Hello @joany !
Just dropping by as I missed this thread before.
Tasty firewall config you got here. Well done, I'm bookmarking this for future reference.
joany Freelancer is coded with DirectPlay (UDP 2300 to 2400)
I see you like challenges.
I tried alot of variants
But no joy
I also tried translating multiple ports without luck on NPF. But it was the few I required for RPC services (NFS), so I didn't mind adding 2-3 more rules and forget about it.
map $ext_if dynamic $freelancerpc port 2352 <- $ext_addrs port 2352
So I suppose you first tried with:
map $ext_if dynamic $freelancerpc port 2300-2400 <- $ext_addrs port 2300-2400
And it didn't work?
For it to work NPF should interpret port-from "-" port-to
not as a simple range (like "from/to to any") but on a per-port basis. So in other words, NPF should alternatively parse port-ops
depending on their use in the context of a static-rule or a map-seg. I think this depends on FreeBSD's libnv which NPF depends on.
This is a fantastic question for netbsd-users and tech-kern. Would you mind forwarding it to the mailing list?