I was using pure NAT for NAT reflection/hairpinning in my pf.conf file on my firewall but following the recent update to 12.2-p6 from 12.2-p5, hairpin NAT stopped working. This was the configuration I was using until this morning:
To get hairpin NAT working again, I ended up needing to configure xinetd + nc to act as a helper proxy (much like pfSense).
I did see that pf.ko was updated in 12.2-p6 but from what I can find, the issue that was being addressed was for
Code:
rdr on $All_NAT_IF proto { tcp udp } from any to ($wan_if) port 443 -> <httpsrv>
To get hairpin NAT working again, I ended up needing to configure xinetd + nc to act as a helper proxy (much like pfSense).
I did see that pf.ko was updated in 12.2-p6 but from what I can find, the issue that was being addressed was for
net.pf.request_maxcount
. Is anyone else having issues?