Windows NT domain authentication uses NetBIOS 'netlogon' traffic. This type of NetBIOS data has the source address of the client embedded in the NetBIOS fields, and requires rewriting for NAT to work properly.
Has anyone attempted this? If not, how difficult is it to get to the UDP data and rewrite a four byte field? (Basically i'm thinking that the functions that rewrite the IP header could be used effectively here, it's the same rewrite taking place)