I posted on [email protected] on the same topic a few days ago. I have
looked at the problem a bit closer now and I am hoping to get comments
and advice ... and hopefully a bit of flame too! :-) I have studied some
of the pf code in search for a solution and this is the solution I am

--As for the rest, it is mine.

Sounds to me like you are looking for a way to do protocol-specific nat/rewriting handling. My advice: Don't. Write a proxy, and direct the connection through that if necessary. rdr to the proxy from the firewall, and let the proxy sort out the rest.

