Olli <oliverko@dialup.nacamar.de>,wrote on Feb 10, 1999 at 07:05 +0100: 
> Hi all,
> 
> last night I enabled the IPFORWARDING ond the NetBSD-machine. If I
> made a ping from a Linux-computer to a host out of my network - the
> NetBSD-computer dialed up to my ISP. OK -but I didn't get any
> response. So I tryed traceroute 141.30.4.242:
> 
> -> traceroute to 141.30.4.242
> -> 1 netbsd1.network.de (192.168.1.1) 1.978ms ...
> -> 2 * * *
> -> 3 * * *
> 
> Two reasons may be possible:
> 
> 1. The NetBSD-machine establishes a connection to my ISP but does not
> send the
>     received packages from the internet host back to Linux.
> 
> 2. The IP-header of each package sended from the Linux-box containes:
> 
>     target-IP = 141.30.4.242
>     source-IP = 192.168.1.2
> 
>     Because the NetBSD-box makes no IP-translation the IP-headers
> containe the
>     source-IP 192.168.1.2. If the host (with IP = 141.30.4.242) sends
> the packages
>     back to me the packages will not be routed because the router in
> the internet will
>     never route packages with an target-IP = 192.168.1.2 - and thus I
> didn't get a
>     response.
> 
> What did you think about it?
It's definitly the second case. What you need it NAT, furtunatly
it works good under NetBSD. You probably want something like:

map ppp0 192.168.0.0/16 -> 0.0.0.0/32 portmap tcp/udp 10000:20000

in your nat.conf.  Replace ppp0 with the interface you have to the
Internet, you can replace 0.0.0.0 with the IP-address on that
interface.

-- 
mvh Jens