From owner-FreeBSD-users-jp@jp.freebsd.org  Sun Sep  2 14:54:52 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id OAA63319;
	Sun, 2 Sep 2001 14:54:52 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from hicora.homeip.net (xdsl042247.061200.metallic.ne.jp [61.200.42.247])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id OAA63314
	for <FreeBSD-users-jp@jp.freebsd.org>; Sun, 2 Sep 2001 14:54:51 +0900 (JST)
	(envelope-from hicora@basil.freemail.ne.jp)
Received: from vaio505 (hicora@vaio505.homeip.net [192.168.0.3])
	by hicora.homeip.net (8.11.6/8.11.6) with SMTP id f825scj12647
	for <FreeBSD-users-jp@jp.freebsd.org>; Sun, 2 Sep 2001 14:54:39 +0900 (JST)
	(envelope-from hicora@basil.freemail.ne.jp)
Date: Sun, 02 Sep 2001 14:55:19 +0900
From: Tsuyoshi Ishikawa <hicora@basil.freemail.ne.jp>
To: FreeBSD-users-jp@jp.freebsd.org
In-Reply-To: <20010902102156.5B84.YU-NA@db3.so-net.ne.jp>
References: <3b90b47e.320b.0@calvin.iac.co.jp> <20010902102156.5B84.YU-NA@db3.so-net.ne.jp>
Message-Id: <3B91C9C7F7.D106HICORA@necxv13>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-2022-JP
Content-Transfer-Encoding: 7bit
X-Mailer: Becky! ver 1.26.02
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+010328
X-Sequence: FreeBSD-users-jp 63985
Subject: [FreeBSD-users-jp 63985] Re: FreeBSD4.3R
 =?ISO-2022-JP?B?GyRCJEcbKEI=?= ADSL
 =?ISO-2022-JP?B?GyRCJWshPCU/GyhC?= 
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: hicora@basil.freemail.ne.jp


Ishikawa@$B<+Bp$G$9!#(B

> $B%9%W%j%C%?(B
> $B!C(B
> ADSLmodem
> $B!C(B
> $B!C(B
> $B!C(Bfxp0$B!'(B
$B2<5-$KJQ99(B
tun0:

(tun0$B$G$D$J$0$N$J$i$P%b%G%`$O2<5-$N(BHUB$B$H%9%H%l!<%H%1!<%V%k$G$D$J$0$3$H$K(B
$B$J$j$^$9!#(B)
$B$b$7(B2$BKg:9$7$K$9$k$K$O!"%V%j%C%8$K$7$J$$$H$@$a$G$9$M!#$=$N>l9g(Bfxp$B$,(B
FreeBSD$B$G%V%j%C%8$G$-$k$+3NG'$,I,MW$G$9!#(B

> FreeBSD4.3
> $B!C(Bfxp1$B!'(B192.168.1.1
$B2<5-$KJQ99(B
fxp0:192.168.1.1

fxp$B$r(B2$BKg:9$7$K$7$J$$$N$J$i$3$&$J$j$^$9$M!#(B

> $B!C(B
> $B!C(B
> HUB-----------
> $B!C(B           $B!C(B
> win2000     $B$=$NB>(B
> 
> 
> 
> $B%+!<%M%k$r:F9=C[$7$^$7$?(B
> --------------------------
> options NETGRAPH
> options NETGRAPH_ETHER
> options NETGRAPH_PPPOE
> options NETGRAPH_SOCKET
> options IPFIREWALL
> options IPFIREWALL_VERBOSE
> options IPFIREWALL_VERBOSE_LIMIT=10
> 
$B2<5-DI2C(B
options         IPDIVERT                # divert sockets

$B$3$l$rDI2C$7$?$[$&$,$$$$$N$+$J(B


> $B$rDI2C$7$F:F9=C[$7$^$7$?!#(B
> 
> $B$=$7$F!"(B
> /etc/rc.conf$B$O!"(B
> -------------------------
> gateway_enable="YES"
> hostname="local.local"
> 
> inetd_enable="YES"
> kern_securelevel_enable="NO"
> keymap="jp.106"
> sshd_enable="YES"
> usbd_enable="NO"
> 
> ifconfig_fxp1="inet 192.168.1.1 netmask 255.255.255.248"
$B2<5-$KJQ99(B
ifconfig_fxp0="inet 192.168.1.1 netmask 255.255.255.0"

$B$J$s$+$1$C$3$&69$$%5%V%M%C%H%^%9%/$G$9$M!#(B
255.255.255.0$B$G$$$$$N$G$O!#(B

> 
> firewall_enable="YES"
> firewall_script="/etc/firewall"
> 

$B2<5-$KJQ99(B
firewall_enable="YES"       # Set to YES to enable firewall functionality
firewall_type="open"        # Firewall type (see /etc/rc.firewall)
firewall_quiet="YES"        # Set to YES to suppress rule display

$B$G$H$j$"$($:$$$-$^$7$g$&!#$=$N$"$H$G(Bipfw$B$G%]!<%H$rJD$8$F$$$-$^$7$g$&!#(B

$B2<5-DI2C(B
natd_enable="YES"           # Enable natd (if firewall_enable == YES).
natd_interface="tun0"       # Public interface or IPaddress to use.
natd_flags="-f /etc/natd.conf"   # Additional flags for natd.
ppp_enable="YES"
ppp_mode="ddial"
ppp_nat="YES"
ppp_profile="yahooBB" # or your provider

$B$&$A$O(Bnatd$B$r(Bppp$B$HJL$GF0$+$9$h$&$K$7$F$^$9!#(B
ppp_profile$B$O!"<+J,$NL>A0$N%W%m%P%$%@$NL>A0$H$+$K$7$F(Bppp.conf$B$N(B
"provider:"$B$N$H$3$H0lCW$5$;$^$9!#(B

$B?75,%U%!%$%k(B
/etc/natd.conf

$B%U%!%$%kFbMF(B
# Nat Configuration
dynamic yes
log no
verbose no
deny_incoming no
log_denied yes
use_sockets yes
same_ports yes
unregistered_only yes
punch_fw 1000:100
# for APSARAS
redirect_port tcp 192.168.1.1:9081 9081
redirect_port udp 192.168.1.1:9081 9081
# for NESticle
redirect_port tcp 192.168.1.1:6996 6996
redirect_port udp 192.168.1.1:6996 6996
# for ePSXe
redirect_port tcp 192.168.1.1:17997 17997
redirect_port udp 192.168.1.1:17997 17997
# for MuriChat
redirect_port tcp 192.168.1.1:8090 8090
redirect_port udp 192.168.1.1:8090 8090

# for APSARAS$B$+$i2<$O!"%2!<%`$G%5!<%P$d(BIRC$B$G(BDCC$B$9$k$H$-$KI,MW$J(B
$B@EE*(Bnat$B$N@_DjNc$G$9!#$?$H$($P$H$$$&Nc$G$9$N$G=q$+$J$$$h$&$K(B

> $B$K$J$C$F$$$^$9!#(B
> 


> /etc/ppp/ppp.conf$B$O!"(B
> ----------------------
> default:
> set device PPPoE:fxp0
> set MRU 1454
> set MTU 1454
> set log Phase Chat IPCP CCP tun command
> add default HISADDR
> accept CHAP
> provider:
> set authname xxx@faX.sphere.ad.jp
> set authkey provider-password
> 
> 
$B2<5-$KJQ99(B

defalut:
 set log Phase Chat LCP IPCP CCP LQM Command tun
 ident user-ppp VERSION (built COMPILATIONDATE)

 allow users user_name_kun
 set server /var/run/pppctl0 "" 0117

 accept lqr
 enable lqr

yahooBB:
 set device PPPoE:fxp0 # replace fxp0 with your ethernet device
 # set MRU 1492
 # set MTU 1492
 set MRU 1454
 set MTU 1454
 set authname xxx@faX.sphere.ad.jp
 set authkey provider-password
 # set log Phase tun command # you can add more detailed logging if you wish
 set dial
 set login
 set ifaddr 192.168.1.1/0 211.15.32.252/0 255.255.255.0 0.0.0.0
 add default HISADDR
 enable dns
 set reconnect 5 10

user_name_kun$B$H$$$&%f!<%6$G(Bppp$B$r;H$&$3$H$,$G$-$k$h$&$K$J$C$F$^$9!#(B
MRU,MTU$B$N(BMAX$B$O(BADSL$B%W%m%P%$%@!<$K$h$C$FHyL/$K0c$$$^$9!#(B
eAccess 1500
metallic  1464
$B%U%l%C%D(B  1454

$B$H$j$"$($:(B1454$B$K$7$F$*$-$^$9!#(B

$B?75,%U%!%$%k(B
/etc/ppp/ppp.linkup

$B%U%!%$%kFbMF(B
yahooBB:
 !bg /etc/ppp/linkup.sh MYADDR HISADDR

$B?75,%U%!%$%k(B
/etc/ppp/linkup.sh($B<B9TB0@-$D$1$F$/$@$5$$(B)

$B%U%!%$%kFbMF(B
#!/bin/sh
/usr/bin/mail -s "connect@`/bin/date '+%m/%d %H:%M'`"\
    test@test.co.jp user_name_kun << EOF
    local.local = $1
EOF
/usr/sbin/sendmail -q

test@test.co.jp, user_name_kun$B$K@\B3(B,$B<+F0:F@\B3$7$?$H$-$N(Bip$B%"%I%l%9$,FO$-(B
$B$^$9!#(B


$B?75,%U%!%$%k(B
/etc/ppp/ppp.linkdown

$B%U%!%$%kFbMF(B
yahooBB:
 delete ALL
 add 0 0 HISADDR

$B?75,%U%!%$%k(B
/root/bin/ppp-start($B<B9TB0@-$D$1$F$/$@$5$$(B)

$B%U%!%$%kFbMF(B
#!/bin/sh
/usr/sbin/ppp -quiet -ddial yahooBB

$B$U$D$&$O%^%7%s5/F0;~$K@\B3$7$F$/$l$^$9$,$J$K$+$NET9g$G$*$H$7$?$P$"$$$3$l(B
$B$r<B9T$7$^$9!#(B

$B?75,%U%!%$%k(B
/root/bin/ppp-kill($B<B9TB0@-$D$1$F$/$@$5$$(B)

$B%U%!%$%kFbMF(B
#!/bin/sh
/usr/sbin/pppctl /var/run/pppctl0 quit all

ADSL$B@\B3$r$*$H$9$H$-$K;H$$$^$9!#(B

> /etc/firewall$B$O!"(B
> ----------------------
> /sbin/ipfw 10 add allow tcp from any to any http in
> via tun0
> /sbin/ipfw 20 add allow tcp from any to any ssh,http in
> via fxp0
> 
> /sbin/ipfw 30 add allow tcp from any 80 to any 80 in
> via tun0
> 
> /sbin/ipfw 40 add deny log tcp from any to any in
> via tun0 setup
> /sbin/ipfw 50 add allow ip from any to any
> 

$B$3$N%U%!%$%k$O$H$j$"$($:;H$$$^$;$s$M!#$"$H$G;H$&$h$&$K@_Dj$G$9$M!#(B
ADSL$B@\B3$H(Bnatd$B$,$A$c$s$HF0$$$F$+$i$G$9!#(B

> $B$K$7$F$$$k$N$G$9$,(B
> DNS$B$N@_Dj$O$^$@$7$F$$$J$$$N$G$9$,(B

resolv.conf$B$O(Bppp$B@\B3$7$?$"$H$K>!<j$K:n$C$F$/$l$^$9!#(B

> root$B$G(B
> ppp -ddial provider
> $B$H$9$k$H(B15$BIC8e$K(Breboot$B$7$F$7$^$$$^$9!#(B
> $B$I$3$r$I$&$9$l$P%k!<%?$H$7$F;HMQ$G$-$k$h$&$K(B
> $B$J$k$N$G$7$g$&$+!)(B

$B$,$s$P$C$FF0$+$7$F$_$?$/$@$5$$!#(B


-----------------------
     Tsuyoshi Ishikawa
 hicora@basil.freemail.ne.jp
-----------------------
