Bug 70904 - [ipfilter] ipfilter ipnat problem with h323 proxy support
Summary: [ipfilter] ipfilter ipnat problem with h323 proxy support
Status: Closed Overcome By Events
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 5.2.1-RELEASE
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs (Nobody)
Depends on:
Reported: 2004-08-24 17:00 UTC by Kolya Karpov
Modified: 2020-10-28 19:24 UTC (History)
2 users (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Kolya Karpov 2004-08-24 17:00:39 UTC
Try to use h323 proxy in IPFILTER, but when parsing ipnat config file i
110 entries flushed from NAT table
7 entries flushed from NAT list
1:ioctl(SIOCADNAT): No such file or directory

Here is ipnat conf file:

map rl0 0/0 -> 0/32 proxy port 1720 h323/tcp
map rl0 0/0 -> 0/32 proxy port ftp ftp/tcp
map rl0 ->
map rl0 ->

rdr rl0 port 3306 -> port 3306 tcp rdr rl0 port 874 -> port 873 tcp

rdr rl0 port 873 -> port 873 tcp rdr rl0 port 873 -> port 873 tcp

FTP proxy works, but h323 - now.
Kernel is compiled with options


tried to add BRIDGE support and others rhings like DUMMYNET - result is
the same.

Tried all systems till 6.0-CURRENT - bug remains.


I'm not so good in programming to patch this ;(
Install base system, compile kernel with IPFILTER support, or load
IPFilter module, enable h323 proxy and get an error.
Comment 1 Tilman Keskinoz freebsd_committer 2004-08-26 23:08:33 UTC
Responsible Changed
From-To: freebsd-i386->darrenr

Over to ipfilter maintainer
Comment 2 Cy Schubert freebsd_committer 2013-07-03 06:10:54 UTC
Responsible Changed
From-To: freebsd-net->cy

Comment 3 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 08:01:14 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped
Comment 4 Cy Schubert freebsd_committer 2020-10-28 19:24:05 UTC
I converted Darren's CVS repo into a git repo quite some time ago. Looking at the history, h323 was deleted by this commit:

commit a6f32dacc2d5c14b5e17d4792c58719449d34456
Author: darren_r <>
Date:   Thu Oct 20 22:16:06 2011 +0000

    3426558 resistence is futile

M       ipfilter/IPFILTER.LICENCE
D       ipfilter/QNX_OCL.txt
D       ipfilter/ip_h323_pxy.c
M       ipfilter/ip_proxy.c

I can get the CVS rev number if needed.