From owner-FreeBSD-users-jp@jp.FreeBSD.org Tue Mar  1 19:20:54 2005
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) id j21AKsm05853;
	Tue, 1 Mar 2005 19:20:54 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from ns.dcmp.co.jp (ns.dcmp.co.jp [210.160.212.218])
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) with SMTP/inet id j21AKs805848
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Tue, 1 Mar 2005 19:20:54 +0900 (JST)
	(envelope-from narita@dcmp.co.jp)
Received: (qmail 94331 invoked from network); 1 Mar 2005 10:21:00 -0000
Received: from 009.fukui.dcmp.co.jp (HELO ?192.168.0.159?) (192.168.0.159)
  by ns.dcmp.co.jp with SMTP; 1 Mar 2005 10:21:00 -0000
Mime-Version: 1.0 (Apple Message framework v619.2)
In-Reply-To: <200503010852.AA00293@polymer5.scphys.kyoto-u.ac.jp>
References: <2d7349228e6c463b79b644c427e513dc@dcmp.co.jp> <200503010852.AA00293@polymer5.scphys.kyoto-u.ac.jp>
Content-Type: text/plain; charset=ISO-2022-JP; format=flowed
Message-Id: <1d6ca2304fc1becbf8c94aec438edbc6@dcmp.co.jp>
Content-Transfer-Encoding: 7bit
From: =?ISO-2022-JP?B?GyRCQC5FRCEhN0kbKEI=?= <narita@dcmp.co.jp>
To: FreeBSD-users-jp@jp.FreeBSD.org
X-Mailer: Apple Mail (2.619.2)
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Tue, 1 Mar 2005 19:20:52 +0900
X-Sequence: FreeBSD-users-jp 83166
Subject: [FreeBSD-users-jp 83166] Re: NAT+ =?ISO-2022-JP?B?GyRCNEobKEI=?=
 =?ISO-2022-JP?B?GyRCMFcbKEI=?= DMZ
 =?ISO-2022-JP?B?GyRCO34kThsoQg==?= IPFW 
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: narita@dcmp.co.jp
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+041223

$B$3$s$K$A$O!A!"@.ED!w(BDC&MP$B$G$9!#(B


> FTTH$B$G$I$N$h$&$K@\B3$7$F$$$k$N$+$h$/CN$i$J$$$N$G$9$,!"(Bpcn1$B$K$O%0%m!<%P%k$J(B
> IP address$B$,?6$i$l$F$$$F!"2?$+$G%i%C%T%s%0$5$l$F$$$k$3$H$O$J$$$N$G$9$h$M!)(B

$B:FEYMn$ACe$$$F!"F,$r@Z49$($F3NG'$7$F$_$^$7$?!#(B
FTTH$B$X$O(B /usr/sbin/ppp $B$r;HMQ$7$F(B PPPoE $B@\B3$7$F$$$^$9$N$G(BIP$B$O?6$i$l$F$$$J$$>uBV$G$9$M!D!#(B
$B$=$&9M$($k$H!"(Bpcn1$B$O%G%P%$%9$H$7$F<B:]$K$O;HMQ$5$l$F$$$J$$!D$H$$$&$3$H$J$N$+$J!)!)(B

pcn1: flags=88c3<UP,BROADCAST,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1454
         ether xx:xx:xx:xx:xx:xx
         media: Ethernet autoselect (100baseTX <full-duplex>)
         status: active
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1454
         inet xxx.xxx.xxx.xxx --> yyy.yyy.yyy.yyy netmask 0xffffffff
         Opened by PID 56
$B!J(Bxxx.xxx.xxx.xxx$B$O6!M?$5$l$F$$$k8GDj%0%m!<%P%k(BIP$B$N%M%C%H%o!<%/It!"(Byyy.yyy.yyy.yyy$B$O%W%m%P%$%@!<$N(BIP$B!K(B

/etc/ppp/ppp.conf $B$G$OFC$K%i%C%T%s%0$r$7$F$$$J$$$N$G$9$,!"(B ppp(8) $B$K$h$k$H<+F0E*$K(B tun $B%G%P%$%9$r(B
$B:n$k$N$G!"(B PPP $B$r;HMQ$7$?DL?.$r$7$?$1$l$P!"$=$l$r(B natd $B$,;HMQ$9$k;v$K$J$j$^$9$h$M!)(B

$B$H$3$3$^$G=q$$$F;W$C$?$N$G$9$,!"$=$N(B tun $B%G%P%$%9$r;HMQ$9$k$H$$$&;v$O(B IPFW $B$+$i$O%G%P%$%9$H$7$F$N(B
pcn1 $B$O40A4$KL5;k$5$l$F$$$kMM$J5$$,7c$7$/$7$F$-$?!D!#!JBl4@(B


> $B$b$7$+$7$F!"K\Ev$K$=$s$J%Q%1%C%H$O(BFTTH$BB&$+$iFO$$$F$$$J$$$@$1!"$H$$$&$3$H$O(B
> $B$J$$$N$G$7$g$&$+!)(BLAN$B$+$i$NJ,$@$1$,(B1000$B9TL\$G$R$C$+$+$C$F$$$k$H$+!#(B

$B$"!"$3$l$O(B /var/log/security $B$GFbIt$N%Q%1%C%H$G$OL5$$;v$r3NG'$7$^$7$?!#(B

> $B$H$3$m$G!">e$NNc$G$O!"DL>o$N(Bnat$B$H$I$&0c$&$N$G$7$g$&$+(B...
> natd$B$N5/F0%*%W%7%g%s$J$I$O$I$&$J$N$G$7$g$&!)(B tun0$B$C$F!"$3$s$J$H$3$m$G;H$&$s$G$7$?$C$1!)(B
> # $BM}2rITB-$J$i$4$a$s$J$5$$!#(B

$B$$$($$$(!"$3$A$i$bA4$FM}2r$7$F$d$C$F$$$kLu$G$O$J$$$N$G$*5$$K$J$5$i$:!#(B
/etc/rc.conf $B$G$O(B ppp $B$,:n$C$?(B tun $B$rMxMQ$9$k!J$H;W$&!K$N$G(B
natd_enable="YES"
natd_interface="tun0"
natd_flags="-f /etc/natd.conf -dynamic"
$B$H$7$F$$$^$9!#!J8GDj(BIP$B$J$N$G(B -dynamic$B$OITMW$+$H;W$$$^$9$,!D8+JV$7$?$i;D$C$F$^$7$?!K(B

$B$$$m$s$JM}M3$+$i!"K\Mh$J$i$P2<5-$NMM$K$7$?J}$,$$$$$s$G$7$g$&$,!":#2s$O4J0W(BDMZ$B$H8@$&;v$G!D!#(B

       FTTH
        |
+------+--------+
|  $B30It%k!<%?!<(B  |
+------+--------+
        |
     DMZ$BCOBS(B
        |
+------+--------+
|$BFbIt(BNAT$B%k!<%?!<(B |
+------+--------+
        |
     LAN$B4D6-(B

$B$H!"<+8J407k$K6a$$$N$G$9$,!"(B PPPoE(ppp) $B$H(B natd $B$r;HMQ$9$k0J>e!"(Bipfw $B$N@_Dj$G$O(B
tun0 $B$r;XDj$7$J$$$H$$$1$J$$MM$J5$$,$7$F$$$^$9$,!"!V%*%^%$4*0c$$$7$F$$$k$>$C!*!W$H(B
$B$$$&0U8+$J$I$b$"$j$^$7$?$i$h$m$7$/$*4j$$$7$^$9!#(B

$B!t(B $B;THN$N%k!<%?!<$@$HFC$K2?$b9M$($J$/$F9=C[$G$-$k$s$G$7$g$&$,!"$=$l$@$H(B
$B!t(B FreeBSD$B$r;H$C$F$$$m$$$m9=C[$9$k0UL#$,L5$/$J$C$F$7$^$&$N$G!D!#(B
$B!t(B $BA4It;THN$NJ*;H$($P(BOK$B$J$C$A$c$$$^$9$7!"30Cm$K$*4j$$$7$F$*=*$$$K$b!#(B


                                                   . .
------------------------------------------------w--U--w----------

$B@.ED!w(BDC&MP  ( narita@dcmp.co.jp )

