From owner-FreeBSD-net-jp@jp.freebsd.org  Sat Jul 24 18:19:09 1999
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id SAA57432;
	Sat, 24 Jul 1999 18:19:09 +0900 (JST)
	(envelope-from owner-FreeBSD-net-jp@jp.FreeBSD.org)
Received: from www2.shohun-ji.or.jp (www2.shohun-ji.or.jp [210.248.121.194])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id SAA57425
	for <FreeBSD-net-jp@jp.freebsd.org>; Sat, 24 Jul 1999 18:19:07 +0900 (JST)
	(envelope-from nobu00@shohun-ji.or.jp)
Received: (from uucp@localhost)
	by www2.shohun-ji.or.jp (8.8.8/3.6W) id SAA09424
	for <FreeBSD-net-jp@jp.freebsd.org>; Sat, 24 Jul 1999 18:18:24 +0900 (JST)
Message-Id: <199907240918.SAA09424@www2.shohun-ji.or.jp>
Received: from UNKNOWN(210.248.121.195), claiming to be "[210.248.121.195]"
 via SMTP by www2.shohun-ji.or.jp, id smtpdlL9422; Sat Jul 24 18:18:22 1999
X-Mailer: Macintosh Eudora Pro Version 3.1.1-J
In-Reply-To: <199907231137.UAA05200@aerith.cks.canon.co.jp>
References: Your message of "Fri, 23 Jul 1999 20:12:33 +0900"
 <199907231109.UAA08200@www2.shohun-ji.or.jp>
Mime-Version: 1.0
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
Date: Sat, 24 Jul 1999 18:21:02 +0900
To: FreeBSD-net-jp@jp.freebsd.org
From: NOBUTOSHI ISHIHARA <nobu00@shohun-ji.or.jp>
Reply-To: FreeBSD-net-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+990625
X-Sequence: FreeBSD-net-jp 1761
Subject: [FreeBSD-net-jp 1761] Re: ipfw =?ISO-2022-JP?B?GyRCJEgbKEo=?= natd
Errors-To: owner-FreeBSD-net-jp@jp.freebsd.org
Sender: owner-FreeBSD-net-jp@jp.freebsd.org
X-Originator: nobu00@shohun-ji.or.jp

$B@P86$G$9!#$+$o$$!w$-$d$N$s$5$s$O$$$o$l$^$7$?!#(J
$B$$(J>$B%k!<%?%^%7%s$G<+J,<+?H$N(J2$BKg$N%$!<%5%M%C%H%+!<%I(J
$B$$(J>$B$K$?$$$7$F$O(Jping$B$,JV$C$F$-$^$9!#(J
$B<+J,<+?H$KBP$9$k!"(Jping $B$O!"<+J,$N;}$C$F$$$k(J interface $B$K(J $B3:Ev(J IP $B$,(J
$B?6$i$l$?>Z5r$0$i$$$K$7$+$J$j$^$;$s!#(J

$B$$(J>$B:n$C$F$$$^$9!#=gD4$K(Jnatd$B$bN)$A>e$,$j$^$7$?$,%W%i%$%Y!<%H%"%I%l%9(J
$B$$(J>$BB&$N(JWIN95$B%^%7%s$+$i%k!<%?%^%7%s$NFbB&$b30B&$b(Jping$B$7$F$bJVEz$,(J
$B$$(J>$B$"$j$^$;$s!#(J
$B!t(JWindows 95 $B$N(J ping $B$O!"<B:]$K$O(J ping $B$8$c$J$$$i$7$$$s$G$9$1$I!"(J
$B!t$^$!!"$=$l$O$^$@4X78$J$$$+$J!#(J

ipfw $B$H$+!"(Jnat $B$H$+$9$kA0$K!"(Jinterface $B$d!"(Jnetwork $B$,!"$-$A$s$HF0:n$9$k$3$H$O(J
$B$J$<3NG'$7$J$$$s$G$9$+!)(J
$B$9$_$^$;$s3NG'$7$?$N$O(Jdmesg$B$@$1$G$7$?!#(J
>/etc/rc.conf $B$N(J network $B@_DjItJ,$H$+!"(J
>$B$=$l$,H?1G$5$l$F$$$k$O$:$N!"(J
>netstat -i$B!"(Jifocnfig -a $B$H$+!"(Jnetstat -r $B$J$I$N7k2L$O!)(J
$B2<5-$NDL$j$G$9$N$G%"%I%P%$%9$r$*4j$$$$$?$7$^$9!#(J
% ifconfig -a
               ed2: flags=8843 mtu 1500
               inet ********netmask 0xffffff00 broadcast **********$B%0%m!<%P(J
$B%k%"%I%l%9(J
               ether 00:90:cc:a1:d2:1a
               ed3: flags=8843 mtu 1500
               inet 192.168.10.1 netmask 0xffffff00 broadcast 192.168.10.255
               ether 00:90:cc:a1:bf:a2
               sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
               lo0: flags=8049 mtu 16384
              ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
               inet 127.0.0.1 netmask 0xff000000
%netstat -i$B!!(J
              Name  Mtu   Network       Address            Ipkts Ierrs
Opkts Oerrs  Coll
              ed2   1500  <Link>      00.90.cc.a1.d2.1a        0     0
5     0     0
%netstat -r
               Destination        Gateway            Flags     Refs     Use
Netif Expire
$B!!!!!!!!!!!!$J$s$K$b=P$F$3$J$$(J
/etc/rc.conf

 Network configuration sub-section
   hostname="fw.shohun-ji.or.jp"   # Set this!
  nisdomainname="NO" # Set to NIS domain if using NIS (or NO).
firewall_enable="YES"  # Set to YES to enable firewall functionality
firewall_type="OPEN"    # Firewall type (see /etc/rc.firewall)
firewall_quiet="NO"      # Set to YES to suppress rule display
network_interfaces="ed2 ed3 lo0" # List of network interfaces (lo0 is loopback)
ifconfig_ed2="inet ***.***.***.**  netmask 255.255.255.240"$B!!(J
ifconfig_lo0="inet 127.0.0.1"   # default loopback device configuration.
#ifconfig_lo0_alias0="inet 127.0.0.254 netmask 0xffffffff" # Sample alias
entry.
ifconfig_ed3="inet 192.168.10.1  netmask 255.255.255.0"
$BCfN,(J
###Network routing options: ###
defaultrouter="***.***.***.***" $B!!%k!<%?$N%"%I%l%9!!%0%m!<%P%k!!#M#N(J128
static_routes=""
gateway_enable="YES"
router_enable="NO"
router="routed"$B!!!!!!!!!!!!!!!!!!!!(J
router_flags="-q"
mrouted_enable="NO"
mrouted_flags=""
ipxgateway_enable="NO"
ipxrouted_enable="NO"
ipxrouted_flags=""
arpproxy_all=""
forward_sourceroute="NO"
accept_sourceroute="NO"
natd_enable="YES"
natd_interface="ed2"
natd_flags=""



>FreeBSD $B$+$i!"(Jping $B$G!"(Jglobal address $B$N(J $B6a$/$N(J machine $B$H$+!"(J
$B6a$/$N(JDNS$B%5!<%P!<$X(Jping$B$9$k$H(J
fw natd: failed to write packet back (Hosts is down)

>local address $BB&$N(J $B6a$/$N(J machine $B$X$O!)(J
local$BB&$K$O(Junix$B%^%7%s$OMQ0U$J$7#w#i#n(J951$BBf(J

ipfw $B$N(J $B@_Dj(J
$B!!!!!!!!!!(Joptions$B!!(JIPFIREWALL
               options$B!!(JIPDIVERT
$B$H$7$F%3%s%Q%$%k(J
ipfw list $B$N7k2L(J
00100  divert 6668 ip from any to any
00200 allow ip from any to any
65535 deny ip from any to any




***************************
+++++++++++++++++++++++++++++++
Shohun-ji
NOBUTOSHI ISHIHARA
nobu00@shohun-ji.or.jp
+++++++++++++++++++++++++++++++
***************************


