4. Strange NAT-behaviour on pF v2.0.1

Strange NAT-behaviour on pF v2.0.1

  • _

    I set up a port forwarding to a LAN-host, which worked fine for a while. But then i had to restart my router and my forwarding didnt work any more. After a while investigating i disabled the "use associated filter rule" and put the thing to "pass" and my port-forwarding worked again as expected.

    I tested with nat-reflection off, on, system-default, but no change…

    rules.debug:

    setting to "pass"

    # NAT Inbound Redirects
rdr pass on pppoe0 proto { tcp udp } from any to xxx.xxx.xxx.xxx port yyyy -> $host

    setting to "use associated rule"

    # NAT Inbound Redirects
rdr on pppoe0 proto { tcp udp } from any to xxx.xxx.xxx.xxx port yyyy -> $host
# User-defined rules follow

anchor "userrules/*"
pass   in  quick  on $WAN reply-to ( pppoe0 zzz.zzz.zzz.zzz )  proto { tcp udp }  from any to   $host port yyyy  label "USER_RULE: NAT host"

    I set up the same thing again with an associated rule and it worked again for a while, restarted my router and it ceased to work again. Had to set the NAT-rule back to "pass"

    Difference at the NAT inbound redirects is the rdr pass on –> rdr on

    What is happening here?????

    By the way, a second NAT-entry never worked with "associated rule", only with "pass"...

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy