12.0 + pf NAT = sadness

Eric A. Borisch

Well-Known Member

Reaction score: 219
Messages: 365

Just looking for a sanity check: is anyone running 12.0 with pf providing NAT successfully?

My little router box has been working like a champ, but upon upgrade to 12.0, the PF NAT layer does pass any traffic. No change to the pf.conf in the process.

Thank goodness for boot environments!
 

Nicola Mingotti

Well-Known Member

Reaction score: 129
Messages: 344

Just looking for a sanity check: is anyone running 12.0 with pf providing NAT successfully?

My little router box has been working like a champ, but upon upgrade to 12.0, the PF NAT layer does pass any traffic. No change to the pf.conf in the process.

Thank goodness for boot environments!

hello Eric A. Borisch, i installed two BBB Wifi AP working as NAT pf, in Italy, a few days ago. It is working. I found the dchpd conf,is lightly changed in 12 ... i may check tomorrow, now on cell phone.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 6,945
Messages: 28,894

Just looking for a sanity check: is anyone running 12.0 with pf providing NAT successfully?
Code:
root@maelcum:~ # uname -a
FreeBSD maelcum.dicelan.home 12.0-STABLE FreeBSD 12.0-STABLE r342912 GENERIC  amd64
root@maelcum:~ # pfctl -sn
nat pass on em0 inet from 192.168.10.0/24 to any -> (em0) round-robin
nat pass on em0 inet from 10.0.1.0/24 to any -> (em0) round-robin
rdr pass on em0 inet proto udp from any to any port = 27016 -> 192.168.10.96 port 27016
rdr pass on em0 inet proto tcp from any to any port = 27016 -> 192.168.10.96 port 27016
rdr on em0 inet proto tcp from 185.10.51.26 to (em0) port = 9200 -> 192.168.10.197 port 9200
rdr pass on em0 inet proto tcp from 185.10.51.26 to any port = 10051 -> 192.168.10.200 port 10051
rdr-anchor "miniupnpd" all
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 6,945
Messages: 28,894

I've been tracking 12-STABLE since it got branched off, I did have a period with some odd random panics but this seems to have been resolved since my last update. I never had any issues with NAT not working or not passing traffic though.
 
OP
OP
Eric A. Borisch

Eric A. Borisch

Well-Known Member

Reaction score: 219
Messages: 365

I have other 12.0 machines that are doing great, but none are providing NAT... back to poking at this, then. I do have interfaces that are getting renamed before PF starts, but other than that it's not too exotic.
 

nslay

Active Member

Reaction score: 14
Messages: 105

I got a PF NAT also working in 12.0 over bridged LAN/WLAN. The only hiccup I had updating FreeBSD 11 --> 12 was the DHCP issue I posted. But that's somehow caused by mysterious 802.11n problems and turning off 802.11n fixed it (though Windows Wi-Fi machines could still work?). Only Adrian Chadd could understand how that's happening!
 

roccobaroccoSC

Member

Reaction score: 5
Messages: 40

Just looking for a sanity check: is anyone running 12.0 with pf providing NAT successfully?

My little router box has been working like a champ, but upon upgrade to 12.0, the PF NAT layer does pass any traffic. No change to the pf.conf in the process.

Thank goodness for boot environments!
Check if all kernel modules are loaded. Sometimes after upgrade config files get messed up, for example I used graphics/drm-next-kmod for my graphics card and after the upgrade it became graphics/drm-fbsd12.0-kmod. Naturally, I had to uninstall the old port and install the new one.
 
Top