From owner-FreeBSD-tech-jp@jp.freebsd.org  Sat Aug 15 16:35:53 1998
Received: (from daemon@localhost)
	by jaz.jp.freebsd.org (8.9.1+3.0W/8.7.3) id QAA12790;
	Sat, 15 Aug 1998 16:35:53 +0900 (JST)
	(envelope-from owner-FreeBSD-tech-jp@jp.FreeBSD.org)
Received: from smtp.kw.netlaputa.ne.jp (smtp.kw.netlaputa.ne.jp [202.208.194.17])
	by jaz.jp.freebsd.org (8.9.1+3.0W/8.7.3) with ESMTP id QAA12785
	for <FreeBSD-tech-jp@jp.freebsd.org>; Sat, 15 Aug 1998 16:35:49 +0900 (JST)
	(envelope-from mychro@kw.NetLaputa.ne.jp)
Received: from ryuuoh (km2-ppp13.kw.netlaputa.or.jp [202.208.194.141])
	by smtp.kw.netlaputa.ne.jp (8.8.8/8.8-smtp) with SMTP id QAA20264
	for <FreeBSD-tech-jp@jp.freebsd.org>; Sat, 15 Aug 1998 16:38:14 +0900 (JST)
Message-Id: <199808150738.QAA20264@smtp.kw.netlaputa.ne.jp>
X-My-Real-Login-Name: mychro; smtp.kw.NetLaputa.ne.jp
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-2022-jp
X-Mailer: Denshin 8 Go V321.2b5
Date: Sat, 15 Aug 1998 16:35:02 +0900
From: MicroCassetteMan <mychro@kw.NetLaputa.ne.jp>
To: FreeBSD-tech-jp@jp.freebsd.org
In-Reply-To: Your message of "Mon, 03 Aug 1998 13:04:12 +0900"
 	<199808030404.NAA12584@sakura.astec.co.jp>
References: <199808030404.NAA12584@sakura.astec.co.jp>
Reply-To: FreeBSD-tech-jp@jp.freebsd.org
Precedence: bulk
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+980729
X-Sequence: FreeBSD-tech-jp 1703
Subject: [FreeBSD-tech-jp 1703] Re: (NAT-ppp)FTP cannot connect from LAN
Errors-To: owner-FreeBSD-tech-jp@jp.freebsd.org
Sender: owner-FreeBSD-tech-jp@jp.freebsd.org

$B!!>.>>!w%M%C%H%i%T%e%?$G$9!#(J

        Mon, 03 Aug 1998 13:04:12 +0900 $B$N(J
        [FreeBSD-tech-jp 1687] Re: [FreeBSD-users-jp 31304] (NAT-ppp)FTPcannot connect from LAN
        $B$K4X$9$k%a!<%k$K$*Ez$($7$^$9!#(J

>$B$G!"(Jppp + nat-patch $B$r(J -auto $B%b!<%I$G;H$&>l9g!"$I$&$9$k$N$,NI$$$+$H$$$$(J
>$B$^$9$H!"@\B3!?@ZCG$N$?$S$K!"(Jdefault route $B$r:n$jD>$7$F$"$2$l$P$$$$$N$G$9!#(J
>
>$B6qBNE*$K$O(J ppp.linkup $B$H(J ppp.linkdown $B$N(J*$BN>J}(J*$B$G!"(J
>
>  delete ALL
>  add 0 0 HISADDR
>
>$B$rDj5A$7$F$"$2$l$P$$$$$3$H$K$J$j$^$9!#(Jppp+nat-patch $B$G(J -auto $B%b!<%I$@$H(J
>$B2?$+$*$+$7$$$H;W$C$F$$$?J}$O!"$<$R;n$7$F$_$F$/$@$5$$!#(J


$B!!$o$6$o$6D4$Y$F$$$?$@$$$FK\Ev$K?=$7$o$1$J$$$s$G$9$,!DD>$i$J$$$s$G$9(J(;_;)
$B%5!<%P!<7s%k!<%?!<$N%P!<%8%g%s$r(J2.2.5R$B$+$i(J2.2.6R$B$K$7$^$7$?$,!">u67$OJQ(J
$B$o$C$F$$$^$;$s!#(J2.2.2R$B$NJ}$,NI$$$N$G$7$g$&$+(J?

$B!!@\B3Cf$K!"ESCf$+$i<u?.$G$-$J$/$J$k$3$H$b$"$k$s$G$9!#(JTA$B$N%i%s%W$r8+$k(J
$B8B$j!"(JFTP$B%5!<%P!<$+$i$OAw$i$l$F$-$F$$$k$s$G$9!#$I$&$7$?$i$h$$$N$G$7$g$&(J??

$B!!(Jppp.conf$B!"(Jppp.linkup$B!"(Jppp.linkdown$B$r5-$7$F$*$-$^$9!#$h$m$7$/$*4j$$$7(J
$B$^$9!#(J

===== ppp.conf =====

default:
	set device /dev/cuaa0
	set speed 115200
	set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 10 \"\" ATZ OK-AT-OK \\dATD\\T TIMEOUT 65 CONNECT"
	set openmode passive
	disable lqr
	deny lqr
	set redial random 3
	set timeout 90
	set taddr 192.168.0.0/24
	set server 3000


netlaputa:
	disable pred1
	deny pred1
	disable vjcomp
	deny vjcomp
	disable acfcomp
	deny acfcomp
	disable protocomp
	deny protocomp
	disable pap
	accept pap
	disable chap
	deny chap
	set authname $B;d$NL>A0(J
	set authkey $B$R!&$_!&$D(J
	set openmode active
	set phone ***-****
	set login ""
	set ifaddr 0 x.x.x.x/0
	add 0 255.255.255.0 x.x.x.x
# RIP packets
	set ifilter 0 deny 0/0 0/0 udp dst eq 520
# SMB packets
	set ifilter 1 deny 0/0 0/0 tcp dst eq 137
	set ifilter 2 deny 0/0 0/0 udp dst eq 137
	set ifilter 3 deny 0/0 0/0 tcp dst eq 138
	set ifilter 4 deny 0/0 0/0 udp dst eq 138
	set ifilter 5 deny 0/0 0/0 tcp dst eq 139
# permit other packets
	set ifilter 6 permit 0/0 0/0 estab
# RIP packets
	set ofilter 0 deny 0/0 0/0 udp dst eq 520
# SMB packets
	set ofilter 1 deny 0/0 0/0 tcp dst eq 137
	set ofilter 2 deny 0/0 0/0 udp dst eq 137
	set ofilter 3 deny 0/0 0/0 tcp dst eq 138
	set ofilter 4 deny 0/0 0/0 udp dst eq 138
	set ofilter 5 deny 0/0 0/0 tcp dst eq 139
# permit other packets 
	set ofilter 6 permit 0/0 0/0
# DNS packets from other machines
#	set dfilter 0 deny 192.168.0.0/24 0/0 udp dst eq 53
# RIP packets
	set dfilter 1 deny 0/0 0/0 udp dst eq 520
# SMB packets
	set dfilter 2 deny 0/0 0/0 tcp dst eq 137
	set dfilter 3 deny 0/0 0/0 udp dst eq 137
	set dfilter 4 deny 0/0 0/0 tcp dst eq 138
	set dfilter 5 deny 0/0 0/0 udp dst eq 138
	set dfilter 6 deny 0/0 0/0 tcp dst eq 139
# not keep alive by RIP packets
	set afilter 0 deny udp src eq 520
# from Web browser closing
	set dfilter 7 deny 0/0 0/0 tcp finrst
	set afilter 1 deny 0/0 0/0 tcp syn
	set afilter 2 deny 0/0 0/0 tcp finrst
# permit other packets
	set dfilter 8 permit 0/0 0/0
	set afilter 3 permit 0/0 0/0


===== ppp.linkup/ppp.linkdown($BF10lFbMF(J) =====
netlaputa:
	delete ALL
	add 0 0 HISADDR


------------------------------------------------------------
$B>.>>!!1QG7(J                         hkomatsu@bio.titech.ac.jp

MicroCassetteMan                   mychro@kw.NetLaputa.ne.jp
$BKh9u2>@aEOK|(J                          HXD08184@biglobe.ne.jp
                                    mychro@mth.biglobe.ne.jp
                         http://www.NetLaputa.ne.jp/~mychro/

