Strange leakage of private source addresses w/ipfw and natd

[Michael Sierchio]

This doesn't have a (user-) noticeable impact on traffic,
but installing a silent network recorder outside my firewall
shows that some RFC 1918 addrs are getting through.  My
suspicion is that this has to do with my use of both static
and dynamic nat,  but I can't be sure.

I also need to instrument my ruleset so I see which rule is
allowing the traffic -- I'm a bit puzzled.

I'll post details when I've got them, but I'm wondering if
anyone else has seen this?

Cheers,

Michael