>I sure can.  I can try it again.  To get the gateway/firewall
>functionality do I need fwtk??
>If I do then that is the problem.  When it says to go into it and start
>making configurations where you go into several files and then change
>them the thing that you need to change is missing from all of the files.
>I got the installer directly from the group that holds fwtk.  When would
>I need the fwtk and how safe would it be to run NetBSD without it?

IP-NAT and FWTK are two different things. I don't remember my experiences
with trying to install FWTK, but they weren't very good (i.e.
unsuccessful.)  Honestly, I don't know much about FWTK, so I have no
business commenting on it.

In terms of security measures, IP-NAT works fine. Basically as my HOWTO
says, any computer on your internal network has a fake IP address, meaning
computers on the real internet can't access it unless they are able to get
onto your NetBSD gateway system and subsequently log in/use other computers
on your network.  In short, I usually don't give accounts on my NetBSD
system, and when I do, make sure the person is responsible enough not to go
around doing annoying things.

If you just want to get more than one computer on the internet through one
phone line and with a regular dialup ppp account (which offers your only 1
ip) I'd say your best bet is IP-NAT.

Again, that web page address: http://radon.moof.ai.mit.edu/~armenb/ipnat.html

On a side note, something I've noticed that is lacking in NetBSD's NAT
capabilities is all the features in Linux's IP-MASQ. It works a lot like
IP-NAT (based on it?) but has all kinds of cool functions like forwarding
ports to machines inside your LAN and still maintaining source addresses.
Anyone else know if  NetBSD is planning on implementing anything that
resembles linux's ipfwadm?

thanks,

  - a