The lack of a quick keyword on that line makes me wonder if you have a later rule that is matching.
Michael On Mon, Jan 22, 2018 at 5:34 PM Martin Hlavatý <mar...@hlavaty.eu> wrote: > Interesting. I did a few tests now, and here are results. > > This doesn't map ports statically on 6.2 but does on 5.9: > pass out from 10.11.12.13 to any nat-to 1.2.3.4 static-port > > This works fine: > pass out quick from 10.11.12.13 to any nat-to 1.2.3.4 static-port > > This works fine too: > match out from 10.11.12.13 to any nat-to 1.2.3.4 static-port > > Martin > > > On Mon, Jan 22, 2018 at 8:23 PM, Michael Price <mich...@ectospheno.com> > wrote: > > It appears to be working on two boxes I checked using a match out rule. > I’m > > not using a binat-to line. > > > > Michael > > > > On Mon, Jan 22, 2018 at 10:49 AM Martin Hlavatý <mar...@hlavaty.eu> > wrote: > >> > >> Hello everyone, > >> in December I upgraded from 5.9 to 6.2 (including 6.0 and > >> 6.1) and shortly after that few customers contacted me > >> that they are getting nat type 3 on their xbox\playstation. > >> When doing some investigation, I noticed that binat-to > >> rules have static-port specified, but looking into states > >> table, they were actually not mapped statically. Failing > >> over to backup box still running 5.9 with identical ruleset, > >> ports are actually mapped statically and online gaming > >> on consoles works fine. > >> > >> I tried to do some investigation, but am not aware of any > >> change in pf syntax. So wondering if anyone would be > >> able to confirm this behavior? > >> > >> this is in rules: > >> > >> pass out inet from 10.11.12.13 to any flags S/SA nat-to 5.6.7.8 > >> static-port > >> pass in inet from any to 5.6.7.8 flags S/SA rdr-to 10.11.12.13 > >> > >> and example of states: > >> > >> all udp 5.6.7.8:65350 (10.11.12.13:3074) -> 52.166.52.75:1986 > >> MULTIPLE:MULTIPLE > >> all tcp 5.6.7.8:63203 (10.11.12.13:38010) -> 31.13.91.33:443 > >> ESTABLISHED:ESTABLISHED > >> all tcp 5.6.7.8:59711 (10.11.12.13:42530) -> 74.125.133.188:5228 > >> ESTABLISHED:ESTABLISHED > >> > >> > >> > >> Regards, > >> Martin > >> > > >
