I posted an inquiry message to current-users a few days ago, and
haven't gotten a response yet, but I've narrowed down my
problem a little bit - "bimap" rules in ipnat.conf don't seem to
work, whereas they were definitely working before I upgraded to a
kernel with ipf 4.1 in it.

Is anyone currently using an ipnat.conf with one or more "bimap" rules
that are working correctly?  What I am seeing is that incoming
connections seem to be mistranslated.  I have the following rules
in ipnat.conf:

bimap tlp1 10.0.0.14/32 -> 66.124.71.66/32 #desktop
bimap tlp1 10.0.0.108/32 -> 66.124.71.69/32 #em's laptop


(there are other rules, but these are the ones not working)

However, when I try to telnet to, say, port 2048 (to pick a random
port which should be blocked in my ipf rules), I get the following 
from ipmon:

to 66.124.71.69, which should translate to 10.0.0.108:
Jun 20 10:50:52 boogers ipmon[250]: 10:50:51.670103 tlp1 @0:45 b lychee.tastylime.net[199.233.217.35],65447 -> 200.134.192.14,2048 PR tcp len 20 60 -S IN NAT 

to 66.124.71.66, which should translate to 10.0.0.14:
Jun 20 10:51:02 boogers ipmon[250]: 10:51:02.579332 tlp1 @0:45 b lychee.tastylime.net[199.233.217.35],65446 -> 200.132.88.14,2048 PR tcp len 20 60 -S IN NAT 


Notice the destination address of these blocked packets;  I have
no idea where "200.134.192.14" or "200.132.88.14" may have come from.
I suspect something is being corrupted somewhere. One thing that
is consistent as far as I can tell, all the mistranslated packets 
have "200" in the first octet and "14" in the fourth.

I'm running a GENERIC kernel (or at least I am now; it showed up in
my custom kernel, so I switched to GENERIC to check it showed up there,
too), 2.0_BETA on i386, source date of June 17, and my kernel and
userland are in sync.  Is anyone else either seeing this problem,
or able to use a "bimap" rule successfully?  I'd like to eliminate
local error as the cause before I start digging...

Thanks,
+j
-- 
Jeff Rizzo                                         http://www.redcrowgroup.com/