NAT


one computer, one IP address doesn't always cut it

Henning committed his NAT rework
was written way earlier in Basel
4000 lines diff maintained outside the tree...

nat-to and rdr-to actions replace the seperate translation ruleset
binat-to emulated by pfctl

no more multiple rulesets, major cleanup possible and done
and sticky-address broken on the way, rewritten by Henning at h2k10 in coimbra