Hello!

> What has to be comfigured in the kernel for ipfilter to work? I am
> specifically interested in ipnap. BPF? GATEWAY?

Dunno if GATEWAY is required - would make sense. Try to enable

options	PFIL_HOOKS

and if you want logging with ipmon

options IPFILTER_LOG

and of course

pseudo-device ipfilter

BPF is unrelated to ipf AFAIK. Its the Berkley Packet filter (man bpf).

> I have a kernel setup with both ipfilter options in the kernel, BPF on, =
> and
> GATEWAY off. I have a simple rule file that I got from a friend, that al=
> so
> matches a sample rule file that comes with the ipnat distribution. When =
> I load
> "ipnat -f /etc/ipnat.conf", it seems to do nothing. I cannot ping any RE=
> AL IP
> from an intranet machine.

You have to enable ipf too, set "ipfilter=YES" on a current system in
/etc/rc.conf, or at least get sure that `ipf -E` is called somewhere in
your /etc/rc{.local} file.

Greets
-- 

   Name  : Thorsten Frueauf            Milano@irc cri@onaliM       //
   E-Mail: s_frueau@ira.uka.de oder ukfy@rz.uni-karlsruhe.de     \X/