Subject: Re: IPNat, IPF, and webservers...
To: David Woyciesjes <>
From: Mike Pelley <>
List: tech-net
Date: 10/20/2000 14:46:27
I haven't looked at the stuff at but here are some thoughts.

> Now, all I want is to allow http (port 80) traffic thru to machine
[stuff deleted]
> rdr ppp0 0/32 port 80 -> port 80 tcp

One thing to check - the default gateway for must be the NetBSD
machine so ipnat can rewrite the reply packets.  I imagine you would have
set it that way but maybe not.

> BTW, aren't there command to renew the ipf and ipnat rules w/o rebooting?

To renew ipnat rules without disconnecting current sessions you can use
"ipnat -C -f /etc/ipnat.conf", and to renew ipfilter rules you can use
"ipf -Fa -f /etc/ipf.conf".