netbsd-bugs: bin/29339: ipf 4.1.5's ipnat(8) doesn't properly list some NAT rules

Subject: bin/29339: ipf 4.1.5's ipnat(8) doesn't properly list some NAT rules
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org>
From: None <gcw@primenet.com.au>
List: netbsd-bugs
Date: 02/12/2005 06:08:00

>Number:         29339
>Category:       bin
>Synopsis:       ipnat(8) in ipf 4.1.5 doesn't properly list some types of NAT rules
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Feb 12 06:08:00 +0000 2005
>Originator:     Geoff C. Wing
>Release:        NetBSD 2.99.15 (2005-02-10)
>Organization:
>Environment:
System: NetBSD g.primenet.com.au 2.99.15 NetBSD 2.99.15 (G) #0: Fri Feb 11 14:38:05 EST 2005 gcw@g.primenet.com.au:/usr/netbsd/src/sys/arch/i386/compile/G i386
Architecture: i386
Machine: i386
>Description:
	Certain NAT rules aren't listed by ipnat(8) properly though they
	function correctly.

	e.g. the following two rules allow an MSWindows L2TP connection past
	my NAT'ing NetBSD box:
	    map pppoe0 192.168.1.0/24 -> 0.0.0.0/32 proxy port isakmp ipsec/udp
	    map pppoe0 from 192.168.1.0/24 port = 4500 to any -> 0.0.0.0/32
	but "ipnat -l" says
	    map pppoe0 192.168.1.0/24 -> 0.0.0.0/32 proxy port isakmp ipsec/udp
	    map pppoe0 from 192.168.1.0/24 to any -> 0.0.0.0/32

	Note the "port = 4500" part is missing.

>How-To-Repeat:
	See up.
>Fix:
	? (haven't looked)