NAT, the old way


ipf had NAT completely seperate

we merged them to one file early
but still seperate rule types, seperate ruleset, different semantics

old state table was limiting: rdr in, nat out
only one at a time because we only had 3 addresses in the state

but with our shiny new state table...