Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPv4 NAT broken in 2.1-BETA1 (i386) built on Thu Apr 25 20:52:41 EDT 2013 ?

    Scheduled Pinned Locked Moved 2.1 Snapshot Feedback and Problems - RETIRED
    3 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      taunusstein.net
      last edited by

      Hello,

      after updating to build Thu Apr 25 20:52:41 EDT 2013 I got following stange bahaviour:

      inbound interface:

      [2.1-BETA1][root@kerberos.cf.cfvpn]/root(9): tcpdump -ni em1_vlan2 icmp and host 192.168.26.2
      tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
      listening on em1_vlan2, link-type EN10MB (Ethernet), capture size 96 bytes
      10:11:24.847826 IP 192.168.1.60 > 192.168.26.2: ICMP echo request, id 3594, seq 1, length 64
      10:11:25.847867 IP 192.168.1.60 > 192.168.26.2: ICMP echo request, id 3594, seq 2, length 64
      10:11:26.847783 IP 192.168.1.60 > 192.168.26.2: ICMP echo request, id 3594, seq 3, length 64
      ^C
      3 packets captured
      139 packets received by filter
      0 packets dropped by kernel

      outbound interface:

      [2.1-BETA1][root@kerberos.cf.cfvpn]/root(10): tcpdump -ni em1 icmp and host 192.168.26.2
      tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
      listening on em1, link-type EN10MB (Ethernet), capture size 96 bytes
      10:11:43.451374 IP 0.0.0.0 > 192.168.26.2: ICMP echo request, id 3596, seq 1, length 64
      10:11:44.450898 IP 0.0.0.0 > 192.168.26.2: ICMP echo request, id 3596, seq 2, length 64
      10:11:45.450814 IP 0.0.0.0 > 192.168.26.2: ICMP echo request, id 3596, seq 3, length 64
      10:13:49.094145 IP 0.0.0.0 > 192.168.26.2: ICMP echo request, id 3600, seq 1, length 64
      10:13:50.093642 IP 0.0.0.0 > 192.168.26.2: ICMP echo request, id 3600, seq 2, length 64
      ^C
      5 packets captured
      3931 packets received by filter
      0 packets dropped by kernel

      Matching rule should do something different:

      LAN  192.168.1.0/24 * * * LAN address * NO LAN_192_168_1 to LAN

      so I would expect 192.168.0.1 as src address on outbound interface.

      Maybe a problem while routing from vlan to native on same interface?
      Former pfSense versions from 2.1 did not had that behaviour.

      regards
      Christian

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Try a new snapshot (they just uploaded a few minutes ago)

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • T
          taunusstein.net
          last edited by

          Seems to be fixed.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.