Jason R Thorpe said on 2000-05-11:

> On Thu, May 11, 2000 at 04:50:51PM -0400, John Kohl wrote:
> 
>  > Say I have a hardware box on an internal network which does a mutant IP
>  > protocol (not TCP or UDP), and I want to send all packets of that
>  > protocol type which arrive at my NetBSD box from the Internet to it, and
>  > likewise send all its outgoing packets of that type out to the net.
>  > 
>  > I didn't see a syntax in my reading of the ipnat(5) man page for mapping
>  > single IP protocols to/from a host.  Does the kernel machinery have this
>  > capability, and I just need to invent a syntax?
> 
> It'll probably work like ICMP works --- only one host at a time can have
> a valid ICMP NAT mapping.

Correct.  Something like this:

map le0 your.internal.server.here/32 -> your.gateway.ipnatbox.here/32

should do what you want.  The problem here is that AFAIK ipnat only knows
the "tcp" and "udp" keywords.  You'd need either 1) the ability to have
ipnat look up the keyword in /etc/protocols, or some other way to give
ipnat an alternate protocol number.  Unfortunately, AFAIK ipnat doesn't
do that (and if it does, I don't know about it (I'm on 1.4.2 here...)).

So I think you're out of luck for the moment, unless you want to route
_everything_ over to that box :-(

Hopefully someone will come out and tell me that I'm wrong.

Hope this helps,

-yubyub
----------------------------------------------------------------
croquette - n.  A small cake of minced | SMTP: yubyub@yubyub.net
 food, such as poultry, vegetables, or | http://www.yubyub.net
 fish, that is usually coated with     | NetBSD on Sparc, Alpha
 bread crumbs and fried in _deep fat_. |  i386, Mac68k, VAX