I have what is probably a simple question.  I have 2 netbsd machines.

1 is a macIIci with 2 ethernet cards.  I have 1 going to an external network
and the other to my other netbsd box.  my ipnat.conf looks like:

map ae1 10.0.0.0/8 -> {my real ip here}/32 portmap tcp/udp 10000:20000

I don't understand this really, but it works (help from someone else produce
this).

Well, almost works, I can telnet/ftp/lynx/mosaic etc from the IIci.  from the
other machine, I can telnet to the outside world and ftp to the IIci, but
not ftp to the outside world.  Do I just have the ports set wrong in the
tcp/udp 10000:20000 part?

it (ftp) doesn't totally fail, this is what it does:

dan@sy-borg (116)-% ftp ftp://ftp.netbsd.org/
Connected to ftp.netbsd.org.
220- THE NetBSD FILE ARCHIVE
220- 
<snip>
230- ALL FTP TRANSFERS AND COMMANDS ARE LOGGED.        `--{__________)       \/
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
200 Type set to I.
250 CWD command successful.
ftp> ls
500 Illegal PORT command rejected
425 Can't build data connection: Connection refused.
ftp> 


TIA,

Dan