From owner-FreeBSD-users-jp@jp.FreeBSD.org Thu Oct  3 22:30:47 2002
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id g93DUlV69193;
	Thu, 3 Oct 2002 22:30:47 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from mgate08.so-net.ne.jp (mgate08.so-net.ne.jp [210.139.254.155])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with ESMTP/inet id g93DUk369185
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Thu, 3 Oct 2002 22:30:46 +0900 (JST)
	(envelope-from ats_sato@yb3.so-net.ne.jp)
Received: from mail.yb3.so-net.ne.jp (mspool34.so-net.ne.jp [210.139.254.24])
	by mgate08.so-net.ne.jp  with ESMTP id g93DUj609735
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Thu, 3 Oct 2002 22:30:45 +0900 (JST)
Received: from [192.168.54.2] (l225081.ppp.asahi-net.or.jp [218.219.225.81])
	by mail.yb3.so-net.ne.jp  with ESMTP id g93DUi008118
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Thu, 3 Oct 2002 22:30:44 +0900 (JST)
From: =?ISO-2022-JP?B?GyRCOjRGIyQiJEQkNxsoQg==?= <ats_sato@yb3.so-net.ne.jp>
To: FreeBSD-users-jp@jp.FreeBSD.org
In-Reply-To: <200210030945.SAA12512@boat.zero.ad.jp>
References: <20021003155749.5823.ATSUSHI_SATO@iwatalabel.co.jp> <200210030945.SAA12512@boat.zero.ad.jp>
Message-Id: <20021003215936.AABB.ATS_SATO@yb3.so-net.ne.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
X-Mailer: Becky! ver. 2.05.04
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Thu, 03 Oct 2002 22:30:49 +0900
X-Sequence: FreeBSD-users-jp 71178
Subject: [FreeBSD-users-jp 71178] Re: NAT =?ISO-2022-JP?B?GyRCJEsbKEI=?=
 =?ISO-2022-JP?B?GyRCJEQkJCRGPEFMZBsoQg==?= 
Errors-To: owner-FreeBSD-users-jp@jp.FreeBSD.org
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: ats_sato@yb3.so-net.ne.jp
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+020902

$B:4F#!w4tIl$G$9!#(B

$B$3$s$J9=@.$G$9$M!#(B

        |
    (internet)
        |
  +-----------+        (192.168.1.3/24)+---------+
  |  gateway  |(rl0)-------------------|   WWW   |
  | ipfw+natd |                        |         |
  +-----------+(192.168.1.2/24)        +---------+
      (ed0)
        |(192.168.0.2/24)
        |
   (local net)
        |


>natd_enable="YES"
>natd_interface="tun0"
>natd_flags="-f /etc/natd.conf"
>#tcp_restrict_rst="YES"
>#tcp_drop_synfin="YES"

tun0 $B$O(B ppp $B$,@\B3$r3NN)$7$J$$8B$j(B device not configure $B$J$N$G!"@\B3$9$k(B
$BA0$K(B natd $B$,5/F0$7$F$7$^$&$H%(%i!<EG$$$F;_$^$C$?$H;W$&$G$9!#(B
$B$7$+$b(B rc.conf $B$NCf$G(B ppp_nat $B$K4X$9$k@_Dj$,8+Ev$?$j$^$;$s!#L@<(E*$K6X;_(B
$B$7$J$$8B$j%G%U%)%k%H$G$O(B ppp_nat $B$,F/$-$^$9!#(B

> cat /etc/defaults/rc.conf |grep ppp_nat
ppp_nat="YES"           # Use PPP's internal network address translation or NO.


$B7k2L$H$7$F(B natd $B$r;H$*$&$H;W$C$F$$$k$N$@$1$l$I!"0U?^$;$:(B ppp_nat $B$,F0$$(B
$B$F$$$k>uBV$J$N$G$7$g$&!#(B


$B<jA0L#A9$G$9$,(B $B<+Bp$N(B ipfw + natd $B$O!"(Bppp $B$N@\B3$N8e$K<B9T$5$l$k(B
/etc/ppp/ppp.linkup $B$NCf$+$i5/F0$9$k$h$&$K$7$F$$$F!"(Bfirewall_* $B$b(B natd_* 
$B$b(B /etc/rc.conf $B$G$O5-=R$7$F$$$^$;$s!#(B

$B$3$s$J46$8!#(B
----
flets:
 ! sh -c "echo onet=\"MYADDR\" > /etc/ppp/ppp.address"
 ! sh -c "echo omask=\"255.255.255.255\" >> /etc/ppp/ppp.address"
 ! sh -c "echo oif=\"MYADDR\" >> /etc/ppp/ppp.address"
 !bg sh /etc/ipfw.rule
 !bg /sbin/natd -f /etc/natd.conf -n tun0
----** ipfw $B$O(B /etc/ppp/ppp.address $B$r<h$j9~$s$GMxMQ$7$F$$$^$9!#(B



--
Atsushi, SATO

