Here is my recommendation, add the following to rc.firewall:
case ${natd_enable} in
[Yy][Ee][Ss])
if [ -n "${natd_interface}" ]; then
${fwcmd} add 98 divert natd all from any to any via
${natd_interface}
fi
;;
[Ff][Tt][Pp])
if [ -n "${natd_interface}" ]; then
${fwcmd} add
I finally (after about 4 hours of hitting
my head on the wall) figured it out.
Simple really. I am running 'natd' on FreeBSD 4.1 ... The _out_going_
active connection is mapped to the masquerading IP of the box! I have
a setup where a box has 5 ips on it and maps ips for about
20 people