Subject: Re: ipnat broken
To: Brad Salai <>
From: Sigurbjörn Birkir Lárusson <>
List: current-users
Date: 11/07/1997 11:12:40
At 17:00 6/11/97 -0500, you wrote:
>At 7:15 AM -0600 11/6/97, Dave Huang wrote:
>>On Wed, 5 Nov 1997, Brad Salai wrote:
>>> sometime in the last week or so, ipnat has stopped working in the 1.3
>>> release branch.
>>> The last date that works for me is Oct 28. Has anyone else had any
>>> trouble with this?
>>Broken how? I'm running a Nov 1 ipnat, Nov 2 kernel, and it's working for
>>me. I'm using an i386...
>Broken as in everything seems to get set up as the rc files are executed,
>but other machines can't get through to the outside, which is a dial-up ppp
>This is on netbsd-sparc, and I only updated the kernel, not the userland,
>and therefore not ipnat.  Do you think I should rebuild ipnat with the
>newer kernel?

  I recently built ipnat 3.2 binaries which I'm using with a current kernel
on a i386 with very very similar problems, ipnat setup goes up okay but
access is not working.  However the newer kernel ipnat code seems to add
weird rules:
I'm adding a map that goes like map ppp0 ->
portmap tcp/udp 1000:65000
which is fairly standard but if you do a ipnat -l you can see that the
program actually added something
like ppp0 -> 40000:65000 which is to say the
least very odd behaviour.
If you want to see exactly what it was (I'm at work right now :))
Switching back to a october-ish
kernel using the same binaries fixes all the problems, so it seems to be
the fairly recently imported
ipnat 3.2 code that is causing the weirdness.
>Is there anything that ipnat logs that I could look at?
>Stephen B. Salai                            Phone (716) 325-5553
>Cumpston & Shaw                             Fax    (716) 262-3906
>Two State Street                            email
>Rochester, NY 14614