From owner-man-jp-reviewer@jp.freebsd.org  Fri Mar  5 01:46:37 1999
Received: (from daemon@localhost)
	by jaz.jp.freebsd.org (8.9.2+3.1W/8.7.3) id BAA17103;
	Fri, 5 Mar 1999 01:46:37 +0900 (JST)
	(envelope-from owner-man-jp-reviewer@jp.FreeBSD.org)
Received: from ma3.seikyou.ne.jp (ma3.seikyou.ne.jp [202.211.152.179])
	by jaz.jp.freebsd.org (8.9.2+3.1W/8.7.3) with ESMTP id BAA17098
	for <man-jp-reviewer@jp.freebsd.org>; Fri, 5 Mar 1999 01:46:35 +0900 (JST)
	(envelope-from hiloshi@seikyou.ne.jp)
Received: from hiloshi.seikyou.ne.jp (kyoto-456.seikyou.ne.jp [202.211.148.11])
	by ma3.seikyou.ne.jp (8.8.8/3.6WNSK98032401) with ESMTP id BAA19450
	for <man-jp-reviewer@jp.freebsd.org>; Fri, 5 Mar 1999 01:46:32 +0900
Received: (from hiloshi@localhost) by hiloshi.seikyou.ne.jp (8.8.5/3.5Wpl7) id BAA00508; Fri, 5 Mar 1999 01:46:14 +0900 (JST)
Date: Fri, 5 Mar 1999 01:46:14 +0900 (JST)
Message-Id: <199903041646.BAA00508@hiloshi.seikyou.ne.jp>
References: <199903021036.TAA13105@mail.wbs.ne.jp>
From: =?ISO-2022-JP?B?GyRCNmIkc0VEGyhC?= <vanitas@ma3.seikyou.ne.jp>
To: man-jp-reviewer@jp.freebsd.org
In-reply-to: HIRAYAMA Issei's message of "Tue, 2 Mar 1999 19:37:25 +0900 (JST)"
	     <199903021036.TAA13105@mail.wbs.ne.jp>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-2022-JP
Reply-To: man-jp-reviewer@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+981115
X-Sequence: man-jp-reviewer 1119
Subject: [man-jp-reviewer 1119] Re: ipfirewall.4
Errors-To: owner-man-jp-reviewer@jp.freebsd.org
Sender: owner-man-jp-reviewer@jp.freebsd.org
X-Originator: vanitas@ma3.seikyou.ne.jp

$B6b$sED$G$9!#(B

[man-jp-reviewer 1099]: $BJ?;3(B $B$5$s(B
> ipfirewall.4 $B$N=iLu$G$9!#$h$m$7$/$*4j$$$7$^$9!#(B

$B?t;z$O9THV9f(B($B3g8LFb$O86J8$N9THV9f(B)$B$G$9!#(B
$B!|%A%'%C%/E@(B
$B!&(B19(19):
   through system interfaces
   $B!V%7%9%F%`$N%$%s%?%U%'!<%94V$r!W(B
   $B$H$$$&$H!"2?$@$+!VF10l%7%9%F%`>e$N%$%s%?%U%'!<%94V!W$H$$$C$?(B
   $B0u>]$r<u$1$^$7$?!#(B $B!V4V!W$r<h$k$N$O$$$+$,$G$7$g$&$+!#(B
$B!&(B22(22):
   action$B!V%"%/%7%g%s!W(B
   145 $B9TL\0J9_$G!VF0:n!W$H$7$F$k$N$G!"(B
   $B$3$A$i$K9g$o$;$?$[$&$,NI$$$H;W$$$^$9!#(B
$B!&(B30(27):
   $B!X%+!<%M%k$r%3%s%Q%$%k$9$k;~$N%*%W%7%g%s$G(B
     IPFIREWALL_DEFAULT_TO_ACCEPT $B$r;XDj!Y(B
   $B!V$G!W$OL5$$$[$&$,$h$j@53N$J5$$,$7$^$9!#(B
$B!&(B52(50):
   ($B%+!<%M%k$N%;%-%e%j%F%#%l%Y%k$,(B)
   greater than 2
   $B!V(B2 $B0J>e!W"*!V(B3 $B0J>e!W(B
   ## $B!V(B2 $B$h$jBg$-$$!W$N$[$&$,$$$$$N$+$J!)(B
$B!&(B146(145):
   Each rule has an action described by the
   IP_FW_F_COMMAND bits in the flags word
   $B!X%k!<%k$K$O$=$l$>$l%U%i%0$NCf$N(B IP_FW_F_COMMAND
     $B%S%C%H$G5-=R$5$l$?F0:n$,$"$j$^$9!Y(B
   
 $B"*!X3F%k!<%k$O(B IP_FW_F_COMMAND $B%S%C%H$G<($5$l$k(B
     $B<!$N%U%i%0C18l$NF0:n$r;}$A$^$9!Y(B
   $B$H$$$C$?46$8$G$O$J$$$G$7$g$&$+!D!)(B ($B<+?.L5$7(B)
$B!&(B152:
   $B!V0o$7$^$9!W"*!V$=$i$7$^$9!W$O$$$+$,$G$7$g$&$+!#(B
   ## $B$C$F!"$3$NFI$_$G$$$$$s$G$7$g$&$+!#(B;
$B!&(B153(153):
   $B!V(Bdivert(4)$B!W(B
 $B"*!V!D!D!D!D!D%=%1%C%H!W(B
$B!&(B156(156):
   In the case of IP_FW_F_REJECT, if the fu_reject_code is a number
   from 0 to 255, then an ICMP unreachable packet is sent back to the
   original packet's source IP address, with the corresponding code.
   $B!X(BIP_FW_F_REJECT $B$N>l9g!"(B fu_reject_code $B$NHV9f$,(B 0 $B$+$i(B 255
     $B$J$i$PBP1~$9$k%3!<%I$H$H$b$K:G=i$N%Q%1%C%H$NH/?.85$N(B IP $B%"%I%l%9(B
     $B$X(B ICMP unreachable $B$rAw$jJV$7$^$9!#!Y(B
   
   $B!V!"(B $B!W"*!V!"!W(B
   $B!V:G=i$N%Q%1%C%H!W"*!V<u?.$7$?%Q%1%C%H!W(B
   $B!V(BICMP unreachable$B!W"*!V(BICMP unreachable $B%Q%1%C%H!W(B
   $B$O$$$+$,$G$7$g$&$+!#(B
$B!&(B169:
   $B!V(Bdivert(4) sockets$B!W(B
 $B"*!V!D!D!D!D!D%=%1%C%H!W(B
$B!&(B171:
   $B!V(BIP_FW_F_PRN bit$B!W(B
 $B"*!V!D!D!D!D!D!D%S%C%H!W(B


$B%3%a%s%H(B /* */ $BFb$OKM$bLu$5$l$F$$$k$[$&$,4r$7$$$H;W$$$^$9!#(B
___________________________________________
$B6bED(B $B9@;J(B  email: vanitas@ma3.seikyou.ne.jp
