From owner-FreeBSD-net-jp@jp.freebsd.org  Fri Sep 18 23:15:08 1998
Received: by jaz.jp.freebsd.org (8.9.1+3.0W/8.7.3) id XAA23611;
	Fri, 18 Sep 1998 23:15:08 +0900 (JST)
	(envelope-from owner-FreeBSD-net-jp@jp.FreeBSD.org)
Received: from alcedo.falcon.cs.ritsumei.ac.jp ([133.19.62.1])
	by jaz.jp.freebsd.org (8.9.1+3.0W/8.7.3) with ESMTP id XAA23605
	for <FreeBSD-net-jp@jp.freebsd.org>; Fri, 18 Sep 1998 23:15:05 +0900 (JST)
	(envelope-from ryuichi@falcon.cs.ritsumei.ac.jp)
Received: from localhost (owl.falcon.cs.ritsumei.ac.jp [133.19.62.48]) by alcedo.falcon.cs.ritsumei.ac.jp (8.8.8/3.5Wpl7falcon) with ESMTP id XAA03337 for <FreeBSD-net-jp@jp.freebsd.org>; Fri, 18 Sep 1998 23:14:12 +0900 (JST)
To: FreeBSD-net-jp@jp.freebsd.org
In-Reply-To: Your message of "Fri, 18 Sep 1998 22:39:44 +0900"
	<199809181339.WAA07380@astemfs.astem.or.jp>
References: <199809181339.WAA07380@astemfs.astem.or.jp>
X-Mailer: Mew version 1.92.4 on Emacs 19.28 / Mule 2.3 (SUETSUMUHANA)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Message-Id: <19980918231412G.ryuichi@falcon.cs.ritsumei.ac.jp>
Date: Fri, 18 Sep 1998 23:14:12 +0900
From: Ryuichi Hino <ryuichi@falcon.cs.ritsumei.ac.jp>
X-Dispatcher: imput version 971024
Lines: 42
Reply-To: FreeBSD-net-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+980914
X-Sequence: FreeBSD-net-jp 1047
Subject: [FreeBSD-net-jp 1047] Re: GateD error with IPFW 
Errors-To: owner-FreeBSD-net-jp@jp.freebsd.org
Sender: owner-FreeBSD-net-jp@jp.freebsd.org

$BF|Ln!wN)L?4[Bg$G$9!#(B

>>> Fri, 18 Sep 1998 22:39:44 +0900 $B:"$K(B $B!V(Byab$B!W!"$9$J$o$A(B
>>> yab@astem.or.jp(Kenji Yabuuchi) $B$5$s[)$/(B

yab> |> $B%U%#%k%?%j%s%0%k!<%k$K$O!"(B

yab> |>     $fwcmd add pass ospf from any to any
yab> |>     $fwcmd add pass udp from any to ${oip} 520
yab> |>     $fwcmd add pass udp from any 520 to ${oip}

yab> |> $B$rF~$l$F$$$^$9!#(B

yab>   ${oip}$B$,$J$s$J$N$+$o$+$j$^$;$s$,!"%V%m!<%I%-%c%9%H$J$j!"%^%k%A(B
yab> $B%-%c%9%H$J$j$rJ9$/$h$&$K$7$F$$$^$9$+!)(B

${oip} $B$O!"30B&$N(B NIC $B$N(B IP $B%"%I%l%9$G$9!#(B

$B%^%k%A%-%c%9%H$K4X$7$F$O!"$b$H$b$H$N(B 2.2.7-RELEASE $B$N(B /etc/rc.firewall
v 1.6.2.9 $B$N(B

    # Stop RFC1918 nets on the outside interface
    $fwcmd add deny all from 192.168.0.0:255.255.0.0 to any via ${oif}
    $fwcmd add deny all from any to 192.168.0.0:255.255.0.0 via ${oif}
    $fwcmd add deny all from 172.16.0.0:255.240.0.0 to any via ${oif}
    $fwcmd add deny all from any to 172.16.0.0:255.240.0.0 via ${oif}
    $fwcmd add deny all from 10.0.0.0:255.0.0.0 to any via ${oif}
    $fwcmd add deny all from any to 10.0.0.0:255.0.0.0 via ${oif}

$B$r30$7$F$"$j$^$9!#(B($B30B&$H$$$C$F$b!"3X9;$N%P%C%/%\!<%s$@$7!"(B
$B3X9;$K$O!"0lIt%W%i%$%Y!<%H%"%I%l%9$,;H$o$l$F$$$k$N$G(B...)

$B%V%m!<%I%-%c%9%H$O!"FC$K9MN8$7$F$^$;$s$G$7$?!#(B
$B6qBNE*$K!"@bL@$7$F$$$?$@$1$k$H$"$j$,$?$$$G$9!#(B

----------

                      | $BN)L?4[Bg3X1!(B $BM}9)3X8&5f2J(B $B>pJs%7%9%F%`3X@l96(B
  Return to Innocence | $B7W;;5!2J3X%3!<%9(B $B%3%s%T%e!<%?%M%C%H%o!<%/(B($B4_K\(B)$B8&5f<<(B
                      |          $BF|LnN40l(B   Ryuichi Hino
         By Curly M.C.|     E-mail:ryuichi@falcon.cs.ritsumei.ac.jp
                      |     http://www.falcon.cs.ritsumei.ac.jp/~ryuichi
