Bug 286122

Summary: ipfw in-kernel nat log not working as expected
Product: Base System Reporter: Darren Henderson <darren.henderson>
Component: kernAssignee: freebsd-ipfw (Nobody) <ipfw>
Status: New ---    
Severity: Affects Some People CC: agh
Priority: ---    
Version: 14.2-RELEASE   
Hardware: Any   
OS: Any   

Description Darren Henderson 2025-04-15 19:20:42 UTC 
Using ipfw with in-kernel nat gives unexpected results when trying to look at the nat log.

Invoke nat - "ipfw nat 1 config log if igc0 same_ports unreg_only". We will also do a second one "ipfw nat2 config log if igc1"

We let things run for a while and then try to look at the log - "ipfw nat 1 show log" we get:

ipfw: unknown redir mode
ipfw nat 1 config if igc0 log same_ports unreg_only

Now if we try "ipfw nat show log" we get the expected results.

nat 1: icmp=2, udp=16, tcp=260, sctp=0, pptp=0, proto=1, frag_id=0 frag_ptr=0 / tot=279

Now "ipfw nat show config", "ipfw nat 1 show config" and "ipfw nat 2 show config" all work as expected, without specifying which nat it shows the config for both. If you specify 1 or 2 it shows the correct config.

I would expect "ipfw nat show log", "ipfw nat 1 show log" and "ipfw nat 2 show log" to work in the same fashion. Without the specific nat specified show stats for all instances or show the result for the indicated instance.

Hardly an earth shattering issue but it would be nice if it were consistent.