From owner-FreeBSD-users-jp@jp.freebsd.org  Mon Oct 29 21:19:26 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id VAA09066;
	Mon, 29 Oct 2001 21:19:26 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from x20.i.nabechan.org (118.pool1.sendai.att.ne.jp [165.76.51.133])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id VAA09061
	for <FreeBSD-users-jp@jp.freebsd.org>; Mon, 29 Oct 2001 21:19:24 +0900 (JST)
	(envelope-from nabe@nabechan.org)
Received: from x20.i.nabechan.org (localhost [127.0.0.1])
	by x20.i.nabechan.org (8.11.6/3.7W-01010411) with ESMTP id f9TBa1V23876
	for <FreeBSD-users-jp@jp.freebsd.org>; Mon, 29 Oct 2001 20:36:01 +0900 (JST)
Date: Mon, 29 Oct 2001 20:36:00 +0900
Message-ID: <87y9luk7a7.wl@nabechan.org>
From: Shingo WATANABE / =?ISO-2022-JP?B?GyRCRU9KVRsoQiAbJEI/LThjGyhC?=
 <nabe@nabechan.org>
To: FreeBSD-users-jp@jp.freebsd.org
In-Reply-To: <20011029151942W.kgotoh@cic-kk.co.jp>
References: <20011029151942W.kgotoh@cic-kk.co.jp>
User-Agent: Wanderlust/2.5.5 (Smooth) XEmacs/21.1 (Cuyahoga Valley)
Organization: nabechan.org
X-Callsign: JG8OOM/1
X-OS: NetBSD 1.5Y
X-ICQ-UIN: 30482441
X-Weather: =?ISO-2022-JP?B?GyRCTEBGfCROQFA8bTZ1Q044ZTtWQ09KfSRPQDIbKEI=?=
 =?ISO-2022-JP?B?GyRCJEckORsoQg==?=
MIME-Version: 1.0 (generated by NISEMI 1.14.0 - =?ISO-2022-JP?B?Ig==?=
 =?ISO-2022-JP?B?GyRCMGY4fUA/GyhCIg==?=)
Content-Type: text/plain; charset=ISO-2022-JP
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+010328
X-Sequence: FreeBSD-users-jp 65205
Subject: [FreeBSD-users-jp 65205] Re: FireWall
 =?ISO-2022-JP?B?GyRCTVElXiU3JXMkTiU9JVUlSDk9QC4kSyREJCQbKEI=?=
 =?ISO-2022-JP?B?GyRCJEYbKEI=?= 
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: nabe@nabechan.org

$B$o$?$J$Y$G$9!#(B

> $B:#EY!"$"$k%5%$%H$N(B FireWall $BMQ%^%7%s$r(B FreeBSD 4.3R $B$G@_Dj$9$k;v$K(B
> $B$J$C$?$N$G$9$,!"$=$NMW7o$O0J2<$NMM$J$b$N$H$J$C$F$$$^$9!#(B
> 
>   1. $BFbIt%M%C%H%o!<%/$+$i30It$X$NMxMQ$O!"4pK\E*$K$OF)2aE*$K$7$?$$!#(B
>      $B%0%m!<%P%k(B IP $B$OA4It$G(B 6$B$D$7$+Mh$J$$$N$G!"(BIP $B%^%9%+%l!<%I(B
>      $B$K$J$k$H9M$($F$$$k!#(B

($BCfN,(B)

> VPN $B$K$D$$$F$OAj<j$K$b(B FreeBSD $B%^%7%s$,$"$k$N$G(B Vtun $B$r;H$&M=Dj$G(B
> $B$$$k$N$G$9$,!"%Q%1%C%H%U%#%k%?%j%s%0$H(B IP $B%^%9%+%l!<%I$J$I$K$D$$$F$O(B
> ipfw $B$H(B natd $B$NJ;MQ$K$J$k$N$G$7$g$&$+!)(B

$B!V(BIP $B%^%9%+%l!<%I!W$H$$$&J*$O(B FreeBSD $B$K$OB8:_$7$J$$$H;W$$$^$9!#(B
$B!V(BIP $B%^%9%+%l!<%I!W$O!"(BLinux $B$K$*$1$k(B NAT ($B$"$k$$$O(B NAPT) $B$N<BAu$NL>A0$@(B
$B$H;W$$$^$9$N$G!"(BLinux $B8GM-$NJ*$+$H;W$o$l$^$9!#(B
($B%d%^%O$N%k!<%?$G$b(B IP $B%^%9%+%l!<%I$H$$$&MQ8l$r;H$&$h$&$G$9$,!#(B)

NAT $B$NN`$N5!G=$rMxMQ$9$k$N$G$"$l$P!"$*$C$7$c$kDL$j(B ipfw $B$H(B natd $B$NAH9g$;(B
$B$+!"(Bipfilter (ipf + ipnat) $B$G9T$&$3$H$K$J$k$H;W$$$^$9!#(B

ipfilter $B$H(B squid $B$J$I$rAH$_9g$o$;$k$H!"F)2a7?$N(B HTTP $B%W%m%-%7%5!<%P$J$I(B
$B$r:n$k$3$H$b=PMh$^$9$M!#(B

> VPN $B$NAj<jB&$O(B FireWall $B$H$7$F;H$C$F$$$k%^%7%s0J30$K!"(BNIC $B$r(B 2$BKg(B
> $B:9$7$F$$$k%^%7%s$K(B Vtun $B$rF~$l$FDL?.$r$7$h$&$H9M$($F$$$k$N$G$9$,!"(B
> $BAj<jB&$K$7$m$3$A$iB&$K$7$m!"(BIP Forwarding $B$O(B On $B$K$7$F!"%Q%1%C%H(B
> $B%U%#%k%?%j%s%0$GI,MW$J$b$N0J30$OC!$-Mn$H$7$F$f$/$H$$$&;v$G$h$$$N(B
> $B$G$9$h$M!)(B

$B!V(BFirewall $B$@$+$i$3$N%]!<%H$rJD$8$J$-$c$$$1$J$$!W$H$$$&$N$O$"$j$^$;$s!#(B
$B$"$/$^$G$=$N%5%$%H(B/$B%5!<%P$K$*$1$k%;%-%e%j%F%#%]%j%7$KB'$C$?@_Dj$r9T$&$N(B
$B$G!"0l35$K$I$&@_Dj$r$9$k$Y$-$+$O8@$($J$$$H;W$$$^$9!#(B
$B2?$r<i$j$?$$$N$+!"$I$NDL?.$r5v2D$7$?$$$N$+$J$I!"$-$A$s$H7h$a$F!"$=$l$KL7(B
$B=b$NL5$$@_Dj$r9T$&$3$H$K$J$k$H;W$$$^$9!#(B

$B>e5-$N$h$&$KI,MW$H$5$l$kDL?.0J30$O86B'E*$K<WCG$9$k>l9g$K$O!"(BICMP $B$rA4It(B
$B:I$,$J$$$h$&$K5$$r$D$1$?J}$,NI$$$H;W$$$^$9!#(BPath MTU Discovery $B$H$$$&;E(B
$BAH$_$K(B ICMP $B$N%a%C%;!<%8$r;H$C$F$$$^$9!#$3$l$,DL$i$J$$$H!"7PO)>e$K>.$5$J(B
MTU $B$,B8:_$9$k>l9g(B ($B:#2s$N$h$&$K%H%s%M%j%s%0$r$7$F$$$k;~$J$I(B) $B$J$I$K!"Bg(B
$B$-$J%5%$%:$N(B IP $B%Q%1%C%H$,DL$i$:$K:$$k$3$H$,$"$k$G$7$g$&!#(B
$B:G6a!"9+$G$O$J$K$bCN$i$:$K(B ICMP $B$rA4ItDL$5$J$$GO</$J@_Dj$r$7$?%k!<%?$,$$$C(B
$B$Q$$5o$F:$$j$^$9!#(B

$B$I$N(B ICMP $B$rDL$5$J$1$l$P$$$1$J$$$+$O!"D4$Y$F$_$F2<$5$$!#(B
$B%&%'%V$G$b(B RFC $B$G$b(B Path MTU Discovery $B$r%-!<%o!<%I$KC5$;$P$9$0$K$o$+$k(B
$B$+$H;W$$$^$9!#(B
