286122 – ipfw in-kernel nat log not working as expected

Bug 286122 - ipfw in-kernel nat log not working as expected

Summary: ipfw in-kernel nat log not working as expected

Status:	New

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	kern (show other bugs)
Version:	14.2-RELEASE
Hardware:	Any Any

Importance:	--- Affects Some People
Assignee:	freebsd-ipfw (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2025-04-15 19:20 UTC by Darren Henderson
Modified:	2025-04-19 04:48 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Darren Henderson 2025-04-15 19:20:42 UTC

Using ipfw with in-kernel nat gives unexpected results when trying to look at the nat log.

Invoke nat - "ipfw nat 1 config log if igc0 same_ports unreg_only". We will also do a second one "ipfw nat2 config log if igc1"

We let things run for a while and then try to look at the log - "ipfw nat 1 show log" we get:

ipfw: unknown redir mode
ipfw nat 1 config if igc0 log same_ports unreg_only

Now if we try "ipfw nat show log" we get the expected results.

nat 1: icmp=2, udp=16, tcp=260, sctp=0, pptp=0, proto=1, frag_id=0 frag_ptr=0 / tot=279

Now "ipfw nat show config", "ipfw nat 1 show config" and "ipfw nat 2 show config" all work as expected, without specifying which nat it shows the config for both. If you specify 1 or 2 it shows the correct config.

I would expect "ipfw nat show log", "ipfw nat 1 show log" and "ipfw nat 2 show log" to work in the same fashion. Without the specific nat specified show stats for all instances or show the result for the indicated instance.

Hardly an earth shattering issue but it would be nice if it were consistent.