I had an alpha gateway running 1.6.2 with a set of bimap rules for
 	machines on its internal net, which all worked fine.

 	Upgraded to 2.0 and now it seems to forget the rules occasionally.
 	(inbound connections will suddenly go to the gateway rather than
 	the machines behind it). /etc/rc.d/ipfilter restart fixes it at
 	the cost of dropping all the existing connections.

 	the ipnat.conf is appended - has anyone seen anything similar?

# Redirect https -> ssh to help people behind certain firewalls
#
rdr tlp1 217.206.161.163/32 port 443 -> 10.1.1.163 port 22 tcp
rdr tlp1 217.206.161.164/32 port 443 -> 10.1.1.164 port 22 tcp
rdr tlp1 217.206.161.165/32 port 443 -> 10.1.1.165 port 22 tcp
rdr tlp1 217.206.161.166/32 port 443 -> 10.1.1.166 port 22 tcp
rdr tlp1 217.206.161.167/32 port 443 -> 10.1.1.167 port 22 tcp

# Generic traffic to/from cluster machines
#
bimap tlp1 10.1.1.163/32 -> 217.206.161.163/32
bimap tlp1 10.1.1.164/32 -> 217.206.161.164/32
bimap tlp1 10.1.1.165/32 -> 217.206.161.165/32
bimap tlp1 10.1.1.166/32 -> 217.206.161.166/32
bimap tlp1 10.1.1.167/32 -> 217.206.161.167/32

# Generic outgoing for temp machines
map tlp1 10.0.0.0/8 -> 0/32 portmap tcp/udp 15000:20000
map tlp1 10.0.0.0/8 -> 0/32


-- 
 			   David Brownlee -- abs@absd.org