From owner-man-jp-reviewer@jp.freebsd.org  Mon Oct  5 23:33:23 1998
Received: (from daemon@localhost)
	by jaz.jp.freebsd.org (8.9.1+3.1W/8.7.3) id XAA16764;
	Mon, 5 Oct 1998 23:33:23 +0900 (JST)
	(envelope-from owner-man-jp-reviewer@jp.FreeBSD.org)
Received: from mail.yk.rim.or.jp (root@mail.yk.rim.or.jp [202.247.130.37])
	by jaz.jp.freebsd.org (8.9.1+3.1W/8.7.3) with ESMTP id XAA16759
	for <man-jp-reviewer@jp.freebsd.org>; Mon, 5 Oct 1998 23:33:22 +0900 (JST)
	(envelope-from k-horik@yk.rim.or.jp)
Received: from localhost (ppp201.yk.rim.or.jp [202.247.134.201])
	by mail.yk.rim.or.jp (8.8.5/3.6W-RIMNET-98-06-09) with ESMTP id XAA00853
	for <man-jp-reviewer@jp.freebsd.org>; Mon, 5 Oct 1998 23:33:19 +0900 (JST)
To: man-jp-reviewer@jp.freebsd.org
X-Mailer: Mew version 1.93 on Emacs 19.28 / Mule 2.3 (SUETSUMUHANA)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Message-Id: <19981005233248A.k-horik@yk.rim.or.jp>
Date: Mon, 05 Oct 1998 23:32:48 +0900
From: Kazuo Horikawa <k-horik@yk.rim.or.jp>
X-Dispatcher: imput version 980905(IM100)
Lines: 177
Reply-To: man-jp-reviewer@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+980914
X-Sequence: man-jp-reviewer 519
Subject: [man-jp-reviewer 519] ipf.1
Errors-To: owner-man-jp-reviewer@jp.freebsd.org
Sender: owner-man-jp-reviewer@jp.freebsd.org

 ipf.1 $B$G$9!#(B

--- ipf.1~	Fri Sep 25 22:52:54 1998
+++ ipf.1	Fri Sep 25 23:58:55 1998
@@ -1,110 +1,119 @@
 .TH IPF 1
 .\" jpman %Id: ipf.1,v 0.0 1998/09/12 16:02:07 horikawa Stab %
-.SH NAME
-ipf \- alters packet filtering lists for IP packet input and ouput
-.SH SYNOPSIS
+.SH $BL>>N(B
+ipf \- IP $B%Q%1%C%HF~=PNOMQ$N%Q%1%C%H%U%#%k%?%j%9%H$rJQ99$9$k(B
+.SH $B=q<0(B
 .B ipf
 [
 .B \-AdDEInorsUvyzZ
 ] [
 .B \-l
 <block|pass|nomatch>
 ] [
 .B \-F
 <i|o|a>
 ]
 .B \-f
 <\fIfilename\fP>
 [
 .B \-f
 <\fIfilename\fP>
 [...]]
-.SH DESCRIPTION
+.SH $B2r@b(B
 .PP
-\fBipf\fP opens the filenames listed (treating "\-" as stdin) and parses the
-file for a set of rules which are to be added or removed from the packet
-filter rule set.
+\fBipf\fP $B$ONs5s$5$l$?%U%!%$%k$r%*!<%W%s$7(B ("\-" $B$OI8=`F~NO$H$7$F07$$$^$9(B)$B!"(B
+$B$=$N%U%!%$%k$r2r<a$7$F!"(B
+$B%Q%1%C%H%U%#%k%?%k!<%k%;%C%H$KBP$7DI2C$^$?$O:o=|$9$k%k!<%k%;%C%H$r5a$a$^$9!#(B
 .PP
-Each rule processed by \fBipf\fP
-is added to the kernel's internal lists if there are no parsing problems.
-Rules are added to the end of the internal lists, matching the order in
-which they appear when given to \fBipf\fP.
-.SH OPTIONS
+\fBipf\fP $B$,=hM}$9$k3F%k!<%k$O!"2r<a$KLdBj$,$J$1$l$P!"(B
+$B%+!<%M%kFbIt$N%j%9%H$KDI2C$5$l$^$9!#(B
+$B%k!<%k$OFbIt%j%9%H$N:G8e$KDI2C$5$l!"(B
+\fBipf\fP $B$KM?$($i$l$?;~$N=P8==g$K%^%C%A$,9T$o$l$^$9!#(B
+.SH $B%*%W%7%g%s(B
 .TP
 .B \-A
-Set the list to make changes to the active list (default).
+$B%j%9%H$r!"F0:nCf$N%j%9%H$KJQ99$r2C$($k$b$N$H$7$^$9(B ($B%G%U%)%k%H(B)$B!#(B
 .TP
 .B \-d
-Turn debug mode on.  Causes a hexdump of filter rules to be generated as
-it processes each one.
+$B%G%P%C%0%b!<%I$r%*%s$K$7$^$9!#(B
+$B3F%U%#%k%?%k!<%k$r=hM}$9$k$4$H$K!"%U%#%k%?%k!<%k$N(B 16 $B?J?t%@%s%W$r:n@.$7$^$9!#(B
 .TP
 .B \-D
-Disable the filter (if enabled).  Not effective for loadable kernel versions.
+($BM-8z$J>l9g(B) $B%U%#%k%?$rL58z$K$7$^$9!#(B
+$B%m!<%@%V%k%+!<%M%k%P!<%8%g%s$G$OF0:n$7$^$;$s!#(B
 .TP
 .B \-E
-Enable the filter (if disabled).  Not effective for loadable kernel versions.
+($BL58z$J>l9g(B) $B%U%#%k%?$rM-8z$K$7$^$9!#(B
+$B%m!<%@%V%k%+!<%M%k%P!<%8%g%s$G$OF0:n$7$^$;$s!#(B
 .TP
 .BR \-F \0<param>
-This option specifies which filter list to flush.  The parameter should
-either be "i" (input), "o" (output) or "a" (remove all filter rules).
-Either a single letter or an entire word starting with the appropriate
-letter maybe used.  This option maybe before, or after, any other with
-the order on the command line being that used to execute options.
+$B$3$N%*%W%7%g%s$O!"$I$N%U%#%k%?%j%9%H$r<N$F$k$N$+$r;XDj$7$^$9!#(B
+$B%Q%i%a!<%?$O!"(B"i" (input; $BF~NO(B), "o" (output; $B=PNO(B),
+"a" (all; $BA4%U%#%k%?%k!<%k$N=|5n(B)
+$B$N$$$:$l$+$G$9!#(B
+$BC10l%l%?!<$^$?$OE,@Z$J%l%?!<$G3+;O$9$k8lA4BN$N$I$A$i$G$b$+$^$$$^$;$s!#(B
+$B<B9T%*%W%7%g%s$r;XDj$9$k%3%^%s%I%i%$%s$K$*$$$F!"(B
+$B$3$N%*%W%7%g%s$N0LCV$OB>$N%*%W%7%g%s$NA0$G$b8e$G$b$+$^$$$^$;$s!#(B
 .TP
 .BR \-f \0<filename>
-This option specifies which files
-\fBipf\fP should use to get input from for modifying the packet filter rule
-lists.
+$B$3$N%*%W%7%g%s$O!"%Q%1%C%H%U%#%k%?%k!<%k%j%9%H$rJQ99$9$k$?$a$NF~NO$r!"(B
+\fBipf\fP $B$,$I$N%U%!%$%k$+$iF@$k$N$+$r;XDj$7$^$9!#(B
 .TP
 .B \-I
-Set the list to make changes to the inactive list.
+$B%j%9%H$r!"F0:nCf$G$O$J$$%j%9%H$KJQ99$r2C$($k$b$N$H$7$^$9!#(B
 .TP
 .B \-l \0<param>
-Use of the \fB-l\fP flag toggles default logging of packets.  Valid
-arguments to this option are \fBpass\fP, \fBblock\fP and \fBnomatch\fP.
-When an option is set, any packet which exits filtering and matches the
-set category is logged.  This is most useful for causing all packets
-which don't match any of the loaded rules to be logged.
+\fB-l\fP $B%U%i%0$r;HMQ$9$k$H!"%Q%1%C%H$N%G%U%)%k%H%m%0F0:n$r@Z$jBX$($^$9!#(B
+$B$3$N%*%W%7%g%s$KBP$9$kM-8z$J0z?t$O!"(B
+\fBpass\fP, \fBblock\fP, \fBnomatch\fP $B$N$$$:$l$+$G$9!#(B
+$B%*%W%7%g%s$,@_Dj$5$l$?$H$-!"(B
+$B%U%#%k%?%j%s%0$+$iH4$1=P$7$?!"(B
+$B$$$:$l$+$NJ,N`$K%^%C%A$9$k%Q%1%C%H$O!"%m%0$5$l$^$9!#(B
+$B$3$l$,:G$bM-MQ$J$N$O!"(B
+$B%m!<%I$7$?%k!<%k$N$$$:$l$K$b%^%C%A$7$J$+$C$?A4%Q%1%C%H$r%m%0$9$k>l9g$G$9!#(B
 .TP
 .B \-n
-This flag (no-change) prevents \fBipf\fP from actually making any ioctl
-calls or doing anything which would alter the currently running kernel.
+$B$3$N%U%i%0(B ($BL5JQ99(B) $B$O!"(B\fBipf\fP $B$,<B:]$K(B ioctl $B8F$S=P$9$3$H$H!"(B
+$B8=:_<B9TCf$N%+!<%M%k$rJQ99$9$k$3$H$rK8$2$^$9!#(B
 .TP
 .B \-o
-Force rules by default to be added/deleted to/from the output list, rather
-than the (default) input list.
+($B%G%U%)%k%H$N(B) $BF~NO%j%9%H$KBP$7$F$G$O$J$/!"(B
+$B=PNO%j%9%H$KBP$7$F%G%U%)%k%H$G%k!<%k$rDI2C(B/$B:o=|$9$k$h$&$K6/@)$7$^$9!#(B
 .TP
 .B \-r
-Remove matching filter rules rather than add them to the internal lists
+$B%^%C%A$9$k%U%#%k%?%k!<%k$r!"FbIt%j%9%H$KDI2C$9$k$N$G$O$J$/!":o=|$7$^$9!#(B
 .TP
 .B \-s
-Swap the active filter list in use to be the "other" one.
+$B;HMQCf$N3hF0%U%#%k%?%j%9%H$r!VB>!W$N$b$N$H8r49$7$^$9!#(B
 .TP
 .B \-U
-(SOLARIS 2 ONLY) Block packets travelling along the data stream which aren't
-recognised as IP packets.  They will be printed out on the console.
+(SOLARIS 2 $B$N$_(B)
+IP $B%Q%1%C%H$H$7$F$OG'<1$5$l$J$$$h$&$J(B
+$B%G!<%?%9%H%j!<%`$rH<$C$F$$$k%Q%1%C%H$r%V%m%C%/$7$^$9!#(B
+$B$3$N$h$&$J%Q%1%C%H$O%3%s%=!<%k$KI=<($5$l$^$9!#(B
 .TP
 .B \-v
-Turn verbose mode on.  Displays information relating to rule processing.
+$B>iD9%b!<%I$r%*%s$K$7$^$9!#%k!<%k=hM}$K4X$9$k>pJs$rI=<($7$^$9!#(B
 .TP
 .B \-y
-(SOLARIS 2 ONLY) Manually resync the in-kernel interface list maintained
-by IP Filter with the current interface status list.
+(SOLARIS 2 $B$N$_(B)
+IP $B%U%#%k%?$,4IM}$7$F$$$k%+!<%M%kFb%$%s%?%U%'!<%9%j%9%H$H!"(B
+$B8=:_$N%$%s%?%U%'!<%9>uBV%j%9%H$H$r!"<jF0$G:FF14|$7$^$9!#(B
 .TP
 .B \-z
-For each rule in the input file, reset the statistics for it to zero and
-display the statistics prior to them being zero'd.
+$BF~NO%U%!%$%kCf$N3F%k!<%k$KBP$7!"E}7W>pJs$r(B 0 $B$K%j%;%C%H$7!"(B
+0 $B$K$9$kA0$NE}7W>pJs$rI=<($7$^$9!#(B
 .TP
 .B \-Z
-Zero global statistics held in the kernel for filtering only (this doesn't
-affect fragment or state statistics).
+$B%U%#%k%?%j%s%0$N$_$K;HMQ$5$l$k%+!<%M%kFbA4BNE}7W>pJs$r(B 0 $B$K$7$^$9(B
+($BCGJR2=$H>uBV$NE}7W$K$OL54X78$G$9(B)$B!#(B
 .DT
-.SH SEE ALSO
+.SH $B4XO"9`L\(B
 ipfstat(1), ipftest(1), ipf(5), mkfilters(1)
-.SH DIAGNOSTICS
+.SH $B?GCG(B
 .PP
-Needs to be run as root for the packet filtering lists to actually
-be affected inside the kernel.
-.SH BUGS
+$B%+!<%M%kFb$N<B:]$N%Q%1%C%H%U%#%k%?%j%9%H$r99?7$9$k$K$O!"(B
+root $B$H$7$F<B9T$9$kI,MW$,$"$j$^$9!#(B
+.SH $B%P%0(B
 .PP
-If you find any, please send email to me at darrenr@cyber.com.au
+$B%P%0$r$_$D$1$?$i!"(Bdarrenr@cyber.com.au $B$KEE;R%a!<%k$rAw$C$F$/$@$5$$!#(B

