From owner-FreeBSD-net-jp@jp.FreeBSD.org Thu Jan 20 12:01:11 2005
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) id j0K31Bj16575;
	Thu, 20 Jan 2005 12:01:11 +0900 (JST)
	(envelope-from owner-FreeBSD-net-jp@jp.FreeBSD.org)
Received: from smb507.nifty.com (pxy2nd.nifty.com [202.248.175.14])
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) with SMTP/inet id j0K31B816570
	for <FreeBSD-net-jp@jp.FreeBSD.org>; Thu, 20 Jan 2005 12:01:11 +0900 (JST)
	(envelope-from sakatuba@nifty.com)
Received: (qmail 15228 invoked from network); Thu, 20 Jan 2005 12:01:10 +0900
Received: from unknown (HELO aps503) (172.22.60.194)
  by smb507.nifty.com with SMTP; Thu, 20 Jan 2005 12:01:09 +0900
Message-ID: <4802640.1106190069990.sakatuba@nifty.com>
From: Tsubasa Sakamoto <sakatuba@nifty.com>
To: FreeBSD-net-jp@jp.FreeBSD.org
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-2022-jp"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
Priority: normal
X-Mailer: @nifty Webmail 2.0
Reply-To: FreeBSD-net-jp@jp.FreeBSD.org
Precedence: list
Date: Thu, 20 Jan 2005 12:01:09 +0900
X-Sequence: FreeBSD-net-jp 4133
Subject: [FreeBSD-net-jp 4133] ipfw =?ISO-2022-JP?B?GyRCJEskaBsoQg==?=
 =?ISO-2022-JP?B?GyRCJGslXiVrJUElWyE8JV8lcyUwJE5AX0RqJEsbKEI=?=
 =?ISO-2022-JP?B?GyRCJEQkJCRGIUobKEI=?=
 5.3-stable)
Sender: owner-FreeBSD-net-jp@jp.FreeBSD.org
X-Originator: sakatuba@nifty.com
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+041223

$B:dK\!w2#IM$H?=$7$^$9!#(J
$B$I$&$7$F$b<+8J2r7h$G$-$J$/$F<1<T$NJ}$N$40U8+$rD:$-$?$/Ej9F$7$F$_$^$9!#(J
$B$A$g$C$HD9$/$J$j$^$9$,$4MF<O2<$5$$!#(J

FreeBSD4.8$B$H$+(J4.9$B$0$i$$$N$H$-$+$i(JNIC2$BKg$H(Jipfw$B$K$h$k%^%k%A%[!<%_%s%0$r;H$C$F$$(J
$B$^$7$?!#(J
5.x$B$K%"%C%W%G!<%H$7$F$+$i$b$7$P$i$/;H$($F$$$?$N$G$9$,(J5.3$B$K$7$?$"$?$j$+$i:#$^$G(J
$B$N@_Dj$G4|BTDL$j$NF0:n$r$7$J$/$J$j$^$7$?!#(J


$B$^$:4D6-$G$9$,!"(J

$B!&(Jdc0$B!D8GDj(JIP$B$G(JHTTP$B%5!<%P$H$7$F8x3+Cf(J($B2>$K(Ja.a.a.a/24$B$H$7$^$9(J)$B!#DcB.2s@~!#(J
$B!&(Jfxp0$B!D%1!<%V%k%F%l%S7O%W%m%P%$%@!<$K@\B3$7$F$$$F(JDHCP($BF1$8$/(Jb.b.b.b/16$B!K(J

$B$H$J$C$F$*$j!"(Jdc0$B$r%5!<%P$K!"(Jfxp0$B$r(Jcvsup$B$d(Jport$B$N(Jmake$B$J$I$K;H$&(JFTP$B7PM3%U%!%$%k(J
$B<hF@$K;H$*$&$H$7$F$$$^$9!#(J
$B2?$G$3$s$J;v$9$k$+$H$$$&$H!"%5!<%P2s@~$NIi2Y7Z8:$H(Jport make$B$N?WB.2=$G$9!#(J
$B!J(Jdc0$B$N@h$O@N2{$+$7$$(JFLETS ISDN$B$G$9!#!K(J


$B?^<($9$k$H$3$s$J46$8$G$9!#(J

$B!!!!!!(J[$B%2!<%H%&%'%$(J#a]
$B!!!!!!(Ja0.a0.a0.a0/24
$B!!!!!!!!!!!!!C(J
$B!!!!!!%5!<%P$H$7$F8x3+Cf$N8GDj(JIP
$B!!!!!!!!(Ja.a.a.a/24 
$B!!!!!!!!!!!!!C(J
$B!!!!!!!!!!(J dc0
$B!!!!!!!\!]!]!]!]!]!\(J
$B!!!!!!!C!!(JHost#1$B!!!C(J
$B!!!!!!!C!!!!!!!!!!!C(J
$B!!!!!!!\!]!]!]!]!]!\(J
$B!!!!!!!!!!(J fxp0
$B!!!!!!!!!!!!!C(J
$B!!!!!!Aa$$%1!<%V%k(JISP
$B!!!!!!(Jb.b.b.b/16
$B!!!!!!!!!!!!!C(J
$B!!!!!!(J[$B%2!<%H%&%'%$(J#b]
$B!!!!!!(Jb0.b0.b0.b0/16

$B$G!":#$^$G$O0J2<$N$h$&$J@_Dj$G4|BTDL$j$NF0:n$r$7$F$$$^$7$?!#(J

$B"((Jnetstat -r$B$G$N(Jdefault router$B$O(Jfxp0$B$G(JDHCP$B<hF@$5$l$?(J[$B%2!<%H%&%'%$(J#b]$B$G$9!#(J
$B"((Jnatd -i fxp0 -dynamic$B$GF0$$$F$$$^$9!#(J

#ipfw list

<< $B%5!<%P$+$i$N%Q%1%C%H$r(Jdc0$B$X(J>>
00001 fwd [$B%2!<%H%&%'%$(J#a] ip from a.a.a.a to any HTTP via dc0
<< localhost$BN`$NBP=h(J >>
00010 allow ip from a.a.a.a to a.a.a.a via dc0
00011 allow ip from 127.0.0.1 to 127.0.0.1 via lo0
<< $B%;%-%e%j%F%#!<(J >>
00020 deny ip from any to a.a.a.a 139
00021 deny ip from any to a.a.a.a 138
00022 deny ip from any to a.a.a.a 137
<< nat >>
00030 divert natd all from any to any via fxp0
65535 allow ip from any to any  ($B$9$$$^$;$s!"4E$$$G$9!#(J)


$B$G!"(J
$B!&8GDj(JIP a.a.a.a$B$K$D$$$F$O(Jdc0$B7PM3$G8x3+(Jhttp$B%5!<%P$H$7$FF0$$$F$$$?(J
$B!&(Jssh$B$J$I$GF~$C$F(Jcd /usr/ports/xxx/xxx; make$B$J$I$9$k$H!"(Jfetch$B$O(Jfxp0$B$rDL$C$F%1(J
$B!!!<%V%k(JISP$B7PM3$GF0$$$F$$$?!#(Jcvsup$B$H$+$b!#(J
$B$@$C$?$N$G$9$,!D!#(J

$B>\$7$$F|;~$OK:$l$^$7$?$,(J5.3$B$K$7$?$"$?$j$G>e5-@_Dj$G(Jdc0$B7PM3$N%5!<%P$X$N@\B3$,=P(J
$BMh$J$/$J$j$^$7$?!#(J
route delete/add$B$G(Jdefault gateway$B$r(Ja0.a0.a0.a0$B$K$7$F$d$k$H$A$c$s$H%5!<%P$X$N@\(J
$BB3$O=PMh$k$N$G$9$,!"(Jfetch$B$d(Jcvsup$B$,CY$/$F;`$K$=$&$G$9!#(J
$B!J(Jhttp$BMxMQ<T$N%9%H%l%9$b$?$^$j$^$9$7!#!K(J

rc.conf$B$G(Jgateway_enable="YES"$B$rF~$lK:$l$F$$$k$H$$$&$3$H$O$"$j$^$;$s!#(J
kernel$B$K$O(Joption IPFIREWALL$B$NN`$OF~$C$F$$$^$9!#(J
$B!J8=$K(J5.2$B$0$i$$$^$G$O;H$($F$$$?$o$1$G$9$7!"$=$N$^$^(Jmake world$B$7$F(Jupdate$B$7$^$7(J
$B!!$?!#!K(J

ipfw$B$N(Jman$B$H$+$rFI$_$J$,$i?'!9$H$$$8$C$F$O$_$?$N$G$9$,8=:_$^$G2r7h$G$-$F(J
$B$$$^$;$s!#(J
$B!J(Jssh$B$GF~$j$J$,$i$@$H!V<:GT!W$9$k$H%3%s%=!<%k$^$G9T$+$J$$$H$J$i$J$$$N$G!D!#!K(J
$B$A$J$_$K!"(Jipfw$B$K?)$o$;$k@_Dj%U%!%$%k$KJ8K!%(%i!<$,$"$k$H$$$&$3$H$O$"$j$^$;$s!#(J

$B$I$J$?$+%A%'%C%/$7$F$_$k$Y$-E@$d$4;XE&$"$j$^$7$?$i$4=u8@$$$?$@$1$^$;$s$G(J
$B$7$g$&$+!#(J
$B!J!V$3$s$J%^%k%A%[!<%_%s%0$O30F;$@!*!W$H$$$&0U8+$G$b9=$$$^$;$s!#(J
$B!!$=$N:]$OB>$N<jCJ$b65$($F$$$?$@$1$k$H=u$+$j$^$9!#!K(J

$B59$7$/$*4j$$$$$?$7$^$9!#(J

---------------------------------------
Tsubasa Sakamoto
http://www.himajin2001.com/~sakatuba/

