>I wonder if I IPfilter will let through IPv6-in-IPv4 pkgs when configured
>to NAT? I'd love to get a IPv6 tunnel to my home, but my NATing router
>still runs NetBSD 1.4.2, and I can't upgrade. 
>I wonder if I would need any special IPfilter setup, or if this just
>works? 

	So your setting is like this, and you have only one global IPv4
	address for IPfilter box?

		IPv6 upstream
		  | global addr (y.y.y.y)
		==+==
		  | global addr (x.x.x.x)
		IPfilter (NAT)
		  |
		==+== private address cloud
		  | private addr (z.z.z.z)
		IPv6 router

	on upstream:  gifconfig gif0 y.y.y.y x.x.x.x
	on downstream: gifconfig gif0 z.z.z.z y.y.y.y
	on NAT: for inbound, pass IP protocol # 41 to z.z.z.z, if it is
		from y.y.y.y to x.x.x.x (rewrite dst).
		for outbound, pass IP protoco # 41 from z.z.z.z to y.y.y.y,
		after rewriting source to x.x.x.x.

	I'm not quite sure if it works or not.

	I really recommend you to upgrade NAT box to 1.5, to avoid any packet
	modification by IPfilter.  If you have NAT between IPv6 tunnel routers,
	you can't really be sure about how the packet will be modified.

itojun