The patches below are available in CVS via the
OPENBSD_4_3
patch branch.
For more detailed information on how to install patches to OpenBSD, please consult the OpenBSD FAQ.
Restricting translation rules to protocols that are specific to the IP version in use, is an effective workaround until the patch can be installed. As an example, for IPv4 nat/binat/rdr rules you can use:
nat/rdr ... inet proto { tcp udp icmp } ...Or for IPv6 nat/binat/rdr rules you can use:
nat/rdr ... inet6 proto { tcp udp icmp6 } ...A source code patch exists which remedies this problem.