netbsd-bugs: Re: kern/25971 (ipfilter syntax for allowing NAT'd packets no longer works in ipf4)

Subject: Re: kern/25971 (ipfilter syntax for allowing NAT'd packets no longer works in ipf4)
To: None <ipf-bug-people@NetBSD.org, netbsd-bugs@netbsd.org,>
From: Pavel Cahyna <pavel@netbsd.org>
List: netbsd-bugs
Date: 09/23/2006 11:32:21

I can't repeat this.

/etc/ipf.conf :

pass in log quick on ex0 proto tcp from any to 127.0.0.1 port = telnet
block in log quick on ex0 proto tcp from any to any port = telnet

/etc/ipnat.conf :

rdr ex0 10.21.83.52/32 port telnet -> 127.0.0.1 port telnet tcp

When I do "telnet 10.21.83.52" from outside, ipf lets the connection pass.

Also, ipmon logs the NATed address, not the original one. 

Is this still an issue in your setup?