ipfw2+divert; why divert rule is ignored?

[Vladimir]

FreeBSD 5.4

Specifically, I can't figure out why rule 3800 is ignored...  :confused: 
If you have idea - just give clue abt it.... Thanks...
Regular NAT is working properly, but I can't configure NAPT to services on server in LAN....

Interface to LAN is also untrusted -that's why so many details in config...
tun0 - interface to Internet
vr1 - interface to LAN
212.42.xxx.xxx - my external IP

firewall rules [#ipfw -de sh] 
[CODE]
03800    0  	  0 divert 6893 log logamount 100 tcp from 192.168.0.1 80 to any out via tun0
04000    0      0 check-state
04400    0      0 allow log logamount 100 tcp from 212.42.xxx.xxx 80 to any out via tun0
04700   25   1554 divert 6893 log logamount 100 tcp from any to 212.42.xxx.xxx dst-port 80 in via tun0
05000  150   6816 allow log logamount 100 tcp from any to 192.168.0.1 dst-port 80 in via tun0 setup keep-state
## Dynamic rules (14):
05000   17    768 (0s) STATE tcp 212.112.117.70 1212 <-> 192.168.0.1 80
...[/CODE]

/var/log/security
[CODE]...
Mar  9 14:40:23 free kernel: ipfw: 4700 Divert 6893 TCP 212.112.117.70:1212 212.42.xxx.xxx:80 in via tun0
Mar  9 14:40:23 free kernel: ipfw: 5000 Accept TCP 212.112.117.70:1212 192.168.0.1:80 in via tun0
Mar  9 14:40:23 free kernel: ipfw: 5000 Accept TCP 212.112.117.70:1212 192.168.0.1:80 out via vr1
Mar  9 14:40:23 free kernel: ipfw: 5000 Accept TCP 192.168.0.1:80 212.112.117.70:1212 in via vr1
#^this is O'k - packet is ready to be caught by rule 3800 but that rule is ignored and pachet processed by dymamic rule  :confused: 
Mar  9 14:40:23 free kernel: ipfw: 5000 Accept TCP 192.168.0.1:80 212.112.117.70:1212 out via tun0
...[/CODE]

natd is started by 
[CODE]natd -log_denied -s -m -p 6893 -dynamic -n tun0 -redirect_port tcp 192.168.0.1:80 80 -log_ipfw_denied -l[/CODE]
  

-- 
Best regards,
 Vladimir