I've set up an openvpn gateway at home that I can access from home. however there are some problems with a a specific connection. I've tried debugging this with tcpdump but I cannot know what happens within the pf process. Here is the problem:
The following demonstrates how destination port goes from 64204 to 9000, also notice what happens when I reinstate the pf ruleset. If I reset and start the connection again, it goes back to changing the destination port.
The following is a tcpdump after the NAT:
[cmd=]bash# sh /etc/rc.d/pf restart[/cmd]
This is a tcpdump done on the device before the NAT:
pf.conf:
The following demonstrates how destination port goes from 64204 to 9000, also notice what happens when I reinstate the pf ruleset. If I reset and start the connection again, it goes back to changing the destination port.
The following is a tcpdump after the NAT:
Code:
7:06:41.000640 IP (tos 0x0, ttl 112, id 4302, offset 0, flags [none], proto UDP (17), length 52)
74.201.102.232.9000 > 192.168.1.11.9000: UDP, length 24
07:06:43.062883 IP (tos 0x0, ttl 112, id 7579, offset 0, flags [none], proto UDP (17), length 52)
74.201.102.232.9000 > 192.168.1.11.9000: UDP, length 24
07:06:45.078621 IP (tos 0x0, ttl 112, id 9871, offset 0, flags [none], proto UDP (17), length 52)
74.201.102.232.9000 > 192.168.1.11.9000: UDP, length 24
07:06:47.078570 IP (tos 0x0, ttl 112, id 11407, offset 0, flags [none], proto UDP (17), length 52)
74.201.102.232.9000 > 192.168.1.11.9000: UDP, length 24
07:06:49.078712 IP (tos 0x0, ttl 112, id 19806, offset 0, flags [none], proto UDP (17), length 52)
74.201.102.232.9000 > 192.168.1.11.9000: UDP, length 24
[cmd=]bash# sh /etc/rc.d/pf restart[/cmd]
Code:
07:06:51.125601 IP (tos 0x0, ttl 112, id 22280, offset 0, flags [none], proto UDP (17), length 52)
74.201.102.232.9000 > 192.168.1.11.64204: UDP, length 24
07:06:53.141239 IP (tos 0x0, ttl 112, id 25265, offset 0, flags [none], proto UDP (17), length 52)
74.201.102.232.9000 > 192.168.1.11.64204: UDP, length 24
07:06:54.547700 IP (tos 0x0, ttl 112, id 26308, offset 0, flags [none], proto UDP (17), length 56)
74.201.102.232.9000 > 192.168.1.11.64204: UDP, length 28
This is a tcpdump done on the device before the NAT:
Code:
07:06:41.000622 IP (tos 0x0, ttl 113, id 4302, offset 0, flags [none], proto UDP (17), length 52)
74.201.102.232.9000 > 192.168.0.10.64204: UDP, length 24
07:06:43.062865 IP (tos 0x0, ttl 113, id 7579, offset 0, flags [none], proto UDP (17), length 52)
74.201.102.232.9000 > 192.168.0.10.64204: UDP, length 24
07:06:45.078602 IP (tos 0x0, ttl 113, id 9871, offset 0, flags [none], proto UDP (17), length 52)
74.201.102.232.9000 > 192.168.0.10.64204: UDP, length 24
07:06:47.078551 IP (tos 0x0, ttl 113, id 11407, offset 0, flags [none], proto UDP (17), length 52)
74.201.102.232.9000 > 192.168.0.10.64204: UDP, length 24
07:06:49.078693 IP (tos 0x0, ttl 113, id 19806, offset 0, flags [none], proto UDP (17), length 52)
74.201.102.232.9000 > 192.168.0.10.64204: UDP, length 24
07:06:51.125578 IP (tos 0x0, ttl 113, id 22280, offset 0, flags [none], proto UDP (17), length 52)
74.201.102.232.9000 > 192.168.0.10.64204: UDP, length 24
07:06:53.141162 IP (tos 0x0, ttl 113, id 25265, offset 0, flags [none], proto UDP (17), length 52)
74.201.102.232.9000 > 192.168.0.10.64204: UDP, length 24
07:06:54.547681 IP (tos 0x0, ttl 113, id 26308, offset 0, flags [none], proto UDP (17), length 56)
pf.conf:
Code:
scrub in all
nat on nfe0 from 192.168.1.0/24 to any -> (nfe0) round-robin sticky-address
binat on nfe0 from 74.201.102.232 to 192.168.0.10 -> 192.168.1.11