From a255df2488f35298826651cdf47b5144bf4b8709 Mon Sep 17 00:00:00 2001
From: Thomas Bernard <miniupnp@free.fr>
Date: Wed, 18 May 2022 08:16:54 +0200
Subject: [PATCH] Dont create nat rule for Port Triggering, but a pass rule

should fix #529
---
 miniupnpd/pf/obsdrdr.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/miniupnpd/pf/obsdrdr.c b/miniupnpd/pf/obsdrdr.c
index b3fe0ab..530d432 100644
--- a/miniupnpd/pf/obsdrdr.c
+++ b/miniupnpd/pf/obsdrdr.c
@@ -350,7 +350,12 @@ int add_nat_rule(const char * ifname,
 		pcr.rule.src.addr.type = PF_ADDR_ADDRMASK;
 		pcr.rule.dst.addr.type = PF_ADDR_ADDRMASK;
 
+#ifndef PF_NEWSTYLE
 		pcr.rule.action = PF_NAT;
+#else
+		pcr.rule.action = PF_PASS;	/* or PF_MATCH as we dont expect outbound packets to be blocked */
+		pcr.rule.direction = PF_OUT;
+#endif
 		pcr.rule.af = AF_INET;
 #ifdef USE_IFNAME_IN_RULES
 		if(ifname)
@@ -465,7 +470,12 @@ delete_nat_rule(const char * ifname, unsigned short iport, int proto, in_addr_t
 	}
 	memset(&pr, 0, sizeof(pr));
 	strlcpy(pr.anchor, anchor_name, MAXPATHLEN);
+#ifndef PF_NEWSTYLE
 	pr.rule.action = PF_NAT;
+#else
+	pr.rule.action = PF_PASS;	/* or PF_MATCH as we dont expect outbound packets to be blocked */
+	pr.rule.direction = PF_OUT;
+#endif
 	if(ioctl(dev, DIOCGETRULES, &pr) < 0)
 	{
 		syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...): %m");