Recently upgrade solaris sparc from 8 to 10, there is ipfilter on the
servers.
it seems rdr simply does not work properly on solaris 10.
given an example ipnat rdr rule:

rdr eri0 0.0.0.0/0 port 16398 -> 172.25.128.236 port 12000 udp

Use snoop to monitor the packets.
On solais 8, the rdr rule works fine and have the redirected udp packets
sending out. (with dest ip/port changed to 172.25.128.236/12000)
However, on solaris 10, there is NO redirected packets sending out.

Both solaris 8 and 10 run the same ipfilter 4.1.34 with same config.
Both solaris 8 and 10 have single ethernet interface.
Solaris 10 is 5/09 u7 sparc versioin.

# ipf -V
ipf: IP Filter: v4.1.34 (720)
Kernel: IP Filter: v4.1.34
Running: yes
Log Flags: 0 = none set
Default: pass all, Logging: available
Active list: 0
Feature mask: 0x187

In addition, on solaris 10, use dtrace to monitor ipfilter function call
flow, found the incoming UDP packet with port 16398 captured by
ipfilter fr_check(), and the dest ip/port also changed to
172.25.128.236/12000 after fr_checknatin() gets called.

p.s. The solaris 10 stock ipf 4.1.9 meets the same issue as ipfilter 4.1.34.

Please, who can give a hand?

Regards,
James Huang