In message <Pine.NEB.3.96.980614212720.16870A-100000@beech.pd.tgi.plexus.com>
	on Sun, 14 Jun 1998 21:29:20 -0500 (CDT),
	Scott Reynolds <scottr@Plexus.COM> wrote:
> On Sun, 14 Jun 1998 mouse@Rodents.Montreal.QC.CA wrote:
> 
> > 3) A NAT setup that edits FTP control streams as they go past (yes, I
> > have seen such a thing - in a commercial product);
> 
> Um, both the Linux `IP masquerading' (free) and ip-filter's NAT (free)
> have this functionality.  I believe it was broken for a while in the
NetBSD have ip-filter.  I have never enabled ip-filter's NAT on
NetBSD, but successfully I have been running on FreeBSD.

Based on /usr/share/examples/ipf/nat.eg as an example,
ipnat.rules bellow works on FreeBSD with ip-filter (not firewall
function with FreeBSD).

map ed1 10.1.0.0/16 -> 240.1.0.1/32 proxy ftp ftp/tcp
map ed1 10.1.0.0/16 -> 240.1.0.1/32 portmap tcp 10000:20000
map ed1 10.1.0.0/16 -> 240.1.0.0/24

The order of lines are important.

Cheers.

--
Takahiro Kambe <taca@sky.yamashina.kyoto.jp>