From owner-FreeBSD-users-jp@jp.FreeBSD.org Mon Dec  9 17:04:49 2002
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id gB984nA21868;
	Mon, 9 Dec 2002 17:04:49 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from ns.fujie.org ([202.224.208.18])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with SMTP/inet id gB984k221861
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Mon, 9 Dec 2002 17:04:48 +0900 (JST)
	(envelope-from masao@fujie.org)
Received: (qmail 7987 invoked from network); 9 Dec 2002 17:04:45 +0900
Received: from drroom.local.fujie.org (HELO drroom) (192.168.1.5)
  by ns.fujie.org with SMTP; 9 Dec 2002 17:04:45 +0900
Message-ID: <006501c29f59$a4392770$b0382dda@drroom>
From: "FUJIE Masao" <masao@fujie.org>
To: <FreeBSD-users-jp@jp.FreeBSD.org>
References: <000d01c29ed0$0a0aeeb0$0501a8c0@drroom> <20021209091713.BB7F.UEDA@Raomen.Net>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-2022-jp"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Mon, 9 Dec 2002 17:04:47 +0900
X-Sequence: FreeBSD-users-jp 72508
Subject: [FreeBSD-users-jp 72508] Re: IPFILTER in PPTP
Errors-To: owner-FreeBSD-users-jp@jp.FreeBSD.org
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: masao@fujie.org
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+021208

$BF#9>$G$9!#L\9u$5$s!"?"ED$5$s!"%"%I%P%$%9$"$j$,$H$&$4$6$$$^$9!#(B
$B%"%I%P%$%9$r;29M$K<!$N$h$&$K$7$?$i7R$,$j$^$7$?!#(B
$B4D6-(B
Network: 202.***.***.16/29 (Infosphere BIZ ADSL8)
Router: rl0 =>tun0
$B!!!!!!!!!!(Brl1 => 202.***.***.17, alias 192.168.1.1 , FreeBSD4.7R
Server: 202.***.***.18 (alias 192.168.1.2), FreeBSD4.7R
----ipf.rules----
# PPTP
pass in quick proto gre from any to any keep state group 100
pass in quick proto tcp from any to any port = 1723 flags S keep state group 100

pass out quick proto gre from any to any keep state group 200
pass out quick proto tcp from any port = 1723 to any flags S keep state group 200
----ipnat.rules----
bimap tun0 192.168.1.2/32 -> 202.***.***.18/32
rdr tun0 202.***.***.18/32 port 1723 -> 192.168.1.2 port 1723

$B$"$j$,$H$&$4$6$$$^$7$?!#$3$l$G;THN$N%k!<%?!<$r;H$o$:$K:Q$_$=$&$G$9!#(B

