On Fri, Mar 01, 2002 at 11:39:47AM -0500, Sean Finney wrote:
> 
> My layout is something like:
> 
> net <------> (rtk0/pppoe0) my netbsd box (rtk1) <-----> internal NAT'd LAN
> 
> the lan is 192.168.0.0/0xffffff00, and rtk1 is 192.168.0.1.
> 
> i have rules of the form
> 
> map pppoe0 192.168.0.0/24 -> 0/16
> 
> that don't seem to work at all.  I can speak to either the lan or the
> net from the netbsd box, but the essential NAT'ing doesn't seem to be happening.
> If I understand correctly I don't want to use rtk0 as the device in the map
> list, but pppoe0 instead, right?  Also, does the ip address/submask of rtk0
> matter at all?  Should it even be set?  Anyone have an idea why this might
> not be working?  I can supply more info like the actual /etc/ipnat.conf or
> `route show` or `ìfconfig -a` if it'd be helpful.

Base on /usr/share/examples/ipf/mediaone:
map pppoe0 192.168.0.0/24 -> 0/32 proxy port ftp ftp/tcp
map pppoe0 192.168.0.0/24 -> 0/32 portmap tcp/udp 1024:65535
map pppoe0 192.168.0.0/24 -> 0/32

You're telling it to do a one-to-one map of 192.168.0.0/24 into whatever
is on ppoe0 as a /16, so you end up trying to use up to a /24 of address
space from the subnet on your pppoe0 interface.  You are really wanting
it to do port address translation (PAT or PNAT) on a single ip address.

I'm using this with a 'vlan0' interface and everything is great. :)

-Andrew