Okay, I've played around with things some more.  Tried running ipf,
adding a few more #options to my kernel, and nothing has gotten ipnat to
work over my ppp line yet.  I still have not had the time to download
full -current sources, I figured I'd grab the tarballs once they're
rebuilt later today (I wish sup could do incremental updates, I can't
stay online the hours required to do the initial sup...  =(.  So for now
still running 1.3.1 libs/binaries on a 1.3E kernel.

    I ran tcpdump on the ppp0 interface, and saw something I didn't expect:

03:04:49.389938 Light.65531 > ANDREW.CMU.EDU.finger [...]
[no response]

    Now Light is a machine on the *internal* network.  Should tcpdump
decode this packet the way it is?  Honestly, I guess I'd expect it to
show as coming from the IP of my end of the ppp link, on some port
between 10000 and 40000 as my ipnat filter suggests.  Instead it seems
to be getting passed straight through the filter, unmodified.  Or does
tcpdump actually decode the filter, in which case this would be correct?

    Until now I had figured that my nat box just wasn't forwarding
things from we0 to ppp0.  Now it appears as if it is, but isn't
modifying the packet, so presumably the remote end has no clue where the
packet came from or where to send it to.

    Does this suggest any more specific problems / things to try?  Still
hoping that a make build will fix all of this.

    Thanks again.

                                                          Will Ferry

------------------------------------------------------------------------
 William O Ferry  <woferry@CMU.EDU> | finger: woferry@Light.RES.CMU.EDU
 http://light.res.cmu.edu/~woferry/ | talk:   finger for online status
------------------------------------------------------------------------