Recompile kernel or module for ipfw+nat?

[n j]

>> however, there is a kernel module called ipdivert.ko
>> Is it still necessary to recompile the kernel in order to use nat with
>> ipfw? Or, to put it another way, is there a possibility to use nat and
>> keep the generic kernel?

> You can choose to use the modules or make it static by recompile the kernel.
> IMHO the ipnat(8) is a more simple way to get nat.

Thank you for your input.

I'd prefer to use the module, however it doesn't seem to work:

# ipfw add nat 123 all from any to any <-- example from the man page

gives:

ipfw: getsockopt(IP_FW_ADD): Invalid argument

even though:

# kldstat
Id Refs Address    Size     Name
...
 6    2 0xc4400000 d000     ipfw.ko
 7    1 0xc9b33000 4000     ipdivert.ko

So, the original question remains - do I really need to recompile the
kernel in order to use NAT with IPFW?

As far as ipnat(8) goes, switching to ipfilter (which is mandatory if
I intend to use ipnat?) is not really an option.

Thanks,
-- 
Nino