From owner-IPv6-jp@jp.freebsd.org  Wed Jul 28 06:22:21 1999
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id GAA56069;
	Wed, 28 Jul 1999 06:22:21 +0900 (JST)
	(envelope-from owner-IPv6-jp@jp.FreeBSD.org)
Received: from manhattan-gw.iij-america.com (firewall-user@manhattan-gw.iij-america.com [202.232.14.178])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id GAA56064
	for <IPv6-jp@jp.freebsd.org>; Wed, 28 Jul 1999 06:22:20 +0900 (JST)
	(envelope-from koji@iij.com)
Received: by manhattan-gw.iij-america.com; id GAA15696; Wed, 28 Jul 1999 06:22:18 +0900 (JST)
Received: from fs.iij-america.com(192.168.241.2) by manhattan-gw.iij-america.com via smap (3.2)
	id xma015688; Wed, 28 Jul 99 06:22:12 +0900
Received: from localhost (koji@localhost [127.0.0.1])
	by fs.iij-america.com (8.8.5/3.6W-primary) with ESMTP id RAA13504
	for <IPv6-jp@jp.freebsd.org>; Tue, 27 Jul 1999 17:22:11 -0400 (EDT)
To: IPv6-jp@jp.freebsd.org
X-Mailer: Mew version 1.93 on XEmacs 21.0 (Norwegian)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Message-Id: <19990727172211C.koji@iij.com>
Date: Tue, 27 Jul 1999 17:22:11 -0400
From: Koji Yamamoto <koji@iij.com>
X-Dispatcher: imput version 981019(IM102)
Lines: 51
Reply-To: IPv6-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+990727
X-Sequence: IPv6-jp 285
Subject: [IPv6-jp 285] ipfw/natd (DIVERT) and gif
Errors-To: owner-IPv6-jp@jp.freebsd.org
Sender: owner-IPv6-jp@jp.freebsd.org
X-Originator: koji@iij.com

ipfw+natd $B$r;H$C$F$$$k4D6-$G!"(Bgif $B$,$&$^$/F0$+$J$$$3$H$,$"$j$^$7$?!#(B

$B:F8=>r7o$J$I$r$-$A$s$H3NG'$7$F$J$$$N$G$9$,!"$H$j$"$($:8=>]$H2sHrJ}K!$K$D(B
$B$$$F$o$+$C$?$3$H$r(B report $B$7$F$*$-$^$9!#(B

$B4D6-(B: FreeBSD 2.2.8 RELEASE + kame 19990705 snap

                       xxx.yyy.zzz.www
                              |
                              | gif tunnel 
=====+=====                   |
     | de0 global IPv4 aaa.bbb.ccc.ddd
 +---+---+
 |       | FreeBSD 2.2.8R + kame, ipfw/natd box
 +---+---+
     | xl0 private IPv4
=====+=====

$B>e5-$N$h$&$J4D6-$G!"(Bde0 $B$N(B global IP address (aaa.bbb.ccc.ddd) $B$r(B src $B$K!"(B
xxx.yyy.zzz.www $B$r(B dst $B$K$7$F(B gifconfig $B$7$^$7$?$,!"$&$^$/%H%s%M%k$,D%$l(B
$B$^$;$s$G$7$?!#(B( gifconfig gif0 aaa.bbb.ccc.ddd xxx.yyy.zzz.www )
( ping6 -I gif0 ff02::1 $B$KBP$7$F!"(Btunnel dst $B$N(B IPv6 link local
address $B$+$iJVEz$,$J$$(B)

$B%H%s%M%k$,$&$^$/D%$l$F$$$J$$$3$H$K5$$,$D$+$:$K!"(Broute6d $B$rF0$+$7$?$H$3$m!"(B
reboot $B$7$F$7$^$$$^$7$?!#(B

KAME $B$N(B bug report $B$rD4$Y$?$H$3$m!"D>@\F1$88=>]$K$D$$$F=R$Y$F$$$k$b$N$O(B
$B$"$j$^$;$s$G$7$?$,!"(BDIVERT $B$K$D$$$F$O(B not supported and not tested $B$@$H(B
$B$"$C$?$N$G!"(Bipfw $B$N@_Dj$G%H%s%M%k$N%Q%1%C%H$K$D$$$F(B divert socket $B$KFM$C(B
$B9~$^$J$$$h$&$K(B skipto $B$N@_Dj$r$7$?$H$3$m!"$&$^$/F0$/$h$&$K$J$j$^$7$?!#(B

$BKM$O(B /etc/rc.conf $B$G(B firewall_enable="NO" $B$G!"<+J,$G5/F0(B script $B$r(B
/usr/local/etc/rc.d/ $B$KCV$$$F$$$k$N$G!"$3$N(B script $B$NCf$G(B

ipfw add 60000 pass all from any to any
ipfw add 1 skipto 60000 ip from xxx.yyy.zzz.www to aaa.bbb.ccc.ddd via de0

$B$H$7$^$7$?!#(B

***

freenet6.net $B$KBP$7$F%H%s%M%k$rD%$C$?$H$-$O(B($B>e5-$N(B ipfw $B$N(B work around 
$B$r$7$J$/$F$b(B)$B$&$^$/D%$l$?$N$G!"B>$K$J$K$+>r7o$,$"$k$N$+$b$7$l$^$;$s$,!"(B
$BD4$Y$-$F$l$$$^$;$s!#(B
$B$^$?;~4V$,<h$l$?$H$-$K$d$C$F$_$FJs9p$7$^$9!#(B


Koji Yamamoto
koji@iij.com / koji@iij.ad.jp
IIJ America, Inc.
