From owner-FreeBSD-users-jp@jp.FreeBSD.org Thu Jun  6 00:58:04 2002
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id g55Fw4m06029;
	Thu, 6 Jun 2002 00:58:04 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from ns.kobe1995.net (kaz@211.12.126.15.user.dt.il24.net [211.12.126.15])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with ESMTP/inet id g55Fw2v06024
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Thu, 6 Jun 2002 00:58:02 +0900 (JST)
	(envelope-from kaz@kobe1995.net)
Received: (from kaz@localhost)
	by ns.kobe1995.net (8.8.8/3.7W-primary) id AAA00568;
	Thu, 6 Jun 2002 00:57:57 +0900 (JST)
Date: Thu, 6 Jun 2002 00:57:57 +0900 (JST)
Message-Id: <200206051557.AAA00568@ns.kobe1995.net>
To: FreeBSD-users-jp@jp.FreeBSD.org
In-Reply-To: Your message of "Wed, 5 Jun 2002 23:07:19 +0900".
	<000001c20c9a$4f32a050$0201a8c0@sience>
From: kaz@kobe1995.net (NAKAMURA Kazushi)
X-Mailer: mnews [version 1.20] 1996-12/08(Sun)
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+020417
X-Sequence: FreeBSD-users-jp 69024
Subject: [FreeBSD-users-jp 69024] Re: FreeBSD
 =?ISO-2022-JP?B?GyRCJHI7SCRDJD8lViVtITwlSSVQJXMlSSVrITwbKEI=?=
 =?ISO-2022-JP?B?GyRCJT8kTiU5JWshPCVXJUMlSDJ+QTEkTiQqNGobKEI=?=
 =?ISO-2022-JP?B?GyRCJCQbKEI=?= 
Errors-To: owner-FreeBSD-users-jp@jp.FreeBSD.org
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: kaz@kobe1995.net

In article <000001c20c9a$4f32a050$0201a8c0@sience>
tuchi@an.wakwak.com writes:
>NIC $B$ON>J}$H$b(B 3Com $B$N(B 3C90C-10/100TX $B$@$C$?$H5-21$7$F$$$^$9!#(B
  $B6a=j$N(BPC$B%7%g%C%W$G(B3COM 3C905C$B$,!"(BNTT$B$N(BFlet's ADSL$B$GAj@-LdBjM-$j!"(B
$B$H$NCm0U=q$-IU$-$GGd$i$l$F$$$^$7$?!#0B$$J*$J$N$G(BNIC$B$rJL(B(fxp$B$H$+(Bsis)$B$N(B
$B$b$N$KJQ$($F$_$F$O$$$+$,$G$7$g$&!#(Bxl$B$OFb8~$-$G;H$($PNI$$$G$7$g$&!#(B

  $B0J2<!"%F%-%9%H%U%!%$%k$NE:IU$r(Boctet-stream$B$G$d$k$N$O$d$a$F$b$i$($^(B
$B$;$s$+!#(B

>------=_NextPart_000_0001_01C20CBF.1139E950
>Content-Type: application/octet-stream;
>	name="ppp.conf"
>Content-Transfer-Encoding: quoted-printable
>Content-Disposition: attachment;
>	filename="ppp.conf"
>
>default:=0A=
> set log Phase Chat LCP IPCP CCP tun command=0A=
> ident user-ppp VERSION (built COMPILATIONDATE)=0A=
> set device PPPoE:xl1=0A=
> set speed sync=0A=
> set mru 1454=0A=
> set mtu 1454=0A=
> set ctsrts off=0A=
> set openmode active=0A=
>=0A=
>pppoe:=0A=
> accept chap=0A=
> accept pap=0A=
> set authname guest@flets=0A=
> set authkey guest=0A=
> set filter dial 0 deny icmp=0A=
		    ^^^^
> set filter dial 1 permit 0/0 0/0=0A=
> set filter alive 0 deny icmp=0A=
		     ^^^^
> set filter alive 1 permit 0/0 0/0=0A=
> add default HISADDR=0A=
>=0A=
  $B>o;~@\B3$J$N$G>e$N(Bdeny$B$N9T$OITMW$G$O!)(B

>------=_NextPart_000_0001_01C20CBF.1139E950
>Content-Type: application/octet-stream;
>	name="rc.firewall.local"
>Content-Transfer-Encoding: quoted-printable
>Content-Disposition: attachment;
>	filename="rc.firewall.local"
>
># IP Firewall rule definitions=0A=
>#=0A=
># packets from/to lo0=0A=
>ipfw add allow ip from any to any via lo0=0A=
>ipfw add deny ip from any to 127.0.0.0/8=0A=
>ipfw add deny ip from 127.0.0.0/8 to any=0A=
># LAN=0A=
>ipfw add allow ip from 192.168.1.0/24 to me via xl0=0A=
>ipfw add allow ip from me to 192.168.1.0/24 via xl0=0A=
># established tcp connection=0A=
>ipfw add allow tcp from any to any established=0A=
># fragments=0A=
>ipfw add allow ip from any to any frag=0A=
># from LAN to outside=0A=
>ipfw add allow tcp from 192.168.1.0/24 to any setup=0A=
>ipfw add allow tcp from me to any setup=0A=
># essential UDP's=0A=
>ipfw add allow udp from 192.168.1.0/24 to any 53 keep-state=0A=
>ipfw add allow udp from me to any 53 keep-state=0A=
>ipfw add allow udp from 192.168.1.0/24 to any 123 keep-state=0A=
>ipfw add allow udp from me to any 123 keep-state=0A=
># pass SSH, SMTP, HTTP, POP3=0A=
>ipfw add allow tcp from any to me 22=0A=
>ipfw add allow tcp from any to me 25=0A=
>ipfw add allow tcp from any to me 80=0A=
>ipfw add allow tcp from any to me 110=0A=
># allow ICMP=0A=
>ipfw add allow icmp from any to any=0A=
># Then, deny all with logging=0A=
>ipfw add allow log ip from any to any=0A=
	  ^^^^^
  deny$B$N4V0c$$$G$O!)$3$N%U%!%$%"%&%)!<%k$@$H7k6I!"A4ItDL$9$N$G0UL#$,(B
$B$"$j$^$;$s!#$7$+$bDL$9EY$K$$$A$$$A(Blog$B<h$C$F$$$?$i!"$=$j$cLTNu$KCY$/(B
$B$J$k$G$7$g$&!#(B
-- 
$BCfB<OB;V!w?@8M(B		<mailto:kaz@kobe1995.net>
NAKAMURA Kazushi@KOBE	<http://kobe1995.net/>
- Break the hate chain. No more kill!
