From owner-FreeBSD-users-jp@jp.freebsd.org  Fri Jan 12 22:06:02 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id WAA30827;
	Fri, 12 Jan 2001 22:06:02 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from sv01.geocities.co.jp (sv01.geocities.co.jp [210.153.89.155])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id WAA30822
	for <FreeBSD-users-jp@jp.freebsd.org>; Fri, 12 Jan 2001 22:06:02 +0900 (JST)
	(envelope-from ml1@geocities.co.jp)
Received: from mail.geocities.co.jp (mail.geocities.co.jp [210.153.89.137]) by sv01.geocities.co.jp (8.9.3+3.2W/3.7W) with ESMTP id WAA29965 for <FreeBSD-users-jp@jp.freebsd.org>; Fri, 12 Jan 2001 22:06:01 +0900 (JST)
Received: from UNKNOWN-DX (saitama0303-168139.zero.ad.jp [211.16.168.139]) by mail.geocities.co.jp (1.3G-GeocitiesJ-3.3) with SMTP id WAA28385 for <FreeBSD-users-jp@jp.freebsd.org>; Fri, 12 Jan 2001 22:06:00 +0900 (JST)
Message-Id: <200101121306.WAA28385@mail.geocities.co.jp>
X-Sender: ml1@geocities.co.jp
X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5-J (32)
Date: Fri, 12 Jan 2001 22:06:36 +0900
To: FreeBSD-users-jp@jp.freebsd.org
From: "Y.Nakayama" <ml1@geocities.co.jp>
Mime-Version: 1.0
Content-Type: text/plain; charset="ISO-2022-JP"
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: FreeBSD-users-jp 58180
Subject: [FreeBSD-users-jp 58180] Re: IPFW or IP Filter ?
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: ml1@geocities.co.jp

$B?oJ,!"4V$,$"$$$F$7$^$$$^$7$?$,!"Cg;3$G$9!#(B


At 16:25 2001/01/04 +0900, you wrote:
> $B$&$A$+$o$G$9(B
-----8< snip 8<-----
> > /boot/loader.conf $B$K(B
> > 
> > ipl_load="YES"
> > 
> > $B$H=q$$$F$_$?$i$I$&$G$7$g$&!)$&$A$G$O(B
> 
> $B;d$b$3$A$i$NJ}$,$*4+$a$G$9!#(B
> ifconfig $B$9$kA0$K(Bkld$B$r(Bload$B$7$F$*$$$?J}$,$h$$$G$7$g$&!#(B


$B0J2<!"(BCOMPAQ DESKPRO 4/33i $B$K(B FreeBSD 4.2-R $B$r%$%s%9%H!<%kD>8e$K(B
$B>e5-@_Dj$r;n$7$F$_$?(B dmesg $B$N7k2L$G$9!#(B
----------------------------------------------------------------------
Copyright (c) 1992-2000 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
	The Regents of the University of California. All rights reserved.
FreeBSD 4.2-RELEASE #0: Mon Nov 20 13:02:55 GMT 2000
    jkh@bento.FreeBSD.org:/usr/src/sys/compile/GENERIC
Timecounter "i8254"  frequency 1193182 Hz
CPU: i486 DX2 (486-class CPU)
  Origin = "GenuineIntel"  Id = 0x435  Stepping = 5
  Features=0x3<FPU,VME>
real memory  = 21233664 (20736K bytes)
config> di pcic0
config> di sio1
config> di ppc0
config> di sn0
config> di lnc0
config> di ie0
config> di fe0
config> di ed0
config> di bt0
config> di ata1
config> di aic0
config> di aha0
config> di adv0
config> q
avail memory = 16482304 (16096K bytes)
Preloaded elf kernel "kernel" at 0xc044c000.
Preloaded userconfig_script "/boot/kernel.conf" at 0xc044c09c.
Preloaded elf module "ipl.ko" at 0xc044c0ec.
md0: Malloc disk
npx0: <math processor> on motherboard
npx0: INT 16 interface
isa0: <ISA bus> on motherboard
fdc0: <NEC 72065B or clone> at port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on isa0
fdc0: FIFO enabled, 8 bytes threshold
fd0: <1440-KB 3.5" drive> on fdc0 drive 0
ata0 at port 0x1f0-0x1f7,0x3f6 irq 14 on isa0
atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0
atkbd0: <AT Keyboard> flags 0x1 irq 1 on atkbdc0
kbd0 at atkbd0
psm0: <PS/2 Mouse> irq 12 on atkbdc0
psm0: model Generic PS/2 mouse, device ID 0
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
sc0: <System console> at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
sio0: type 16550A
cs0 at port 0x300-0x31f irq 5 on isa0
cs0: driver is using old-style compatability shims
IP Filter: v3.4.8 initialized.  Default = pass all, Logging = enabled
ad0: 504MB <Conner Peripherals 528MB - CFA528A> [1024/16/63] at ata0-master
BIOSPIO
Mounting root from ufs:/dev/ad0s1a
----------------------------------------------------------------------

$B>0!"(Bdmesg $B$G$O=P$F$-$^$;$s$G$7$?$,!"$3$N8e$K0J2<$N%a%C%;!<%8$,(B
$B=P$F$-$?$N$G!"(Bifconfig $B$9$kA0$K(B kld $B$r(B load $B$G$-$F$$$k$H;W$$$^$9!#(B

Doing initial network setup: hostname.

$B;d$O",$,!"(Bifconfig $B$7$F$$$k>uBV$@$HG'<1$7$F$$$k$N$G$9$,!"(B
$B$=$NG'<1$G9g$C$F$$$k$G$7$g$&$+!)(B


$B$"$H!"(Bdmesg $B$N2<$+$i#39TL\$N!"(B
IP Filter: v3.4.8 initialized.  Default = pass all, Logging = enabled
                                ~~~~~~~~~~~~~~~~~~
$B%A%k%@ItJ,(B(~) $B$,5$$K$J$C$?0Y!"5/F0D>8e$K0J2<$r;n$7$F$_$^$7$?!#(B

# ipfstat -i
empty list for ipfilter(in)

# ipfstat -o
empty list for ipfilter(out)

$B$=$3$G!"(B
# ipf -f /etc/ipf.conf

$B$H!"<jF0$GFI$_9~$^$;$F!"$d$C$H%k!<%k%U%!%$%k$rG'<1$7$^$9!#(B
$B$I$&$d$i!"<+F0E*$K(B /etc/ipf.conf $B$rFI$_$K9T$+$J$$$h$&$G$9!#(B

/boot/loader.conf $B$K(B ipl_load="YES" $B$H=q$/$3$NJ}K!$G$O!"(B
/etc/ipf.conf $B$rL@<(E*$KFI$_9~$^$;$k;v$O=PMh$J$$$N$G$7$g$&$+!)(B


> $B$"$H!"%$%s%?!<%U%'!<%9$,2?$G$"$k$+$rJ9$$$?$N$O(B ipnat$B$r;H$&>l9g$K(B
> $BNc$($P(Btun0$B$rBP>]$K$7$F$$$k$H!"0lEY(B ppp.conf$B$K%@%_!<$N%(%s%H%j$r:n$C$F(B
> 
>  % ppp dummy
> 
> $B$N$h$&$JA`:n$r$7$F0lEY%"%/%F%#%V$K$7$F$+$i%k!<%k$N@_Dj$r$7$J$$$H%k!<%k$,(B
> $BM-8z$K$J$i$J$$$H$$$&LdBj$,$"$k$+$i$G$9!#(BUSB$B%G%P%$%9Ey$r;H$C$F$$$k>l9g$b(B
> $B%G%P%$%9$,M-8z$K$J$C$F$+$i@_Dj$r$9$kI,MW$,$"$k$+$b$7$l$^$;$s!#(B

$B$^$?!">e5-$N7o$O!"$"$/$^$G(B ipnat $B$r;HMQ$9$k>l9g$N;v$rA[Dj$7$F!"(B
$B=q$+$l$F$$$k;v$J$N$G$9$h$M(B!?
$B:F3NG'$G$9$1$l$I(B...


Y.Nakayama.

