I'm posting this to help people struggling to get port forwarding to work with icamsource.
After setting up a pf firewall (and nat) on OSX I put port forwarding in place on my server as recommended for icamsource, as well as the correct port forwarding settings in the 2 icamsources running on separate computers on the network.
It didn't work and only after examining the packet flow for a while I realized the problem (took a couple of days) - The communications to the icam servers need to keep the same outgoing port numbers through the nat process or the (complicated) process of icam negotiating and connecting (driven by the icam servers) fails even though inward port forwarding is in place.
To fix this for a pf firewall I added a specific nat rule for icam using the static-port parameter:
nat on en0 from { 192.168.2.3, 192.168.2.6 } to { 66.116.97.150, 66.219.169.130 } -> (en0) static-port
Here 192.168.2.3 and 192.168.2.6 are the two computers running icamsource. Without this rule icam doesn't work!
My complete pf.conf translation rules are then:
# Fix for icamsource to use static ports
nat on en0 from { 192.168.2.3, 192.168.2.6 } to { 66.116.97.150, 66.219.169.130 } -> (en0) static-port
# Basic nat rules
nat on en0 from 192.168.2.0/24 to any -> (en0)
# Port forwarding rules for icamsource
rdr pass on en0 proto udp from any to (en0) port 12000:12005 -> 192.168.2.3
rdr pass on en0 proto udp from any to (en0) port 12006:12011 -> 192.168.2.6
Hope this helps someone - Clearly a lot of routers won't have this problem, but others will where outgoing port translation comes into effect despite the port forwarding...
