NetBSD Problem Report #50676
From www@NetBSD.org Mon Jan 18 11:43:34 2016
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.NetBSD.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
by mollari.NetBSD.org (Postfix) with ESMTPS id C3CFD7ABC0
for <gnats-bugs@gnats.NetBSD.org>; Mon, 18 Jan 2016 11:43:33 +0000 (UTC)
Message-Id: <20160118114332.CAFB07ACC7@mollari.NetBSD.org>
Date: Mon, 18 Jan 2016 11:43:32 +0000 (UTC)
From: gergely@egervary.hu
Reply-To: gergely@egervary.hu
To: gnats-bugs@NetBSD.org
Subject: icmp traceroute does not work on NetBSD 7 / IPFilter 5.1
X-Send-Pr-Version: www-1.0
>Number: 50676
>Category: kern
>Synopsis: icmp traceroute does not work on NetBSD 7 / IPFilter 5.1
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon Jan 18 11:45:00 +0000 2016
>Closed-Date: Fri Feb 09 20:20:04 +0000 2018
>Last-Modified: Fri Feb 09 20:20:04 +0000 2018
>Originator: Gergely EGERVARY
>Release: 7.0_STABLE
>Organization:
>Environment:
NetBSD galileo.poli.hu 7.0_STABLE NetBSD 7.0_STABLE (GALILEO) #0: Mon Jan 18 09:58:13 CET 2016 root@galileo.poli.hu:/usr/src/sys/arch/amd64/compile/GALILEO amd64
>Description:
ICMP-based traceroute (MTR, Windows tracert, etc.) does not work behind NAT on NetBSD-7
Traceroute only shows the first and the last hop.
- No ipf rules (pass all)
- Only one ipnat rule (NAT)
map wm0 172.28.0.0/16 -> 193.225.174.20/32
Traceroute output:
Tracing route to index.hu [217.20.130.99]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms 172.28.0.20
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
9 3 ms 2 ms 3 ms index.hu [217.20.130.99]
Trace complete.
>How-To-Repeat:
traceroute via ICMP
>Fix:
>Release-Note:
>Audit-Trail:
From: =?UTF-8?Q?Egerv=c3=a1ry_Gergely?= <gergely@egervary.hu>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: kern/50676: icmp traceroute does not work on NetBSD 7 / IPFilter
5.1
Date: Fri, 30 Sep 2016 17:52:57 +0200
Revision 1.16 of ip_nat.c fixes this problem.
You can close this ticket.
Please pull up this revision into netbsd-7-0 branch too.
Thank you.
Gergely EGERVARY
> Traceroute output:
> Tracing route to index.hu [217.20.130.99]
> over a maximum of 30 hops:
>
> 1 <1 ms <1 ms <1 ms 172.28.0.20
> 2 * * * Request timed out.
> 3 * * * Request timed out.
> 4 * * * Request timed out.
> 5 * * * Request timed out.
> 6 * * * Request timed out.
> 7 * * * Request timed out.
> 8 * * * Request timed out.
> 9 3 ms 2 ms 3 ms index.hu [217.20.130.99]
State-Changed-From-To: open->closed
State-Changed-By: maxv@NetBSD.org
State-Changed-When: Fri, 09 Feb 2018 20:20:04 +0000
State-Changed-Why:
Fixed and pulled up.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.43 2018/01/16 07:36:43 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
Home