From owner-man-jp-reviewer@jp.freebsd.org  Mon Oct  5 23:33:32 1998
Received: (from daemon@localhost)
	by jaz.jp.freebsd.org (8.9.1+3.1W/8.7.3) id XAA16793;
	Mon, 5 Oct 1998 23:33:32 +0900 (JST)
	(envelope-from owner-man-jp-reviewer@jp.FreeBSD.org)
Received: from mail.yk.rim.or.jp (root@mail.yk.rim.or.jp [202.247.130.37])
	by jaz.jp.freebsd.org (8.9.1+3.1W/8.7.3) with ESMTP id XAA16786
	for <man-jp-reviewer@jp.freebsd.org>; Mon, 5 Oct 1998 23:33:31 +0900 (JST)
	(envelope-from k-horik@yk.rim.or.jp)
Received: from localhost (ppp201.yk.rim.or.jp [202.247.134.201])
	by mail.yk.rim.or.jp (8.8.5/3.6W-RIMNET-98-06-09) with ESMTP id XAA00909
	for <man-jp-reviewer@jp.freebsd.org>; Mon, 5 Oct 1998 23:33:28 +0900 (JST)
To: man-jp-reviewer@jp.freebsd.org
In-Reply-To: Your message of "Sun, 04 Oct 1998 19:25:42 +0900"
	<19981004192542E.k-horik@yk.rim.or.jp>
References: <19981004192542E.k-horik@yk.rim.or.jp>
X-Mailer: Mew version 1.93 on Emacs 19.28 / Mule 2.3 (SUETSUMUHANA)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Message-Id: <19981005233256Q.k-horik@yk.rim.or.jp>
Date: Mon, 05 Oct 1998 23:32:56 +0900
From: Kazuo Horikawa <k-horik@yk.rim.or.jp>
X-Dispatcher: imput version 980905(IM100)
Lines: 198
Reply-To: man-jp-reviewer@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+980914
X-Sequence: man-jp-reviewer 520
Subject: [man-jp-reviewer 520] ipftest.1
Errors-To: owner-man-jp-reviewer@jp.freebsd.org
Sender: owner-man-jp-reviewer@jp.freebsd.org

ipftest.1 $B$G$9!#(B

--- ipftest.1.bak	Fri Sep 25 23:16:39 1998
+++ ipftest.1	Sat Sep 26 01:44:07 1998
@@ -1,127 +1,134 @@
 .TH ipftest 1
 .\" jpman %Id: ipftest.1,v 0.0 1998/09/12 16:02:08 horikawa Stab %
-.SH NAME
-ipftest \- test packet filter rules with arbitrary input.
-.SH SYNOPSIS
+.SH $BL>>N(B
+ipftest \- $BG$0U$NF~NO$KBP$7$F%Q%1%C%H%U%#%k%?%k!<%k$r%F%9%H$9$k(B
+.SH $B=q<0(B
 .B ipftest
 [
 .B \-vbdPSTEHX
 ] [
 .B \-I
 interface
 ]
 .B \-r
 <filename>
 [
 .B \-i
 <filename>
 ]
-.SH DESCRIPTION
+.SH $B2r@b(B
 .PP
-\fBipftest\fP is provided for the purpose of being able to test a set of
-filter rules without having to put them in place, in operation and proceed
-to test their effectiveness.  The hope is that this minimises disruptions
-in providing a secure IP environment.
+\fBipftest\fP $B$NDs6!$NL\E*$O!"(B
+$B%U%#%k%?%k!<%k=89g$r$"$k$Y$->l=j$KCV$/I,MW$J$/%F%9%H2DG=$H$9$k$3$H$G$"$j!"(B
+$B%U%#%k%?%k!<%k$N8z2L$r%F%9%H$7$^$9!#(B
+$B$^$?!"0BA4$J(B IP $B4D6-Ds6!$X$N1F6A$r:G>.2=$9$k$3$H$rK>$_$^$9!#(B
 .PP
-\fBipftest\fP will parse any standard ruleset for use with \fBipf\fP
-and apply input, returning output as to the result.  However, \fBipftest\fP
-will return one of three values for packets passed through the filter:
-pass, block or nomatch.  This is intended to give the operator a better
-idea of what is happening with packets passing through their filter
-ruleset.
+\fBipftest\fP $B$O!"(B\fBipf\fP $B$NI8=`%k!<%k%;%C%H$r2r<a$7!"(B
+$B$3$l$rF~NO$KBP$7$FE,MQ$7!"7k2L$H$7$F=PNO$rJV$7$^$9!#(B
+$B$7$+$7!"%U%#%k%?$rDL2a$7$?%Q%1%C%H$KBP$7$F(B \fBipftest\fP $B$,JV$9$N$O!"(B
+$B<!$N(B 3 $B$D$NCM$N$&$A$N(B 1 $B$D$G$9(B: pass, block, nomatch$B!#(B
+$B$3$l$O!"(B
+$B%Q%1%C%H$,%U%#%k%?%k!<%k%;%C%H$rDL2a$9$k$K$"$?$C$F2?$,H/@8$7$F$$$k$N$+$K4X$7!"(B
+$B%*%Z%l!<%?$NM}2r$r=u$1$k$3$H$r0U?^$7$F$$$^$9!#(B
 .PP
-When used without either of \fB\-S\fP, \fB\-T\fP or \fB\-E\fP,
-\fBipftest\fP uses its own text input format to generate "fake" IP packets.
-The format used is as follows:
+\fB\-S\fP, \fB\-T\fP, \fB\-E\fP $B$N$$$:$l$N%*%W%7%g%s$b;HMQ$7$J$$>l9g!"(B
+\fBipftest\fP $B$O8GM-$N%F%-%9%H%U%)!<%^%C%H$r;HMQ$7!"(B
+$B!V5<;w!W(BIP $B%Q%1%C%H$r@8@.$7$^$9!#(B
+$B;HMQ$9$k%U%)!<%^%C%H$O<!$N$H$*$j$G$9(B:
 .nf
 		"in"|"out" "on" if ["tcp"|"udp"|"icmp"]
 			srchost[,srcport] dsthost[,destport] [FSRPAU]
 .fi
 .PP
-This allows for a packet going "in" or "out" of an interface (if) to be
-generated, being one of the three main protocols (optionally), and if
-either TCP or UDP, a port parameter is also expected.  If TCP is selected,
-it is possible to (optionally) supply TCP flags at the end.  Some examples
-are:
+$B%$%s%?%U%'!<%9(B (if) $B$K$F!"(B
+$BF~$k(B ("in") $B$^$?$O=P$k(B ("out") $B%Q%1%C%H$r@8@.$G$-$^$9!#(B
+$B%*%W%7%g%s$H$7$F(B 3 $B$D$N<g$J$k%W%m%H%3%k$+$i(B 1 $B$D$rA*Br$G$-$^$9!#(B
+TCP $B$^$?$O(B UDP $B$N>l9g!"%]!<%H%Q%i%a!<%?$b;XDj2DG=$G$9!#(B
+TCP $B$,A*Br$5$l$?>l9g!"(B($B%*%W%7%g%s$H$7$F(B) $B:G8e$N(B TCP $B%U%i%0$r;XDj2DG=$G$9!#(B
+$B0J2<$K?tNc<($7$^$9(B:
 .nf
-		# a UDP packet coming in on le0
+		# le0 $B$KE~Ce$9$k(B UDP $B%Q%1%C%H(B
 		in on le0 udp 10.1.1.1,2210 10.2.1.5,23
-		# an IP packet coming in on le0 from localhost - hmm :)
+		# localhost $B$+$i(B le0 $B$KE~Ce$9$k(B IP $B%Q%1%C%H(B - $B$&!<$`(B :)
 		in on le0 localhost 10.4.12.1
-		# a TCP packet going out of le0 with the SYN flag set.
+		# SYN $B%U%i%0$r@_Dj$5$l$F(B le0 $B$+$i=P$F9T$/(B TCP $B%Q%1%C%H(B
 		out on le0 tcp 10.4.12.1,2245 10.1.1.1,23 S
 .fi
-.SH OPTIONS
+.SH $B%*%W%7%g%s(B
 .TP
 .B \-v
-Verbose mode.  This provides more information about which parts of rule
-matching the input packet passes and fails.
+$B>iD9%b!<%I!#(B
+$BDL2a$7$?$^$?$O$7$J$+$C$?F~NO%Q%1%C%H$KBP$7$F(B
+$B%k!<%k$N$I$NItJ,$,%^%C%A$7$?$N$+$K4X$7!"99$J$k>pJs$rDs6!$7$^$9!#(B
 .TP
 .B \-d
-Turn on filter rule debugging.  Currently, this only shows you what caused
-the rule to not match in the IP header checking (addresses/netmasks, etc).
+$B%U%#%k%?%k!<%k%G%P%C%0$r%*%s$K$7$^$9!#(B
+$B8=:_!"(BIP $B%X%C%@%A%'%C%/$K$*$$$F!"%k!<%k$,(B $B%^%C%A$7$J$+$C$?M}M3$N$_$rI=<($7$^$9(B
+($B%"%I%l%9(B/$B%M%C%H%^%9%/$J$I(B)$B!#(B
 .TP
 .B \-b
-Cause the output to be a brief summary (one-word) of the result of passing
-the packet through the filter; either "pass", "block" or "nomatch".
-This is used in the regression testing.
+$B%Q%1%C%H$r%U%#%k%?$KDL$7$?7k2L$N=PNO$r!"C;$$$^$H$a(B (1 $B8l(B)$B!"(B
+$B$9$J$o$A(B "pass", "block", "nomatch" $B$N$$$:$l$+$K$7$^$9!#(B
+$B8eLa$j$7$F3NG'$9$k:]$K;HMQ$7$^$9!#(B
 .TP
 .BR \-I \0<interface>
-Set the interface name (used in rule matching) to be the name supplied.
-This is useful with the \fB\-P, \-S, \-T\fP and \fB\-E\fP options, where it is
-not otherwise possible to associate a packet with an interface.  Normal
-"text packets" can override this setting.
+($B%k!<%k$N%^%C%A$K;HMQ$5$l$k(B) $B%$%s%?%U%'!<%9L>$r!";XDj$5$l$?L>A0$K@_Dj$7$^$9!#(B
+$B$3$NJ}K!L5$7$K$O%Q%1%C%H$H%$%s%?%U%'!<%9$H$r4XO"IU$1$i$l$J$$!"(B
+\fB\-P\fR, \fB\-S\fR, \fB\-T\fP, \fB\-E\fP $B$N3F%*%W%7%g%s$K$*$$$FM-MQ$G$9!#(B
+$BDL>o$N!V%F%-%9%H%Q%1%C%H!W$O!"$3$N@_Dj$KM%@h$7$^$9!#(B
 .TP
 .B \-P
-The input file specified by \fB\-i\fP is a binary file produced using libpcap
-(i.e., tcpdump version 3).  Packets are read from this file as being input
-(for rule purposes).  An interface maybe specified using \fB\-I\fP.
+\fB\-i\fP $B$G;XDj$5$l$kF~NO%U%!%$%k$O!"(B
+libcap ($B$9$J$o$A(B tcpdump $B%P!<%8%g%s(B 3) $B$,@8@.$7$?%P%$%J%j%U%!%$%k$G$9!#(B
+$B$3$N%U%!%$%k$+$iFI$^$l$?%Q%1%C%H$O!"(B($B%k!<%k$KBP$9$k(B) $BF~NO$K$J$j$^$9!#(B
+$B%$%s%?%U%'!<%9$O(B \fB\-I\fP $B$G;XDj2DG=$G$9!#(B
 .TP
 .B \-S
-The input file is to be in "snoop" format (see RFC 1761).  Packets are read
-from this file and used as input from any interface.  This is perhaps the
-most useful input type, currently.
+$BF~NO%U%!%$%k$O!V%9%L!<%W!W%U%)!<%^%C%H(B (RFC 1761 $B;2>H(B) $B$G$9!#(B
+$B%Q%1%C%H$O$3$N%U%!%$%k$+$iFI$_<h$i$l!"(B
+$BG$0U$N%$%s%?%U%'!<%9$+$i$NF~NO$H$7$F;HMQ$5$l$^$9!#(B
+$B$*$=$i$/8=:_$N$H$3$m!"$3$l$,:G$bM-MQ$JF~NO%?%$%W$G$7$g$&!#(B
 .TP
 .B \-T
-The input file is to be text output from tcpdump.  The text formats which
-are currently supported are those which result from the following tcpdump
-option combinations:
+$BF~NO%U%!%$%k$O(B tcpdump $B$N%F%-%9%H=PNO$G$9!#(B
+$B8=:_%5%]!<%H$5$l$F$$$k%F%-%9%H%U%)!<%^%C%H$O!"(B
+$B<!$N(B tcpdump $B%*%W%7%g%s$NAH$_9g$o$;$N=PNO$G$9(B:
 .PP
 .nf
 		tcpdump -n
 		tcpdump -nq
 		tcpdump -nqt
 		tcpdump -nqtt
 		tcpdump -nqte
 .fi
 .LP
 .TP
 .B \-H
-The input file is to be hex digits, representing the binary makeup of the
-packet.  No length correction is made, if an incorrect length is put in
-the IP header.
+$BF~NO%U%!%$%k$O(B16 $B?J?t$G$"$j!"%Q%1%C%H$N%P%$%J%j%^!<%/%"%C%WI=8=$G$9!#(B
+IP $B%X%C%@$ND9$5$,@5$7$/$J$/$F$b!"D9$5$OJd@5$5$l$^$;$s!#(B
 .TP
 .B \-X
-The input file is composed of text descriptions of IP packets.
+$BF~NO%U%!%$%k$O(B IP $B%Q%1%C%H$N%F%-%9%H5-=R$+$i$J$j$^$9!#(B
 .TP
 .B \-E
-The input file is to be text output from etherfind.  The text formats which
-are currently supported are those which result from the following etherfind
-option combinations:
+$BF~NO%U%!%$%k$O(B etherfind $B$N%F%-%9%H=PNO$G$9!#(B
+$B8=:_%5%]!<%H$5$l$F$$$k%F%-%9%H%U%)!<%^%C%H$O!"(B
+$B<!$N(B etherfind $B%*%W%7%g%s$NAH$_9g$o$;$N=PNO$G$9(B:
 .PP
 .nf
 		etherfind -n
 		etherfind -n -t
 .fi
 .LP
 .TP
 .BR \-i \0<filename>
-Specify the filename from which to take input.  Default is stdin.
+$BF~NO$rF@$k%U%!%$%kL>$r;XDj$7$^$9!#%G%U%)%k%H$OI8=`F~NO$G$9!#(B
 .TP
 .BR \-r \0<filename>
-Specify the filename from which to read filter rules.
-.SH SEE ALSO
+$B%U%#%k%?%k!<%k$rFI$_<h$k%U%!%$%kL>$r;XDj$7$^$9!#(B
+.SH $B4XO"9`L\(B
 ipf(5), ipf(8), snoop(1m), tcpdump(8), etherfind(8c)
-.SH BUGS
-Not all of the input formats are sufficiently capable of introducing a
-wide enough variety of packets for them to be all useful in testing.
+.SH $B%P%0(B
+$B==J,$JG=NO$r;}$?$J$$F~NO=q<0$b$"$j$^$9!#(B
+$B$=$NF~NO=q<0$GI=8=$5$l$kB?<oB?MM$J%Q%1%C%H$G$b!"(B
+$B%F%9%H$KM-MQ$J$3$H$,$i$9$Y$F$r%+%P!<$G$-$k$o$1$G$O$"$j$^$;$s!#(B
