Basic IPF Config Example Cont.
Kyle Amon,  Page 9
/etc/ipnat.rules

  # Note that since ipnat(8) works on the principle of first match (as apposed
  # to ipf(1) which is last match), it is customary to put all rdr rules before
  # any and all (bi)map rules.  This is particularly vital if the network ranges
  # in question verlap.  Otherwise the rdr rules simply will not work.
  #
  # Note that you must also place any "proxy" rules before any "portmap" rules
  # or "portmap" matches the packet and rewrites it before the "proxy" gets a
  # chance to work on it.  Remember, ipnat rules are first-match!

  map rl0 192.168.1.0/16  -> 0/32  proxy port ftp ftp/tcp
  map rl0 192.168.1.0/16  -> 0/32  portmap tcp/udp 1024:65535
  map rl0 192.168.1.0/16  -> 0/32