From owner-FreeBSD-net-jp@jp.freebsd.org  Tue Jul 13 12:43:46 1999
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id MAA00796;
	Tue, 13 Jul 1999 12:43:46 +0900 (JST)
	(envelope-from owner-FreeBSD-net-jp@jp.FreeBSD.org)
Received: from swift.sgnet.co.jp (root@swift.sgnet.co.jp [202.217.183.228])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id MAA00791
	for <FreeBSD-net-jp@jp.freebsd.org>; Tue, 13 Jul 1999 12:43:45 +0900 (JST)
	(envelope-from m-takuj@hi-ho.ne.jp)
From: m-takuj@hi-ho.ne.jp
Received: from goethe.sg.sgnet.co.jp (root@goethe.sgnet.co.jp [202.217.183.244])
	by swift.sgnet.co.jp (8.9.3/3.7W) with ESMTP id MAA17532
	for <FreeBSD-net-jp@jp.freebsd.org>; Tue, 13 Jul 1999 12:43:44 +0900 (JST)
Received: from totuka.totuka.sgnet.co.jp (root@totuka.totuka.sgnet.co.jp [192.168.10.2])
	by goethe.sg.sgnet.co.jp (8.9.3/3.7W) with ESMTP id MAA09116
	for <FreeBSD-net-jp@jp.freebsd.org>; Tue, 13 Jul 1999 12:43:42 +0900 (JST)
Received: from rosemary.teatime.tea (dooars.totuka.sgnet.co.jp [192.168.10.250])
	by totuka.totuka.sgnet.co.jp (8.9.1+3.1W/3.7W) with SMTP id MAA06673
	for <FreeBSD-net-jp@jp.freebsd.org>; Tue, 13 Jul 1999 12:43:41 +0900
Received: (qmail 62490 invoked by uid 1000); 13 Jul 1999 03:43:40 -0000
Message-ID: <19990713034340.62489.qmail@rosemary.teatime.tea>
To: FreeBSD-net-jp@jp.freebsd.org
In-reply-to: Your message of "Tue, 13 Jul 1999 11:35:54 JST."
             <199907130235.LAA25474@mikan.snow.tv-asahi.co.jp> 
Mime-Version: 1.0 (generated by tm-edit 7.106)
Content-Type: text/plain; charset=ISO-2022-JP
Date: Tue, 13 Jul 1999 12:43:40 +0900
Reply-To: FreeBSD-net-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+990625
X-Sequence: FreeBSD-net-jp 1717
Subject: [FreeBSD-net-jp 1717] Re: ftp for ipfw 
Errors-To: owner-FreeBSD-net-jp@jp.freebsd.org
Sender: owner-FreeBSD-net-jp@jp.freebsd.org
X-Originator: m-takuj@hi-ho.ne.jp

$B>>1J$H?=$7$^$9!#(B

> FreeBSD$B$N(Bipfw$B$G!"(Bftp$B$rDL$9@_Dj$NOCBj$G$9!#(B
> FreeBSD-users-jp$B$+$i0\$C$FMh$^$7$?!#(B

$B%M%C%H%o!<%/9=@.$H%;%-%e%j%F%#%]%j%7$,=q$+$l$F$$$J$$$N$G!"(B
$B@53N$K$3$&$@$H$O8@$($J$$$N$G$9$,!"(BPC1$B$r%/%i%$%"%s%H!"(B
PC2$B$r(Bftp$B%5!<%P$H2>Dj$9$k$H(B

10 add allow tcp from any to any established
20 add allow tcp from PC1 to PC2 21 setup
30 add allow tcp from PC2 20 to PC1 1024-65535 setup
                   ^^^       ^^^ 
$B$G$7$g$&!#(B
# ftp$B$N%G!<%?$O(Bftp$B%5!<%PB&$+$i%/%i%$%"%s%H$X%3%M%/%7%g%s$rMW5a$7$^$9!#(B
# $B$?$@$7%Q%C%7%V%b!<%I$N>l9g$O5U(B

> src$B$N<!$K(Bipno$B$r=q$/J}K!$O$"$j$^$;$s!#(B

ipno == port ?
man ipfw$B$G$O(B
     src and dst:
         <address/mask> [ports]
$B$H$J$C$F$$$k$N$G!"=q<0E*$KLdBj$O$"$j$^$;$s!#(B

$B$H$3$m$G!"%5!<%PH/$N%Q%1%C%H$r5,@)$9$kI,MW$,$"$k$N$G$9$+!)(B
$B$=$NI,MW$,$J$$$J$i!"%5!<%PH/$OL5>r7o$K5v2D$9$k$N$,0lHLE*!#(B
# $B$H8@$&$+!"$3$N$h$&$JLBO)$K$O$^$i$::Q$_$^$9!#(B
$BKAF,$N%k!<%k$N@hF,$K(B

5 add allow all from PC1 to any

$B$H$G$b=q$1$P(B30$BHV$N%k!<%k$OITMW$G$9!#(B
