I recently got NetBSD + NPF running on a raspberrypi, and am now using it as my gateway router (purchased a 2nd USB ethernet stick as internal nic). Behind this router, I run a few servers and also have a 2nd router for my home PCs - so it operates like a perimeter network.
When I am hitting my global IP from the outside, NPF forwards my packets correctly to my server, and I'm able to view my website. When trying to access from one of my home PCs though, I get a connection timeout/refused. In Linux when I'm usually setting up a router, I am able to configure iptables to do nat-hairpinning to any services running in the perimeter network. I don't want to resort to split-zone DNS or other methods, so does anyone know of a way to coerce NPF into doing nat hairpinning? For reference, PF seems to be able to do this (they call it "rdr-to and nat- to combo"), but I don't know how to construct an equivalent NPF rule: http://www.openbsd.org/faq/pf/rdr.html TIA
