https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=269770
Bug ID: 269770
Summary: libalias udp redirect_port temporary translation
failure
Product: Base System
Version: 13.1-STABLE
Hardware: amd64
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: kern
Assignee: [email protected]
Reporter: [email protected]
I occasionally observe temporary failures on my public UDP ports.
The problem seems to be with libalias when used for UDP port_redirect:
ipfw nat 3 config log same_ports unreg_only ip <public-ip> \
redirect_port udp 192.168.xx.xx:5007 5006 \
redirect_port tcp 192.168.xx.xx:5007 5006
02420 0 0 count log proto ip4 src-port 64000-64010
02425 0 0 nat 3 proto ip4
02430 0 0 count log proto ip4 src-port 64000-64010
Then randomly
# nc -u4p 64000 <public-ip> 5006
# nc -u4p 64001 <public-ip> 5006
# nc -u4p 64002 <public-ip> 5006
Feb 23 03:51:45 <security.info> edge kernel: [75643] ipfw-oper: 2420 Count UDP
91.12.117.156:64000 <public-ip>:5006 in via tun3
Feb 23 03:51:45 <security.info> edge kernel: [75643] ipfw-oper: 2430 Count UDP
91.12.117.156:64000 192.168.xx.xx:5007 in via tun3
Feb 23 03:52:08 <security.info> edge kernel: [75666] ipfw-oper: 2420 Count UDP
91.12.117.156:64001 <public-ip>:5006 in via tun3
Feb 23 03:52:08 <security.info> edge kernel: [75666] ipfw-oper: 2430 Count UDP
91.12.117.156:64001 192.168.xx.xx:5007 in via tun3
Feb 23 03:52:29 <security.info> edge kernel: [75687] ipfw-oper: 2420 Count UDP
91.12.117.156:64001 <public-ip>:5006 in via tun3
Feb 23 03:52:29 <security.info> edge kernel: [75687] ipfw-oper: 2430 Count UDP
91.12.117.156:64001 192.168.xx.xx:5007 in via tun3
Feb 23 03:52:36 <security.info> edge kernel: [75694] ipfw-oper: 2420 Count UDP
91.12.117.156:64001 51.158.21.23:5006 in via tun3
Feb 23 03:52:36 <security.info> edge kernel: [75694] ipfw-oper: 2430 Count UDP
91.12.117.156:64001 192.168.98.18:5007 in via tun3
Feb 23 03:52:56 <security.info> edge kernel: [75714] ipfw-oper: 2420 Count UDP
91.12.117.156:64002 <public-ip>:5006 in via tun3
Feb 23 03:52:56 <security.info> edge kernel: [75714] ipfw-oper: 2430 Count UDP
91.12.117.156:64002 192.168.xx.xx:5007 in via tun3
Feb 23 03:53:06 <security.info> edge kernel: [75724] ipfw-oper: 2420 Count UDP
91.12.117.156:64000 <public-ip>:5006 in via tun3
Feb 23 03:53:06 <security.info> edge kernel: [75724] ipfw-oper: 2430 Count UDP
91.12.117.156:64000 <public-ip>:5006 in via tun3
Feb 23 03:53:06 <security.info> edge kernel: [75724] ipfw-oper: 2685 Unreach 13
UDP 91.12.117.156:64000 <public-ip>:5006 in via tun3
In the beginning 64000 and 64001 get through.
Now only using 64001 for some time, and then
starting to use 64002, suddenly 64000 is no longer
translated. (Not always happens in that exact sequence.)
# ipfw nat show log
nat 2: icmp=32, udp=1, tcp=40, sctp=0, pptp=0, proto=0, frag_id=0 frag_ptr=0 /
tot=73
nat 3: icmp=0, udp=2, tcp=72, sctp=0, pptp=0, proto=0, frag_id=0 frag_ptr=0 /
tot=74
These udp= counters are changing meanwhile, but I don't get a clue
from it, and didn't find a way to log details.
Platform 13.2-BETA2 (but the problem is older)
--
You are receiving this mail because:
You are the assignee for the bug.
