Add a section on using user-level PPP NAT to the handbook

PR:		44443
Submitted by:	Dmitry Morozovsky <marck@rinet.ru>
Approved by:	make lint

en_US.ISO8859-1/books/handbook/ppp-and-slip/chapter.sgml

@@ -1280,6 +1280,33 @@ set nbns 203.14.100.5</programlisting>
 	</sect4>
       </sect3>
 
+      <sect3 id="userppp-nat">
+       <title>Using PPP Network Address Translation Capability</title>
+       <indexterm><primary>PPP</primary><secondary>NAT</secondary></indexterm>
+
+       <para>PPP has ability to use internal NAT without kernel diverting
+         capabilities. This functionality may be enabled by the following 
+         line in <filename>/etc/ppp/ppp.conf</filename>:</para>
+
+       <programlisting>nat enable yes</programlisting>
+
+       <para>Alternatively, PPP NAT may be enabled by command-line
+         option <literal>-nat</literal>. There is also 
+         <filename>/etc/rc.conf</filename> knob named 
+         <literal>ppp_nat</literal>, which is enabled by default.</para>
+
+       <para>If you use this feature, you may also find useful
+         the following <filename>/etc/ppp/ppp.conf</filename> options
+         to enable incoming connections forwarding:</para>
+
+       <programlisting>nat port tcp 10.0.0.2:ftp ftp
+nat port tcp 10.0.0.2:http http</programlisting>
+
+       <para>or don't trust the outside at all</para>
+
+       <programlisting>nat deny_incoming yes</programlisting>
+      </sect3>
+
       <sect3 id="userppp-final">
 	<title>Final System Configuration</title>
 	<indexterm><primary>PPP</primary><secondary>configuration</secondary></indexterm>