Re: L2 broadcast and NAT state

On Friday, Mar 28, 2003, at 02:09 US/Pacific, Daniel Hartmeier wrote:

The frame arrives at $ext_if, and enters if_ethersubr.c ether_input().

Since the destination mac address is ff:ff:ff:ff:ff:ff, the mbuf gets an
M_BCAST flag attached. Due to this flag, the destination mac address is
not compared to the local interfaces' mac addresses, but passed on
anyway. The mbuf gets passed to ipv4_input(), which calls pf_test() and
then ip_forward().

And this is where your packet gets dropped, due to the M_BCAST flag:

You should see the counter increase in netstat -p ip output:

Yep, this is it. Thanks for tracking this down.

If you're running a recent snapshot, you could try a patch, as soon as I
got one.

I'll be glad to.