Date: Sat, 21 Nov 2015 22:20:43 +0100 From: Kristof Provost <kp@FreeBSD.org> To: Daniel Bilik <ddb@neosystem.org> Cc: freebsd-net@freebsd.org Subject: Re: Outgoing packets being sent via wrong interface Message-ID: <20151121212043.GC2307@vega.codepro.be> In-Reply-To: <20151120163431.3449a473db9de23576d3a4b4@neosystem.org> References: <20151120155511.5fb0f3b07228a0c829fa223f@neosystem.org> <C1D7F956-81C9-4ED4-99B8-E0C73A3ECB37@FreeBSD.org> <20151120163431.3449a473db9de23576d3a4b4@neosystem.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2015-11-20 16:34:31 (+0100), Daniel Bilik <ddb@neosystem.org> wrote: > On Fri, 20 Nov 2015 16:18:10 +0100 > Kristof Provost <kp@FreeBSD.org> wrote: > > > Can you post your pf rules too? > > Sure, pf.conf attached. > Thanks. As a first guess, I think the origin of the problem might be related to the double nat rule you've got. nat on $ext_if proto udp from $switchboard to 188.x.y.0/24 -> $ext_addr static-port nat on $ext_if from $int_net to any -> $ext_addr Packets that hit the first rule would also match the second one. In principle the last match should win and everything should be fine, but NAT is handled differently from 'normal' rules, so perhaps there's a bug there. I don't have the time to dig into this right away. Could you create a PR and cc me to it? Thanks, Kristof
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20151121212043.GC2307>