netbsd-help: Need help with ipnat on 3.0.1

Subject: Need help with ipnat on 3.0.1
To: None <netbsd-help@netbsd.org>
From: Pimin <pimin@rockhead.com>
List: netbsd-help
Date: 09/11/2006 10:01:20
I guess things have changed some since 1.5?  *8^)

I installed 3.0.1 on a new disk and built a new kernel.
When I try to work with my nat rules I get the following 
on both the GENERIC kernel and my new kernel:

# sysctl net.inet.ip.forwarding
net.inet.ip.forwarding = 1
 
# ktruss ipnat -l
ioctl(SIOCGNATS): Input/output error
  1114 ktruss   emul(netbsd)
  1114 ktruss   fcntl(0x4, 0x3, 0)                 = 1
  1114 ktruss   fcntl(0x4, 0x4, 0x1)               = 0
  1114 ktruss   execve("/sbin/ipnat", 0xbfbfeb84, 0xbfbfeb90) Err#2 ENOENT
  1114 ipnat    emul(netbsd)
  1114 ipnat    execve("/usr/sbin/ipnat", 0xbfbfeb84, 0xbfbfeb90) JUSTRETURN
  1114 ipnat    mmap(0, 0x8000, 0x3, 0x1002, 0xffffffff, 0, 0, 0) = 0xbdbeb000
  1114 ipnat    open("/etc/ld.so.conf", 0, 0)      = 3
  1114 ipnat    __fstat13(0x3, 0xbfbfea8c)         = 0
  1114 ipnat    mmap(0, 0x37, 0x1, 0x1, 0x3, 0, 0, 0) = 0xbdbea000
  1114 ipnat    close(0x3)                         = 0
  1114 ipnat    munmap(0xbdbea000, 0x37)           = 0
  1114 ipnat    open("/usr/lib/libkvm.so.5", 0, 0) = 3
  1114 ipnat    __fstat13(0x3, 0xbfbfe78c)         = 0
  1114 ipnat    mmap(0, 0x1000, 0x1, 0x1, 0x3, 0, 0, 0) = 0xbdbea000
  1114 ipnat    munmap(0xbdbea000, 0x1000)         = 0
  1114 ipnat    mmap(0, 0x7000, 0x5, 0x2, 0x3, 0, 0, 0) = 0xbdbe4000
  1114 ipnat    mmap(0xbdbea000, 0x1000, 0x3, 0x12, 0x3, 0, 0x5000, 0) = 0xbdbea000
  1114 ipnat    mmap(0xbdbeb000, 0, 0x3, 0x1012, 0xffffffff, 0, 0, 0) = 0xbdbeb000
  1114 ipnat    close(0x3)                         = 0
  1114 ipnat    open("/usr/lib/libc.so.12", 0, 0xbfbfe78c) = 3
  1114 ipnat    __fstat13(0x3, 0xbfbfe78c)         = 0
  1114 ipnat    mmap(0, 0x1000, 0x1, 0x1, 0x3, 0, 0, 0) = 0xbdbe3000
  1114 ipnat    munmap(0xbdbe3000, 0x1000)         = 0
  1114 ipnat    mmap(0, 0xc2000, 0x5, 0x2, 0x3, 0, 0, 0) = 0xbdb22000
  1114 ipnat    mmap(0xbdbce000, 0x7000, 0x3, 0x12, 0x3, 0, 0xab000, 0) = 0xbdbce000
  1114 ipnat    mmap(0xbdbd5000, 0xf000, 0x3, 0x1012, 0xffffffff, 0, 0, 0) = 0xbdbd5000
  1114 ipnat    close(0x3)                         = 0
  1114 ipnat    __sysctl(0xbfbfea18, 0x2, 0x8053580, 0xbfbfea14, 0, 0) = 0
  1114 ipnat    open("/dev/ipl", 0, 0xbdbfea7c)    = 3
  1114 ipnat    ioctl(0x3, SIOCGETFS, 0xbfbfe830)  = 0
       "03=\0\M-8\^A\0\0p\M-h\M-?\M-?\^A\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
  1114 ipnat    __sysctl(0xbfbfe8e8, 0x2, 0xbfbfe8e0, 0xbfbfe8e4, 0, 0) = 0
  1114 ipnat    readlink("/etc/malloc.conf", 0xbfbfe960, 0x3f) Err#2 ENOENT
  1114 ipnat    mmap(0, 0x1000, 0x3, 0x1002, 0xffffffff, 0, 0, 0) = 0xbdb21000
  1114 ipnat    break(0x805ba98)                   = 0
  1114 ipnat    break(0x805ca98)                   = 0
  1114 ipnat    break(0x805d000)                   = 0
  1114 ipnat    break(0x805e000)                   = 0
  1114 ipnat    __sysctl(0xbfbfe938, 0x2, 0xbdbe312c, 0xbfbfe934, 0, 0) = 0
  1114 ipnat    __sysctl(0xbfbfe958, 0x2, 0xbdbea441, 0xbfbfe954, 0, 0) = 0
  1114 ipnat    __stat13("/netbsd", 0xbfbfe960)    = 0
  1114 ipnat    open("/dev/mem", 0, 0)             = 5
  1114 ipnat    fcntl(0x5, 0x2, 0x1)               = 0
  1114 ipnat    __fstat13(0x5, 0xbfbfe960)         = 0
  1114 ipnat    open("/dev/kmem", 0, 0)            = 6
  1114 ipnat    fcntl(0x6, 0x2, 0x1)               = 0
  1114 ipnat    open("/dev/drum", 0, 0)            = 7
  1114 ipnat    fcntl(0x7, 0x2, 0x1)               = 0
  1114 ipnat    open("/dev/ksyms", 0, 0)           = 8
  1114 ipnat    fcntl(0x8, 0x2, 0x1)               = 0
  1114 ipnat    close(0x8)                         = 0
  1114 ipnat    open("/dev/ipnat", 0, 0xbfbfeb28)  = 8
  1114 ipnat    ioctl(0x8, SIOCGNATS, 0xbfbfea60)  Err#5 EIO
       "03=\0l\0\0\0\240\M-j\M-?\M-?\^F\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
  1114 ipnat    issetugid()                        = 0
  1114 ipnat    issetugid()                        = 0
  1114 ipnat    break(0x805f000)                   = 0
  1114 ipnat    open("/usr/share/nls/nls.alias.db", 0, 0xbfbfd444) Err#2 ENOENT
  1114 ipnat    open("/usr/share/nls/nls.alias", 0, 0xbfbfd878) = 9
  1114 ipnat    fcntl(0x9, 0x2, 0x1)               = 0
  1114 ipnat    __fstat13(0x9, 0xbfbfd850)         = 0
  1114 ipnat    mmap(0, 0x5f0, 0x1, 0x2, 0x9, 0, 0, 0) = 0xbdb20000
  1114 ipnat    close(0x9)                         = 0
  1114 ipnat    break(0x8060000)                   = 0
  1114 ipnat    munmap(0xbdb20000, 0x5f0)          = 0
  1114 ipnat    open("/usr/share/nls/C/libc.cat", 0, 0xbfbfd8f8) = 9
  1114 ipnat    __fstat13(0x9, 0xbfbfd8e0)         = 0
  1114 ipnat    mmap(0, 0x105b, 0x1, 0x1, 0x9, 0, 0, 0) = 0xbdb1f000
  1114 ipnat    close(0x9)                         = 0
  1114 ipnat    munmap(0xbdb1f000, 0x105b)         = 0
  1114 ipnat    write(0x2, 0xbfbfd8f0, 0x25)       = 37
       "ioctl(SIOCGNATS): Input/output error\n"
  1114 ipnat    exit(0x1)

# ls -l /dev/ipl /dev/ipnat /usr/share/nls/C/libc.cat
crw-------  1 root  wheel  44, 0 Sep  7 16:54 /dev/ipl
crw-------  1 root  wheel  44, 1 Sep  7 16:54 /dev/ipnat
-r--r--r--  1 root  wheel   4187 Jul 13 16:13 /usr/share/nls/C/libc.cat

Can someone give me a clue where I went wrong?
My firewall isn't very useful without nat and ipf settings.

TIA,
Paul