> 
> does NetBSD do IP masquerade?
> 

>From my understanding, IP-NAT (Network Address Translation) might do
some; I'm a little unclear on the actual implementation of the software,
but it might do what you need.

If you are looking for "on the fly" translation for a firewall, you
might look into Juniper (assuming you want to run 1.2.1 and can install
the patches).  I've been using it for a few months to translate the
couple of IP addresses on my local (non-routable) net to my ISP.  It
"just works"; no SOCKS, no changes to client machines, very minimal
setup.  It also provides firewall and other features.

Look for "http://www.obtuse.com".  If there is enough interest, they
might even try an interim service pack for a fairly recent version of
-current (the changes that added the IP NAT functionality made
integrating the latest service pack somewhere between hard and
impossible for me).

-- 
Dave Burgess                   Network Engineer - Nebraska On-Ramp, Inc.
*bsd FAQ Maintainer / SysAdmin for the NetBSD system in my spare bedroom
"Just because something is stupid doesn't mean there isn't someone that 
doesn't want to do it...."