In some email I received from Rene Hexel, sie wrote:
> 
>   For some reason, it seems like ipnat is broken under 1.4.2_ALPHA
> (yesterday's and today's anoncvs sources, same checkouts for kernel and
> userland).  An "ipnat -l" gives me:
> 
>   List of active MAP/Redirect filters:
>   kmemcpy:read: Bad address
>   kmemcpy: Bad address
[...]

Have you done an "ipf -E" prior to doing "ipnat -l" and what version
of IP Filter (ipf -V) are you using ?

This problem was due to the IP Filter code handling ioctl's before it
had been "enabled" (people at NetBSD seem to think that compiling it
in should not mean it gets enabled by default).  I've added code in
later revs (which has been pulled into -current and the 1.4.2 branch)
which makes it return an error rather than crash if you do the above.

Darren