On Mon, 10 Apr 2000, Tim Walls wrote:

> Anyway, I seem to be having problems with ipnat.  Doing 'ipnat -f'
> comes up with some errors along the lines of 'kernel memory address
> invalid' (I'll check the exact error when I get home.)

Is /netbsd your booted kernel? You do have ipfilter running, don't you?

> Undeterred by the error, I gave it a try anyway :-).  I produced
> a nat file looking like:
>  
>   map ppp0 10.10.10.0/24 0/32 portmap tcp/udp auto
>   map ppp0 10.10.10.0/24 0/32

Mine is:

map ppp0 10.0.0.0/24 -> 0.0.0.0/32 portmap tcp/udp 1000:60000
map ppp0 10.0.0.0/24 -> 0.0.0.0/32

I don't know if the differences matter.

> So...  After that ramble, the questions are...
> 
>   o. Do I need anything special in the kernel config to make ipnat
>      work properly - I have options GATEWAY, and pseudo-devices
>      bpfilter and ipfilter.

Not sure.

>   o. Do I need to recompile ipnat if I have a recompiled
>      kernel (the kern source & userland are both 1.4.2)

I don't think so. /netbsd needs to be (a copy of) the booted kernel
though.

>   o. Do the map lines above look approximately correct?

Pretty much..

>   o. Is there a FAQ for doing what I want to do using BSD type
>      NAT stuff?  I've found FAQs for Linux IP masquerading, but
>      that just looks like a hack for people who don't have
>      proper NAT <grin>.

Not that I'm aware of.

Take care,

BIll