From owner-FreeBSD-net-jp@jp.freebsd.org  Thu Nov 18 00:14:05 1999
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id AAA73350;
	Thu, 18 Nov 1999 00:14:05 +0900 (JST)
	(envelope-from owner-FreeBSD-net-jp@jp.FreeBSD.org)
Received: from titanium.yy.ics.keio.ac.jp (titanium.yy.ics.keio.ac.jp [131.113.47.73])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id AAA73345
	for <FreeBSD-net-jp@jp.freebsd.org>; Thu, 18 Nov 1999 00:14:04 +0900 (JST)
	(envelope-from sanpei@sanpei.org)
Received: from lavender.yy.cs.keio.ac.jp (ppp087.dialup.st.keio.ac.jp [131.113.27.87])
	by titanium.yy.ics.keio.ac.jp (8.9.3+3.2W/3.7W) with ESMTP id AAA26799
	for <FreeBSD-net-jp@jp.freebsd.org>; Thu, 18 Nov 1999 00:14:02 +0900 (JST)
	(envelope-from sanpei@sanpei.org)
Received: (from sanpei@localhost)
	by lavender.yy.cs.keio.ac.jp (8.9.3/3.7W) id AAA19802;
	Thu, 18 Nov 1999 00:13:59 +0900 (JST)
Message-Id: <199911171513.AAA19802@lavender.yy.cs.keio.ac.jp>
To: FreeBSD-net-jp@jp.freebsd.org
In-Reply-To: Your message of "Wed, 17 Nov 1999 22:59:00 +0900"
X-Mailer: Mew version 1.70 on Emacs 19.34.1 / Mule 2.3
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Date: Thu, 18 Nov 1999 00:13:59 +0900
From: MIHIRA Sanpei Yoshiro <sanpei@sanpei.org>
Reply-To: FreeBSD-net-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+990727
X-Sequence: FreeBSD-net-jp 2098
Subject: [FreeBSD-net-jp 2098] Re: ipfilter
Errors-To: owner-FreeBSD-net-jp@jp.freebsd.org
Sender: owner-FreeBSD-net-jp@jp.freebsd.org
X-Originator: sanpei@sanpei.org

$B5~IM5^9T$G$b:B$l$?$N$G(B, $B$*JV;v$NB3$-$G$9(B. 

  natd $B$G$b<B8=$G$-$^$9$,(B, $B$;$C$+$/$J$N$G(B IP Filter $B$NNc$G$9$9$a$^$9(B.

              +                                     To Internet
192.168.100.0 |                                           |
      /24     | +-------------------+         +-------------------+
              --| ed1:192.168.100.1 |         | ed1:aaa.bbb.ccc.22|
              | | ed0:192.168.1.2   |---------| ed0:192.168.1.1   |
              | +-------------------+         +-------------------+
              +      hostname:B                    hostname:A

A $B>e$N@_Dj$H$7$F(B

map ed1 192.168.1.0/24 -> aaa.bbb.ccc.22/32 portmap tcp/udp 40000:60000
map ed1 192.168.1.0/24 -> aaa.bbb.ccc.22/32 

                    ~~ $B$3$N(B 24 $B$NCM$O(B, $BE,;~JQ99(B

$B$H$$$&%U%!%$%k$rMQ0U$7$F(B. root $B$G(B

# ipnat -f ipnat.conf

$B$9$l$P(B, $B$H$j$"$($:(B, host B $B$+$i$*30$K$O7R$,$k$H;W$$$^$9(B.

192.168.100.0/24 network $B$b$*30$K7R$2$k$K$O(B, 

	o host A $B$G(B
	# route add -net 192.168.100.0 -netmask 255.255.255.0 192.168.1.2

	$B$H$7$F$_$F$/$@$5$$(B
	$B"((B host B $B$G$O(B, default $B$,(B A $B$r8~$$$F$$$l$P(B OK $B$G$9(B. 

	$B"((B private network $BB&$@$1$G(B, rip $B$J$I$G4hD%$kJ}K!$b$"$j$^$9(B
	   $B$,(B. $B$=$NJU$OJY6/$7$F$_$F$/$@$5$$(B. 

MIHIRA Yoshiro
