Having woken up and reviewed the thread ... yes, the port swap mode is
the way to go nowadays.  trekhopd is not particularly applicable to most

I once saw an ipchains masq module for Netrek, but port swap is a better
solution because it fits the model of firewall opening the return UDP
path once it sees the outgoing traffic from the client.

James Cameron    mailto:quozl at us.netrek.org     http://quozl.netrek.org/