On my N810 I used a slighly different userland aproach. I took the userland-network (slirp) code from qemu and plumbed it to the interface the to be natted clients were behind using pcap. This gives you a completely userland-based NAT solution with even a dhcp-server and dns-forwarding incorporated. Of course it also has all non functional disadvantages of a userland solution like additional delay and cpu-utilization but apart from that from a functional perspective it behaves like NAT. I even used to use VoIP and proprietary tunnel-clients behind it.