"Richard G. Roberto" <rich@dedlegend.com> wrote:

> I created an empty /etc/ipf.conf file, and an
> /etc/ipnat.conf that looks like this:
> 
> map 10.1.1.0/24 -> 0/32
> 
> The trouble I'm having is the same trouble I had when I had ipf rules,
> which is, tcp sessions start to work, then stop, and small udp
> comunications are fine (dig works fine through the NAT, for example).

In cas you haven't, read the "IP Filter Based Firewall HOWTO"
(http://www.obfuscation.org/ipf/ipf-howto.txt).

It seems to me that you ought to specify the outside interface in the
map-rule, in your case

map le0 10.1.1.0/24 -> 0/32

If I leave out the interface and do "/etc/rc.d/ipnat restart", it gives
me an error-message...

> This is on a Sparc4 70Mz machine with 32 MB RAM. I'm using the le0
> device as the outside interface and a qe0 device as the inside
> interface. They both have the same ehternet address, and I can't seem to
> use ifconfig on NetBSD to change that.

As I understand it, you can not change it.  On Sparcs, all ethernet
interfaces do have the same ethernet-address, as they are (as you
suggested) part of different subnets.

-Jan

-- 
http://www.netmeister.org
http://guinness.cs.stevens-tech.edu/~jschauma/