I have three machines:
-karo: le0 connected to the Internet, qe0 192.168.0.1, qe1 172.16.0.1
-experiment: tlp0 192.168.0.10
-yabba: ex0 172.16.0.10

"karo" works as a firewall and uses NAT in order to other machines reach  
the Internet. When I transfer data between "experiment" and "yabba", 
"karo's" loads will rise up to 5 and the transfer speed is around 600kB/s
(instead of ~1MB/s).  However, if I download something from the Internet
to "yabba", everything works as normal.

Configuration files:
http://www.cc.jyu.fi/~kaeesalm/ipf.conf   
http://www.cc.jyu.fi/~kaeesalm/ipnat.conf

--

Second problem concerns ipnat's redirecting. Like you can see from my
ipnat.conf, the firewall redirects port 81 packets to "experiment's" port
80. However this doesn't work, the packets never get to "experiment".
However like predicted, when I redirect "karo's" port 80 to "experiment's"
port 80, then it works (like does FTP and SMTP). But I must do a port
forward to another port.

--

Third is not really a problem but a question. How can I use passive FTP on
"experiment" as it is behind the firewall?
ftp> ls
227 Entering Passive Mode (192,168,0,10,96,231)
ftp: connect: No route to host

--

Fourth issue concerns about sending mail from "yabba". It seems that that
mail is sent as I check the logs, but it never goes anywhere.

/var/log/maillog:
Aug 14 12:34:23 yabba sendmail[586]: g7E9YNc00584: to=kaeesalm@cc.jyu.fi,
ctladdr=karo (1000/0), delay=00:00:00, xdelay=00:00:00, mailer=esmtp,
pri=30432, relay=posti2.jyu.fi. [130.234.4.33], dsn=5.1.8, stat=User
unknown
Aug 14 12:34:23 yabba sendmail[586]: g7E9YNc00584: g7E9YNb00586: DSN: User
unknown
Aug 14 12:34:24 yabba sendmail[586]: g7E9YNb00586:
to=karo@karo.kaista.com, delay=00:00:01, xdelay=00:00:01, mailer=esmtp,
pri=30532, relay=karo.kaista.com. [130.234.180.234], dsn=2.0.0, stat=Sent
(Ok: queued as 2FDEB5304A)

Postfix configuration:
http://www.cc.jyu.fi/~kaeesalm/main.cf

Thanks in advance!
-- 
E-mail: kaeesalm@cc.jyu.fi
GSM: +358 45 6728280
WWW: http://www.cc.jyu.fi/~kaeesalm/