NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

kern/52765: npf cannot do port forwarding on vlan interfaces

>Number:         52765
>Category:       kern
>Synopsis:       npf cannot do port forwarding on vlan interfaces
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Nov 26 23:55:00 +0000 2017
>Originator:     Jared McNeill
>Release:        8.0_BETA
>Organization:
>Environment:
NetBSD demi-fiend.invisible.ca 8.0_BETA NetBSD 8.0_BETA (ERLITE) #1: Sun Nov 26 14:33:47 AST 2017  jmcneill@persona.local:/Users/jmcneill/netbsd/src-8/sys/arch/evbmips/compile/obj/ERLITE evbmips
>Description:
Port forwarding rules do not work on vlan interfaces. christos and rmind says this is because vlan(4) does not implement pfil hooks.
>How-To-Repeat:
Create a vlan interface and use it as "ext_if" in an npf nat config. Try adding an inbound port forwarding rule:

map $ext_if dynamic 192.168.2.102 port 22 <- $ext_v4 port 22

Note that the port forwarding doesn't work.
>Fix:
Home | Main Index | Thread Index | Old Index