IPv4 NAT broken in 2.1-BETA1 (i386) built on Thu Apr 25 20:52:41 EDT 2013 ?
-
Hello,
after updating to build Thu Apr 25 20:52:41 EDT 2013 I got following stange bahaviour:
inbound interface:
[2.1-BETA1][root@kerberos.cf.cfvpn]/root(9): tcpdump -ni em1_vlan2 icmp and host 192.168.26.2
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em1_vlan2, link-type EN10MB (Ethernet), capture size 96 bytes
10:11:24.847826 IP 192.168.1.60 > 192.168.26.2: ICMP echo request, id 3594, seq 1, length 64
10:11:25.847867 IP 192.168.1.60 > 192.168.26.2: ICMP echo request, id 3594, seq 2, length 64
10:11:26.847783 IP 192.168.1.60 > 192.168.26.2: ICMP echo request, id 3594, seq 3, length 64
^C
3 packets captured
139 packets received by filter
0 packets dropped by kerneloutbound interface:
[2.1-BETA1][root@kerberos.cf.cfvpn]/root(10): tcpdump -ni em1 icmp and host 192.168.26.2
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em1, link-type EN10MB (Ethernet), capture size 96 bytes
10:11:43.451374 IP 0.0.0.0 > 192.168.26.2: ICMP echo request, id 3596, seq 1, length 64
10:11:44.450898 IP 0.0.0.0 > 192.168.26.2: ICMP echo request, id 3596, seq 2, length 64
10:11:45.450814 IP 0.0.0.0 > 192.168.26.2: ICMP echo request, id 3596, seq 3, length 64
10:13:49.094145 IP 0.0.0.0 > 192.168.26.2: ICMP echo request, id 3600, seq 1, length 64
10:13:50.093642 IP 0.0.0.0 > 192.168.26.2: ICMP echo request, id 3600, seq 2, length 64
^C
5 packets captured
3931 packets received by filter
0 packets dropped by kernelMatching rule should do something different:
LAN 192.168.1.0/24 * * * LAN address * NO LAN_192_168_1 to LAN
so I would expect 192.168.0.1 as src address on outbound interface.
Maybe a problem while routing from vlan to native on same interface?
Former pfSense versions from 2.1 did not had that behaviour.regards
Christian -
Try a new snapshot (they just uploaded a few minutes ago)
-
Seems to be fixed.
