> > >	In my struggle to get ipnat working CORRECTLY on my subnet, I
> > >changed my local IP setup from: 
> > >
> > >IPs 10.0.0.*                  # with 1-4 being used
> > >netmask 255.255.255.0         # which Bob Nestor pointed out as wrong
> > >broadcast 255.255.255.10      # also wrong?
> > >
> > I think what I wrote was that it didn't look correct to me.  I could be 
> > wrong, in fact I'm usually wrong more than I'm right.
> > 
> > >	My new setup is:
> > >
> > >IPs 192.168.1.*               # with 1-4 being used
> > >netmask 255.255.255.0         # which for a class C subnet SHOULD be right?
> > >broadcast 255.255.255.192     # ?? no clue on this one...
> > 
> > This still doesn't look correct to me.  I think the Broadcast address 
> > should be 192.168.1.255 for this setup, at least that's what it is on my 
> > system using the same setup as you're now running.  My understanding is 
> > that the Broadcast address is basically (in C code):
> > 
> >     Broadcast_address = (IP_address & netmask) | ~netmask;
> > 
> 
> 	Well, I will try that next time I reboot my machine... until then
> I will just leave things as they are, since it actually WORKS! ;-) I'm now
> telnetted to my teleport shell account from my Q630 running MacOS, through
> my IIci ;-) So I'm satisfied enough for now, until I actually NEED to
> change it.

well, just so you know it can be done, this is what i have:
1. first, i went into /etc/netstart and changed the line
  ipfilter=NO                                     # uses /etc/ipf.conf
to
  ipfilter=YES                                    # uses /etc/ipf.conf
2. absolutely nothing in /etc/ipf.conf (i.e. run "touch /etc/ipf.conf -
this needs to be done, or ipf will complain and won't run. and you
need to have ipf running to get ipnat to work.)
3. in /etc/netstart.local, i have:
  if [ -f /etc/ipnat.conf ]; then
          echo 'starting IP network address translation (ipnat)...';
          /usr/sbin/ipnat -f /etc/ipnat.conf
  fi
you might not have a /etc/netstart.local. just make one and put the above
into it.
4. in /etc/ipnat.conf, i only have the following line:
  map ppp0 10.0.2.0/24 -> 0.0.0.0/32 portmap tcp/udp 10000:40000

In terms of my setup, i have my netbsd box have the IP 10.0.2.15, and my
powermac to have 10.0.2.16. i just tell my powermac to use my NetBSD
machine as the router.
my netstat -i looks like this:
friction:~# netstat -i
Name  Mtu   Network       Address              Ipkts Ierrs    Opkts Oerrs
Coll
ae0   1500  <Link>        00:00:94:20:1c:39  2391316     0  1166091     0
33
ae0   1500  10            friction           2391316     0  1166091     0
33
ppp0  1500  <Link>                           1578399   165  1666592   199
0
ppp0  1500  209.61.76     p25.tc5.metro.MA.  1578399   165  1666592   199
0
ppp1* 1500  <Link>                                 0     0        0     0
0
lo0   32976 <Link>                            227655     0   227655     0
0
lo0   32976 your-net      localhost.tiac.ne   227655     0   227655     0
0
sl0*  296   <Link>                                 0     0        0     0
0
friction:~# 

as you can see, my machine belongs to two different subnets, 10.0.0.0
on ae0 (and on that network , the name of the machine is "friction") and
209.61.76.0 (on which the machine is named "p25.tc5.metro.MA.tiac.com", or
my dynamically assigned IP).  the kernel does the routing stuff.

might I add that you want to put defaultroute in your /etc/ppp/options

hmm, maybe i should html-ize this and make it a FAQ.  a lot of editing and
stuff like that. i'll include other situations too, and get the
subnets working...cool, i think i will. i'll try to get it done in the
next couple days and either give someone the HTML, or put it on a machine.
that sound ok? :-)
sned all your suggestions to me too.

later, and i hope didn't miss anything...

  - a