This article assumes a few things. First, that you've built an OpenBSD kernel before and are relatively comfortable with the process. Second, that you know how to download OpenBSD's CVS trees to your machine. Third, that you are familiar with the process of setting up IPFilter, including changes to rc.conf, etc. If you require guidance with any of these, I suggest you visit OpenBSD's
web site for help.
This method's been tested on both OpenBSD 2.7 and 2.8, with IPFilter version 3.4.11 and higher (yes, I'm a relative newbie to ipf).
It's only been tested on i386 architecture machines.
The source change from nat_ifdetach() to frsync() is based on several discussions on the IPFilter mailing list, and based on Darren's comment in
this post.