an interesting tidbit from the iptables man pages suggests that their is a built in facility for this one to one nat thingie I'm looking into here;
NETMAP This target allows you to statically map a whole network of addresses onto another network of addresses. It can only be used from rules in the nat table.
--to address[/mask] Network address to map to. The resulting address will be constructed in the following way: All 'one' bits in the mask are filled in from the new `address'. All bits that are zero in the mask are filled in from the original address.
If I read this correctly, it appears to build the hash tables of addresses for one eh?
As I understand it the NETMAP target is used to do NATing on a large range ((sub)network) of IPs in on rule. Thus you could directly translate 192.168.0.1 <-> 172.16.0.1, 192.168.0.2 <-> 172.16.0.2, 192.168.0.n <-> 172.16.0.n, etc.
As far as your situation are you really wanting each computer on your network to have a globally routable IP? If not then you do not need / want to look at NETMAP.
Grant. . . .
