I am having some trouble getting ipnat/ipf to work correctly. The
machine doing NAT is a SS20. There are two interfaces in use: onboard
(le0, 172.16.0.1), and quad ethernet sbus (hme0, 10.2.0.228). Both
interfaces are connection to the same network, if that matters (I
wanted to do some testing).

I am attempting to use le0 as the internal interface, and hme0 as the external.

I have tried this with a blank ipf.conf file, and also some very basic
configurations. Below is ipnat.conf:

# cat /etc/ipnat.conf
map hme0 172.16.0.0/16 -> 0/32 proxy port ftp ftp/tcp
map hme0 172.16.0.0/16 -> 0/32 portmap tcp/udp 10000:40000
map hme0 172.16.0.0/16 -> 0/32

A few things -- ICMP and DNS lookups -- seem to work fine. However,
most anything else (ie: HTTP) will appear to connect, but then receive
nothing afterward. I do see the sessions appear in "ipnat -l". For
example:

List of active sessions:
MAP 172.16.0.10     1122  <- -> 10.2.0.228      10003 [66.35.250.151 80]

I have tried many different things with ipf.conf, ie: keep state. I
think the problem may be with ipnat, but am kind of lost. Any
pointers?

Thank you!