Hello everyone, in December I upgraded from 5.9 to 6.2 (including 6.0 and 6.1) and shortly after that few customers contacted me that they are getting nat type 3 on their xbox\playstation. When doing some investigation, I noticed that binat-to rules have static-port specified, but looking into states table, they were actually not mapped statically. Failing over to backup box still running 5.9 with identical ruleset, ports are actually mapped statically and online gaming on consoles works fine.
I tried to do some investigation, but am not aware of any change in pf syntax. So wondering if anyone would be able to confirm this behavior? this is in rules: pass out inet from 10.11.12.13 to any flags S/SA nat-to 5.6.7.8 static-port pass in inet from any to 5.6.7.8 flags S/SA rdr-to 10.11.12.13 and example of states: all udp 5.6.7.8:65350 (10.11.12.13:3074) -> 52.166.52.75:1986 MULTIPLE:MULTIPLE all tcp 5.6.7.8:63203 (10.11.12.13:38010) -> 31.13.91.33:443 ESTABLISHED:ESTABLISHED all tcp 5.6.7.8:59711 (10.11.12.13:42530) -> 74.125.133.188:5228 ESTABLISHED:ESTABLISHED Regards, Martin
