From owner-FreeBSD-users-jp@jp.freebsd.org  Sun Jun 13 23:00:35 1999
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id XAA34895;
	Sun, 13 Jun 1999 23:00:35 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from gate.orangesoft.co.jp (winbiff-i.orangesoft.co.jp [203.139.95.200])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id XAA34890
	for <FreeBSD-users-jp@jp.freebsd.org>; Sun, 13 Jun 1999 23:00:35 +0900 (JST)
	(envelope-from kether@orangesoft.co.jp)
Received: from orangegw.orangesoft.co.jp (ns.orangesoft.co.jp [202.223.0.10]) by gate.orangesoft.co.jp (8.8.8+3.0Wbeta7/OrangeGate-960716) with ESMTP id XAA10398; Sun, 13 Jun 1999 23:00:34 +0900 (JST)
Received: from orangesoft.co.jp by orangegw.orangesoft.co.jp (8.8.5/3.3Wb-orangegw-MX-01/06/96)
	id XAA13255; Sun, 13 Jun 1999 23:00:31 +0900 (JST)
To: FreeBSD-users-jp@jp.freebsd.org
X-PGP-Fingerprint: 752E C288 C307 7E44 5C2E  5D9E 6EC9 6A4F 3A8D 92A8
X-SMIME-Fingerprint: DE:FA:9E:98:E8:FF:F7:C8:E4:F8:7B:25:96:2D:DB:9B
From: Nobuyo Hiratsuka <kether@orangesoft.co.jp>
References: <376361B982.6C53T-GO@po.tcn.zaq.ne.jp>
In-Reply-To: <376361B982.6C53T-GO@po.tcn.zaq.ne.jp>
Message-Id: <199906132303.ADG08491@orangesoft.co.jp>
X-Mailer: Winbiff [Version 2.30 beta5]
Date: Sun, 13 Jun 1999 23:03:57 +0900
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-2022-jp
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+990610
X-Sequence: FreeBSD-users-jp 43176
Subject: [FreeBSD-users-jp 43176] Re: ipfw + natd
	=?ISO-2022-JP?B?GyRCJEclKCVpITwbKEI=?= 
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: kether@orangesoft.co.jp

<376361B982.6C53T-GO@po.tcn.zaq.ne.jp> $B$N!"(B
   "[FreeBSD-users-jp 43171] ipfw + natd$B$G%(%i!<(B " $B$K$*$$$F!"(B
   "Go <t-go@geocities.co.jp>"$B$5$s$O=q$-$^$7$?!'(B

> $B!!(BFreeBSD 2.2.8R $B$G(B ipfw + natd $B$G%k!<%?$r:n$m$&$H$7$F$$$k$N$G$9$,!"$J$+(B
> $B$J$+$&$^$/$$$-$^$;$s!#$D$$$K(B
> 
> warning: kernel has firewall functionality , but firewall rules are not
>          enabled.
>          all ip services are disabled.
> 
> $B!!$H5/F0;~$KI=<($5$l$F!"30B&$K(BPING$B$9$iDL$i$J$/$J$C$F$7$^$$$^$7$?!#(B
> $B$3$3$G8@$&(B rules $B$H$O(B /etc/rc.firewall $B$N5-=R$N$3$H$J$N$G$7$g$&$+!)(B

# $B<B$O;d$O(B natd $B$O;H$C$?$3$H$,L5$$$N$G$9$,(B....

$B5/F0$7$?8e$K(B

   /sbin/ipfw show

$B$HBG$C$F$_$F2<$5$$!#(B

  65535          0         0 deny ip from any to any

$B$N$_$@$C$?$i!"@_Dj$7$?(B ipfw $B$N%k!<%k$,H?1G$5$l$F$$$^$;$s!#(B

/etc/rc.firewall $B$r@_Dj$7$?$N$G$7$?$i(B /etc/rc.conf $B$NCf$G(B

   firewall_enable="YES"
   firewall_type="simple"

$B$H$J$C$F$$$k$+3NG'$7$F$_$F$/$@$5$$!#(B
# $B%k!<%k$r=q$$$?$N$,(B simple $B$N$H$3$m$G$"$l$P(B....$B$J$N$G$9$,!#(B

/usr/local/etc/rc.d/natd.sh $B$J$I$NCf$G(B ipfw $B$N%k!<%k$r@_Dj$7$?(B
$B>l9g$O>e5-$N(B rc.conf $B$N@_Dj$OL5$/$F$bBg>fIW$@$H;W$$$^$9!#(B

$B$&$^$/9T$+$J$$;~$O(B

   /sbin/ipfw zero

$B$r$7$?8e!"(Bping $BEy2?$+%F%9%H$7$F$_$F(B

   /sbin/ipfw show

$B$G;XDj$7$?%k!<%k$rDL$C$F$$$k$+3NG'$9$k$HNI$$$N$G$O$J$$$+$H;W$$$^$9!#(B
--------------------------------------------------------------------
$B!J3t!K%*%l%s%8%=%U%H(B   <Orangesoft URL> http://www.orangesoft.co.jp
      $BJ?DM(B $B?-@$(B                <E-mail> kether@orangesoft.co.jp

