Subject: bin/4813: Addition of requirements to ipnat(8) man page
To: None <>
From: None <>
List: netbsd-bugs
Date: 01/13/1998 01:56:49
>Number:         4813
>Category:       bin
>Synopsis:       Enabled ipf & kernel options not mentioned as a requirement for NAT usage
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          doc-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Jan 13 00:05:01 1998
>Originator:     Jeff Thieleke
>Release:        NetBSD 1.3
System: NetBSD 1.3 NetBSD 1.3 (SCHNAUZER) #39: Fri Jan 9 09:55:04 CST 1998 i386

An enabled ipf filter (ipf -E) seems to be a requirement of successful NAT usage, but there
are no man pages that specify this.  This confuses users who only want ipnat functionality,
and therefore don't enable ipf.

Try to use NAT with ipf disabled.  Then enable the filters and see that NAT works.

Add blurb to the ipnat(8) man page that indicates the IP Filter needs to be enabled -
either when the LKM is loaded or with 'ipf -E', for NAT to work.

While we are appending ipnat(8)'s man page, adding information about other
requirements ((net.inet.ip.forwarding = 1 or options GATEWAY) && options PFIL_HOOKS) 
would be a welcome addition.