Problems NATting udp-traffic

Plexus

hi folks,

after using pfSense in a vbox for several years now I updated to RC2.0 recently and I am very impressed how this piece of software evolved. As this version is still in development I expected to find one or more bugs and I guess here is the first one.

On the vbox-host (192.168.1.100) a mumble- (port 64738 tcp/upd) and a ts3-server (udp only) are running besides several other services. Connecting those from my working-machine (192.168.1.101) within lan (connect to 192.168.1.100) works fine for both. As I am a nursery child I wanted to connect from my lan via DynDNS (wanIP was 78.34.189.57) to the servers. doing so with tcp is no problem at all as it works with ssh/http/https but it seems not to work with udp-packets.

I figured that one out doing some packet capturing to find out why I could connect that way to mumble but not to my ts3.
Seeing this log made me clear, that the connection to the mumble-server was via tcp and not udp as desired:

20:54:00.024533 IP 192.168.1.101.61431 > 78.34.189.57.64738: UDP, length 12
20:54:00.025220 IP 192.168.1.1.14086 > 192.168.1.100.64738: UDP, length 12
20:54:00.025333 IP 192.168.1.100.64738 > 192.168.1.1.14086: UDP, length 24
20:54:00.584746 IP 192.168.1.101.61431 > 78.34.189.57.64738: UDP, length 12
20:54:00.585804 IP 192.168.1.1.20186 > 192.168.1.100.64738: UDP, length 12
20:54:00.585913 IP 192.168.1.100.64738 > 192.168.1.1.20186: UDP, length 24
20:54:01.021034 IP 192.168.1.101.61431 > 78.34.189.57.64738: UDP, length 12
20:54:01.022000 IP 192.168.1.1.39980 > 192.168.1.100.64738: UDP, length 12
20:54:01.022162 IP 192.168.1.100.64738 > 192.168.1.1.39980: UDP, length 24

as soon as mumble recognized that a connection via udp is not possible, it switched over to a tcp-connection:

20:54:01.593230 IP 192.168.1.101.54168 > 78.34.189.57.64738: tcp 0
20:54:01.593465 IP 78.34.189.57.64738 > 192.168.1.101.54168: tcp 0
20:54:01.593860 IP 192.168.1.101.54168 > 78.34.189.57.64738: tcp 0
20:54:01.594865 IP 192.168.1.101.54168 > 78.34.189.57.64738: tcp 195
20:54:01.594986 IP 78.34.189.57.64738 > 192.168.1.101.54168: tcp 0
20:54:01.602166 IP 192.168.1.100.64738 > 192.168.1.1.5018: tcp 0
20:54:01.602269 IP 192.168.1.1.5018 > 192.168.1.100.64738: tcp 0
20:54:01.602577 IP 192.168.1.1.5018 > 192.168.1.100.64738: tcp 0
20:54:01.602730 IP 192.168.1.1.5018 > 192.168.1.100.64738: tcp 195
20:54:01.602823 IP 192.168.1.100.64738 > 192.168.1.1.5018: tcp 0
20:54:01.647940 IP 192.168.1.1.5018 > 192.168.1.100.64738: tcp 0
20:54:01.647616 IP 192.168.1.100.64738 > 192.168.1.1.5018: tcp 939
20:54:01.648097 IP 78.34.189.57.64738 > 192.168.1.101.54168: tcp 939
20:54:01.663068 IP 192.168.1.101.54168 > 78.34.189.57.64738: tcp 1403
20:54:01.663189 IP 78.34.189.57.64738 > 192.168.1.101.54168: tcp 0
20:54:01.663269 IP 192.168.1.1.5018 > 192.168.1.100.64738: tcp 1024
20:54:01.663335 IP 192.168.1.100.64738 > 192.168.1.1.5018: tcp 0
20:54:01.666646 IP 192.168.1.1.5018 > 192.168.1.100.64738: tcp 379
20:54:01.666729 IP 192.168.1.100.64738 > 192.168.1.1.5018: tcp 0
20:54:01.675499 IP 192.168.1.100.64738 > 192.168.1.1.5018: tcp 1119
20:54:01.675632 IP 192.168.1.1.5018 > 192.168.1.100.64738: tcp 0
20:54:01.675715 IP 78.34.189.57.64738 > 192.168.1.101.54168: tcp 1024
...

If I should do anything wrong with the handeling please tell me but I guess, that in the first log at line 2 the connection from pfSense to the server should not be assigned from 192.168.1.1 but from the wanIP…

Thanks for feedback.

greetz,
Plexus

Plexus

ok, looking around a bit in the forums I found the solution by myself…
http://forum.pfsense.org/index.php/topic,35244.0.html
...so I guess this will change with rising version-numbers.

greetz
plex