Subject: kern/11133: 1.5E NAT freezing
To: None <>
From: None <>
List: netbsd-bugs
Date: 10/04/2000 13:57:10
>Number:         11133
>Category:       kern
>Synopsis:       Clients are able to freeze systems running IPNAT
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Oct 04 13:57:00 PDT 2000
>Originator:     Jared D. McNeill
>Release:        Appx. Aug. 7, 2000
System: NetBSD 1.5E NetBSD 1.5E (BLACKHOLE) #0: Sun Aug 27 05:12:33 ADT 2000 jmcneill@sun:/usr/src/sys/arch/i386/compile/BLACKHOLE i386

It's possible to completely lock a system running ipnat and ftp proxying on
NetBSD 1.5E.
Using CuteFTP 4.2 beta on the Windows box, I FTP'd through the NAT to a
Windows box down the road, IP address When I
connect to it from the NAT itself, I get the following response:

blackhole:~$ ftp
Connected to
220-Wolfpac Industries FTP service
    WarFTPd 1.70.b01.04 (Aug 18 1998) Ready
    (C)opyright 1996 - 1998 by Jarle (jgaa) Aase - all rights reserved.
220 Please enter your user name.
Name ( 

However, whenever I connect to it through the NAT with CuteFTP, the NAT
locks. I haven't tested with any other clients; I don't enjoy pressing the
reset button every few minutes.

IP Filter: v3.4.9 initialized.  Default = pass all, Logging = enabled

map ep0 -> proxy port ftp ftp/tcp
map ep0 -> portmap tcp/udp 30000:60000
map ep0 ->