On Thu, 19 Jul 2001, Darren Reed wrote:

> > I have searched high and low, but cannot find the answer to my question...
> > 
> > Can NetBSD pass GRE packets through IPNAT?  I found out that ipchains in
> > L*nux can do it.... are there any plans to do this, or is this one of
> > those philosophical things that I don't understand?
> 
> What do you want it to do with them?
> 
> an ipnat.conf line without portmap/tcp/udp will map all protocols.

I have tried that, and see packets hitting the external interface, but no
mapping on the inside.  The tcp/udp mappings work just fine.  Here is what
my ipnat.conf looks like:

map tl0 1.1.1.2/32  -> 0/32 portmap tcp/udp 10000:20000
map tl0 1.1.1.2/32  -> 0/32
rdr tl0 0/0 port 1723 -> 1.1.1.2 port 1723 tcp

The 1723 is redirected properly, but I don't see gre being mapped.

Kevin