Problem with ipnat on 8.0 RC1

pimin inwa Mon, 11 Jun 2018 22:25:27 -0700

Running:
NetBSD mail.wan.vpn 8.99.18 NetBSD 8.99.18 (GEMINI) #0: Sun May 27 09:56:42
PDT 2018  [email protected]:/usr/src/BUILD_OBJ/sys/arch/i386/compile/GEMINI
i386


The GEMINI conf is different from GENERIC as follows:
1c1
< # $NetBSD: GENERIC,v 1.1180 2018/06/07 13:36:29 thorpej Exp $
---
> # $NetBSD: GENERIC,v 1.1178 2018/05/15 01:53:27 thorpej Exp $
25c25
< #ident                "GENERIC-$Revision: 1.1180 $"
---
> #ident                "GENERIC-$Revision: 1.1178 $"
27c27
< maxusers      64              # estimated number of users
---
> maxusers      128             # estimated number of users
32,33c32,33
< makeoptions   SPECTRE_V2_GCC_MITIGATION=1     # GCC Spectre variant 2
<                                               # migitation
---
> #makeoptions  SPECTRE_V2_GCC_MITIGATION=1     # GCC Spectre variant 2
> #                                             # migitation
80c80
< options       RTC_OFFSET=0    # hardware clock is this many mins. west of
GMT
---
> options       RTC_OFFSET=480  # hardware clock is this many mins. west of
GMT
114c114
< #options      DEBUG           # expensive debugging checks/support
---
> options       DEBUG           # expensive debugging checks/support
122c122
< #makeoptions  DEBUG="-g"      # compile full symbol table
---
> makeoptions   DEBUG="-g"      # compile full symbol table
185c185,187
< #options      GATEWAY         # packet forwarding
---
> options       GATEWAY         # packet forwarding
> options       IPFORWARDING=1  # grasping at straws with NAY problems
> options       MBUFTRACE
189c191
< #options      IPSEC_DEBUG     # debug for IP security
---
> options       IPSEC_DEBUG     # debug for IP security
194,196c196,198
< #options      CAN             # Controller Area Network protocol
< #options      PPP_BSDCOMP     # BSD-Compress compression support for PPP
< #options      PPP_DEFLATE     # Deflate compression support for PPP
---
> options       CAN             # Controller Area Network protocol
> options       PPP_BSDCOMP     # BSD-Compress compression support for PPP
> options       PPP_DEFLATE     # Deflate compression support for PPP
204c206
< #options      ALTQ            # Manipulate network interfaces' output
queues
---
> options       ALTQ            # Manipulate network interfaces' output
queues

The ipnat and ipf conf files used to work under NetBSD 6.??

This rule:

map re1 172.16.89.50/32   -> 50.251.213.138/32

 should map the system at .50 straight thru the NAT machine ... no??
Some connections go thru but, others timeout.  I can get to those timed out
systems from the NAT'ng system.

tcpdump in the interior NIC shows the the packets arriving but, nothing on
the outboud NIC.

Am I missing something between 6.?? and 8.0 ?

Hints appreciated.

TIA,
Paul N.
-- 
<intentionally left blank>

Problem with ipnat on 8.0 RC1

Reply via email to