>> you have turned on "nat enable yes" in ppp.conf,
>> and but you havn't turned ip_foward on in sysctl,
>> so core dumped.
>> David Xu
> Well, I'm not running ppp, and never indicated I was.  I'm running
> natd.
># sysctl -a | grep forward
> net.inet.ip.forwarding: 1
> net.inet.ip.fastforwarding: 0
> net.inet6.ip6.forwarding: 0
> Everything works fine with pre "new-ipfw", and has for years.  Same
> rules, same configuration, and with "new ipfw", core dump.

Same scenario here with a cvsup & build from about 16:00 GMT yesterday.
Defining #NO_FW_PUNCH (primarily for libalias) and placing a
#ifndef NO_FW_PUNCH around the code in natd.c:SetupPunchFWHole
fixed the problem for me.  I can look into this further near the
end of this week.

