Hi!

I'm facing a strange bug with an average ipnat setup (about 40 machines
behind the NAT): from any machine behind the NAT, I can launch a FTP
session, I can do list directories or download (all in passive mode),
but when I try to create a directory, the connection is closed.

By sniffing packets before and after the NAT, it seems to me that the
port used for mapping the connection changes when I create the
directory.

Here are the packet dumps by snort. 
192.168.3.41 is the client address
y.y.y.y is the external address of the NAT
x.x.x.x is the server address.

Dump before the NAT (actually on the NAT internal interface)
http://hcpnet.free.fr/client

Dump after the NAT (actually on the server)
http://hcpnet.free.fr/server

Looking at both dumps, it seems to me that the problem appears between
the third and the second packet, starting at the end: the port number on
the external address of the NAT changes, whereas it's obviously the same
connection.

Anyone has a clue about what is going on? This is an annoying problem,
and I can reproduce it at will on NetBSD-current/i386. I'm not sure this
is a bug or a configuration error, this is why I did not filled a PR
yet.

-- 
Emmanuel Dreyfus
manu@netbsd.org