36 <security.info> edge kernel: [75694] ipfw-oper: 2420 Count =
UDP
91.12.117.156:64001 51.158.21.23:5006 in via tun3
Feb 23 03:52:36 <security.info> edge kernel: [75694] ipfw-oper: 2430 Count =
UDP
91.12.117.156:64001 192.168.98.18:5007 in via tun3
Feb 23 03:52:56 <security.info> edge kernel: [75714] ipfw-oper: 2420 Count =
UDP
91.12.117.156:64002 <public-ip>:5006 in via tun3
Feb 23 03:52:56 <security.info> edge kernel: [75714] ipfw-oper: 2430 Count =
UDP
91.12.117.156:64002 192.168.xx.xx:5007 in via tun3
Feb 23 03:53:06 <security.info> edge kernel: [75724] ipfw-oper: 2420 Count =
UDP
91.12.117.156:64000 <public-ip>:5006 in via tun3
Feb 23 03:53:06 <security.info> edge kernel: [75724] ipfw-oper: 2430 Count =
UDP
91.12.117.156:64000 <public-ip>:5006 in via tun3
Feb 23 03:53:06 <security.info> edge kernel: [75724] ipfw-oper: 2685 Unreac=
h 13
UDP 91.12.117.156:64000 <public-ip>:5006 in via tun3

In the beginning 64000 and 64001 get through.
Now only using 64001 for some time, and then
starting to use 64002, suddenly 64000 is no longer
translated. (Not always happens in that exact sequence.)

# ipfw nat show log
nat 2: icmp=3D32, udp=3D1, tcp=3D40, sctp=3D0, pptp=3D0, proto=3D0, frag_id=
=3D0 frag_ptr=3D0 /
tot=3D73
nat 3: icmp=3D0, udp=3D2, tcp=3D72, sctp=3D0, pptp=3D0, proto=3D0, frag_id=
=3D0 frag_ptr=3D0 /
tot=3D74

These udp=3D counters are changing meanwhile, but I don't get a clue
from it, and didn't find a way to log details.

Platform 13.2-BETA2 (but the problem is older)

--=20
You are receiving this mail because:
You are the assignee for the bug.=



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-269770-227>