> I am pawing through the rc.config and notice a "ipfilter=NO" entry.  From
> this am I to assume the kernel already has IP filtering installed?  I want
> to do IP Masquerading to allow my three machine network use a single
> dynamic IP from ISP to connect to the internet.  I have seen discussions
> about NAT and fwtk.

Actually, I believe that NAT is _not_ turned on in the GENERIC kernel.
You'd have to compile your own.  (Of course, I could be wrong; you should
probably take a look at the GENERIC config file just to be sure.)

> I have downloaded fwtk and looked at it's installation instructions and
> find that this is not what I want. I don't want a fire wall.
> 
> I also downloaded the IP Filter package and have looked at the README.  The
> question comes to mind; Do I need to install this if it is already in the
> kernel?

I don't think that you need to "install" anything if you are running
-current, but you will need a kernel with IP filter capability turned on.

> Any insights, experiences, examples would be great.

Somewhere out there, there is a page about configuring NAT.  You might
want to check the current-users mail archives to find a reference to it.

Good luck!

Later.

-- 
Colin Wood                                      ender@is.rice.edu
Consultant                                        Rice University
Information Technology Services                       Houston, TX