My system is NetBSD-2.0_STABLE i386. I have 2 NICs.
External NIC is rtk1, get IP address/gateway via DHCP.
Internal NIC is rtk0, 192.168.1.1/24.

I want to configure ipfilter/ipnat to reach follow :
1) hosts 192.168.1.0-192.168.1.7 can access anywhere
2) hosts 192.168.1.129-192.168.1.200 can use MSN (tcp port 1863?),FTP,WWW only

how can I do?

ipfilter is very difficult to configure.
at begining, i tried to limit access permission in ipnat.conf. but i
found that ipnat.conf can limit ip address only, can't limit
protocol/port

thank you.