I can't seem to convince my firewall to route between internal networks.  

My Soekris box has two internal networks and one external.  The internal
ones are:

	192.168.1/24 on sip0
	192.168.2/24 on wi0

I'd like to route between them, but hosts on the 2 network can't ping (or
log into) any machine on the 1 network.  

Because the machine can route to each internal network, I assume it can
forward packets between them. I haven't tried to set up any static routing
rules.  (net.inet.ip.forwarding = 1)

There is an ipnat rule that I wonder if it needs adustment?  

map sip2 192.168.2.0/24 -> 216.254.83.209/32

(sip2 is the external network.)

I'm also still running ipf.  The rules are mostly about blocking incoming
stuff.  Is there something I need to permit?  

Many thanks for your interest and help.  

--jkl