Problems with NAT after updating from 1.6 kernel to 4.0

[Jesse Off]

I have been using IPNat for approximately 5 years unmodified. Updating
to new x86 hardware and the new 4.0 GENERIC kernel (but keeping mostly
the same userspace), my ipnat gateway now has a very annoying 3 second
delay added to the establishment of every outgoing TCP connection.

I've traced the 3 second delay with tcpdump and found the culprit: the
first packet on a newly established TCP connection is always dropped
(after the 3 way handshake). It is received okay on the first interface
but never transmitted to the second interface. 3 seconds seems to be
the retransmit timeout on my Windows PC on the firewalled side. After
that first packet drop and 3 second retransmit delay, the rest of the
TCP session is fine.

Anybody have any ideas? The 2 ethernet devices are sip0 and bge0 and
this is my ipnat.conf:

map sip0 from 192.168.0.0/16 ! to 192.168.0.0/16 -> 67.40.67.44/32 proxy
port ftp ftp/tcp
map sip0 from 192.168.0.0/16 ! to 192.168.0.0/16 -> 67.40.67.44/32
portmap tcp/udp 40000:60000
map sip0 from 192.168.0.0/16 ! to 192.168.0.0/16 -> 67.40.67.44/32

//Jesse Off

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-...@muc.de