From owner-FreeBSD-net-jp@jp.freebsd.org  Tue Aug 12 21:37:47 1997
Received: by jaz.jp.freebsd.org (8.8.7+2.7Wbeta5/8.7.3) id VAA16371
	Tue, 12 Aug 1997 21:37:47 +0900 (JST)
Received: by jaz.jp.freebsd.org (8.8.7+2.7Wbeta5/8.7.3) with ESMTP id VAA16366
	for <freebsd-net-jp@jp.freebsd.org>; Tue, 12 Aug 1997 21:37:46 +0900 (JST)
Message-Id: <199708121237.VAA02775@nocs3.noc.titech.ac.jp>
Received: from noc.titech.ac.jp by nocs3.noc.titech.ac.jp (8.7+2.6Wbeta3/TM2.1-bn3.3)
	id VAA02775; Tue, 12 Aug 1997 21:37:44 +0900 (JST)
To: FreeBSD-net-jp@jp.freebsd.org
X-Mailer: Mew version 1.54 on Emacs 19.28.1, Mule 2.3
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Date: Tue, 12 Aug 1997 21:37:43 +0900
From: IIJIMA Akihiro <aki@noc.titech.ac.jp>
Reply-To: FreeBSD-net-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute [version 2.1 (Alpha) patchlevel=20]
X-Sequence: FreeBSD-net-jp 57
Subject: [FreeBSD-net-jp 57] Re: natd vs IP-fil(ipnat)
Errors-To: owner-FreeBSD-net-jp@jp.freebsd.org
Sender: owner-FreeBSD-net-jp@jp.freebsd.org

$B$H$j$"$($:(B natd$B$O(B $B$5$/$C$HF0$-$^$7$?!#(B
$B$7$+$7(B UDP$B$N%j%l!<(B $B$H$$$&$+(B $B5"$j$,<BAu$5$l$F$J$$$h$&$G$9!#(B(natd-1.4)
$B!t(B $BJRF;$@$C$?$i(B $B4JC1$5!#(B
$B:#8+$k$H(B natd-1.9$B$,$"$j$^$9$,(B $B$3$l$K$b$J$5$=$&!#(B

$BL@F|$O(B ip-fil$B$r$d$C$F$_$^$9!#(B

> $B$C$F!"(Bnatd $B$b%]!<%HJQ49$G$-$k$s$G$9$M(B;; $BKM$N4*0c$$$G$7$?!#(B
> $B0UL#ITL@$J$s$G8@$$$?$+$C$?$3$H$r@bL@$9$k$H!"F1$8%5!<%S%9$rF1;~$K;H$((B
> $B$k$+;H$($J$$$+$r8@$$$?$+$C$?$o$1$G$9!#(B

$B$=$l$O(B $B$G$-$^$9!#(B

natd$B$N;EAH$_$C$F(B $B7k9=$*$b$7$m$$$G$9$M!#(B

FreeBSD$BI8=`$N(B ipfw$B%3%^%s%I$,$"$j$^$9$,(B $B$=$l$NCf$K(B divert $B$H$$$&5!G=$,(B
$B$"$j$^$9!#(Bkernel$B$G(B options DIVERT $B$7$H$+$J$$$H;H$($J$$$1$I!#(B

$B$G(B man ipfw$B$G8+$k$H(B ipfw$B$NJ8K!$G(B divert 1234 $B$F$N$,=q$1$^$9!#(B
$B$3$N(B divert$B$F$N$,$J$K$9$k$+$H8@$&$H!"(B ipfw$BE*$J>r7o$K(B match$B$7$?%Q%1%C%H(B
$B$r(B divert$B$G;XDj$7$?(B port$B$KC!$-9~$`$H$$$&$3$H$r$7$^$9!#(B

  /sbin/ipfw add divert natd all from any to any via ed0
$B$H$+$d$k$H(B ed0$B$K=P$F$$$/!"(Bed0$B$+$iF~$C$FMh$k(B packet$B$,A4It(B divert$B$G;XDj(B
$B$7$?(B port$B$KC!$-9~$^$l$k$N$G$9!#(B

$B$G(B $B$=$N(B port$B$GBT$C$F$$$k$N$,(B natd $B$G$9!#%f!<%6%W%m%;%9$J$N!#(B
$B$"$H$O(B natd$B$,(B IP$B%"%I%l%9$NJQ49$d(B port$B%"%I%l%9$NJQ49$r$7$F$/$l$k(B
$B$o$1$G$9!#(B

natd$B$NJ}$O(B FreeBSD$B$K0MB8$7$F$^$9!#(Bdivert$B$,(B 2.2$B0J9_$G$J$$$H;H$($J$$$+$i!#(B

$B0lJ}$N(B ip-fil$B$O(B OS$B$K0MB8$7$F$J$$$h$&$G$9!#(BBSD$B7O$N(BOS$B$J$iF0$/!#(BSunOS41$B$H(B
$B$+(B Solaris2$B$G$bF0$/!#$I$&$b(B ip_input.o $B$H$+$rF~$l49$($F$7$^$&$h$&$G$9!#(B

$B$3$$$D$O(B UDP$B$N%j%l!<$,$G$-$=$&$G$9!#JRF;$O4JC1$K<BAu$G$-$^$9$,!"(B($B%"%I(B
$B%l%9=q$-49$($k$@$1(B)$B!"(BUDP$B$rCV$/$C$F%5!<%P$+$iJV;v$,5"$C$F$/$k>l9g$N(B
$B5"$j$N%Q%1%C%H$KBP1~$9$k$K$O(B $B5"$j$N%Q%1%C%H$N85!"C/$,30$K(BUDP$B$rAw$C$?$s(B
$B$@!)(B $B$F$N$r3P$($F$*$+$J$$$H(B $BFbIt$K(B $BAw$l$^$;$s$h$M!#(B
ip-fil$B$O(B $B$=$l$rC;;~4V3P$($F$*$/$h$&$G$9!#(B
$B$J$N$G5"$j$N(BUDP$B$,<u$1<h$l$k(B($B$i$7$$(B)

$B$G$b(B sanpei$B$N%Z!<%8$G$O(B CU-SeeMe$B$,F0$+$J$$(B $B$H8@$C$F$$$?$J$!!#(B
--
$BEl5~9)6HBg3X(B $BAm9g>pJs=hM}%;%s%?!<(B $B%M%C%H%o!<%/%7%9%F%`1?MQ3](B
	$BHSEg(B $B><Gn(B (Akihiro Iijima) aki@noc.titech.ac.jp
