From owner-FreeBSD-users-jp@jp.freebsd.org  Mon May 15 00:22:04 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id AAA28744;
	Mon, 15 May 2000 00:22:04 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from seven.mirai.com (gw.mirai.com [210.226.72.81])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id AAA28737
	for <FreeBSD-users-jp@jp.freebsd.org>; Mon, 15 May 2000 00:22:03 +0900 (JST)
	(envelope-from motoi@mxk.mesh.ne.jp)
Received: from motoi (motoi.mirai.com [192.168.1.3])
	by seven.mirai.com (8.9.3/3.7W) with SMTP id AAA68918
	for <FreeBSD-users-jp@jp.freebsd.org>; Mon, 15 May 2000 00:09:52 +0900 (JST)
Received: by motoi with Microsoft Mail
	id <01BFBE02.F476C660@motoi>; Mon, 15 May 2000 00:17:29 +0900
Message-ID: <01BFBE02.F476C660@motoi>
From: Motoi Fujita <motoi@mxk.mesh.ne.jp>
To: "'FreeBSD-users-jp@jp.freebsd.org'" <FreeBSD-users-jp@jp.freebsd.org>
Date: Mon, 15 May 2000 00:17:26 +0900
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: FreeBSD-users-jp 51813
Subject: [FreeBSD-users-jp 51813] Re: ipfw =?ISO-2022-JP?B?GyRCJHIbKEI=?=
 =?ISO-2022-JP?B?GyRCO0gkQyRGJE4lVSUjJWslPyVqJXMlMCRLJEQbKEI=?=
 =?ISO-2022-JP?B?GyRCJCQkRhsoSg==?=
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: motoi@mxk.mesh.ne.jp

$B$3$s$P$s$O!"$U$8$?$H$$$$$^$9(J

$B5W>>!w@$EDC+$5$s(Jwrote:(J
$B$d$j$?$$$3$H$O!"(J
>$B#1!%#N#A#T$O$H$j$"$($:;H$o$J$$!#(J
>$B#2!%%W%i%$%Y!<%HB&$K$"$k%^%7%s$+$i$O%0%m!<%P%k$X$N@\B3$,@)8B$J$/(J
>	telnet$B$7$?$j!"(Jftp$B$9$k$3$H$,$G$-$k!#(J
>$B#3!%%0%m!<%P%kB&$+$i%W%i%$%Y!<%HB&$X$N@\B3$O2?$b<u$1IU$1$J$$!#(J

$B$b$7!"FbIt%[%9%H$K!"%W%i%$%Y!<%H%"%I%l%9$7$+$J$$$s$@$C$?$i!"(J
$B30It$K%j%/%(%9%H$7$?1~Ez$N%Q%1%C%H$,9TJ}ITL@$K$J$C$F$7$^$&$N$G!"(J
NAT$B$,I,MW$G$O!)!)!!$"$k$$$O!"?@8M$5$s$,!";XE&$7$F$$$k$h$&$K(J
$B%"%W%j%1!<%7%g%s%2!<%H%&%'%$$G$9$+$M!#(J

$B$^$?!"$b$7!"FbIt%[%9%H$K%0%m!<%P%k%"%I%l%9$r3d$jEv$F$F$$$k$N$G$"$l$P!"(J
$B0J2<$N$h$&$J%9%/%j%W%H$G$$$+$,$G$7$g$&$+!)(J
BSD$B%O%s%I%V%C%/$K$b!"(Jipfw$B$N%G%#%l%/%F%#%V$O5-=R$5$l$F$^$9$,!&!&(J

$B%M%C%H%o!<%/%"%I%l%9(J=aaa.bbb.ccc.ddd/n,$B30It%$%s%?!<%U%'!<%9(J:<if>$B$H$9$l$P(J
#!/bin/sh
# flush entries
ipfw -f flush
# deny ip spoofing packets
ipfw add deny ip from aaa.bbb.ccc.ddd/n to aaa.bbb.ccc.ddd/n via <if>
# allow from LAN
ipfw add allow ip from aaa.bbb.ccc.ddd/n to any
# allow established tcp
ipfw add allow tcp from any to any established
# log
ipfw add deny log ip from any to any

$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(J
$B!!!!F#ED!!4p(J(motoi@mxk.mesh.ne.jp)(J
$B!!!!(JWeb Page: http://www2k.biglobe.ne.jp/~motoi/(J
$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(J


