Strange NAT-behaviour on pF v2.0.1

_igor_

I set up a port forwarding to a LAN-host, which worked fine for a while. But then i had to restart my router and my forwarding didnt work any more. After a while investigating i disabled the "use associated filter rule" and put the thing to "pass" and my port-forwarding worked again as expected.

I tested with nat-reflection off, on, system-default, but no change…

rules.debug:

setting to "pass"

# NAT Inbound Redirects
rdr pass on pppoe0 proto { tcp udp } from any to xxx.xxx.xxx.xxx port yyyy -> $host

setting to "use associated rule"

# NAT Inbound Redirects
rdr on pppoe0 proto { tcp udp } from any to xxx.xxx.xxx.xxx port yyyy -> $host
# User-defined rules follow

anchor "userrules/*"
pass   in  quick  on $WAN reply-to ( pppoe0 zzz.zzz.zzz.zzz )  proto { tcp udp }  from any to   $host port yyyy  label "USER_RULE: NAT host"

I set up the same thing again with an associated rule and it worked again for a while, restarted my router and it ceased to work again. Had to set the NAT-rule back to "pass"

Difference at the NAT inbound redirects is the rdr pass on –> rdr on

What is happening here?????

By the way, a second NAT-entry never worked with "associated rule", only with "pass"...