From owner-FreeBSD-users-jp@jp.FreeBSD.org Sat Aug  6 10:13:28 2005
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) id j761DSH02346;
	Sat, 6 Aug 2005 10:13:28 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from web3101.mail.bbt.yahoo.co.jp (web3101.mail.bbt.yahoo.co.jp [202.93.84.232])
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) with SMTP/inet id j761DRI02338
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Sat, 6 Aug 2005 10:13:27 +0900 (JST)
	(envelope-from pc_unix777@yahoo.co.jp)
Received: (qmail 72783 invoked by uid 60001); 6 Aug 2005 01:13:21 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
  s=yj20050223; d=yahoo.co.jp;
  h=Message-ID:Received:Date:From:Subject:To:MIME-Version:Content-Type;
  b=ek5miDTg/FlGh4ReFTqsIpxR6rvenw7nqKRgIZ6qWPy6Wn4VkgLKnzmsV4R+9p/S+9rUmP2Nwc6TwNqGM+j7HCA+dn6ZFSnfntBcGOEoQzpa2QZ6OKfO97Wsl3/qttGq  ;
Message-ID: <20050806011321.72781.qmail@web3101.mail.bbt.yahoo.co.jp>
Received: from [210.138.43.136] by web3101.mail.bbt.yahoo.co.jp via HTTP; Sat, 06 Aug 2005 10:13:21 JST
From: =?ISO-2022-JP?B?GyRCQ2ZAbhsoQiAbJEJCQBsoQg==?= <pc_unix777@yahoo.co.jp>
To: FreeBSD-users-jp@jp.FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-2022-jp
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Sat, 6 Aug 2005 10:13:21 +0900
X-Sequence: FreeBSD-users-jp 86459
Subject: [FreeBSD-users-jp 86459] FreeBSD5.4
 =?ISO-2022-JP?B?GyRCJEskaCRrJWshPCU/OT1DWyRLJEQkJCRGGyhC?= 
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: pc_unix777@yahoo.co.jp
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+050320

$B$O$8$a$^$7$FCf@n$G$9!#(B
$B@hF|;THN%k!<%?$,8N>c$7!"%U%l%C%D(BADSL$B>u672<$G%N!<%H(BPC$B$K$F(B
$B%k!<%?9=C[$r;n$_$F$$$k<T$G$9$,!"(BLAN$BFb%/%i%$%"%s%H(BPC$B$+$i(BWEB
$B1\Mw$,=PMh$:!"$^$?F1(BPC$B$+$i(BWAN$B$X(Bping$B$bDL$j$^$;$s!#2<5-$h(B
$B$j%+!<%M%k%3%s%U%#%0$d3F<o@_Dj%U%!%$%k!"$^$?2<L>4D6-$r5-(B
$B:\$7$^$9$N$G!"2r7h$^$G$*IU$-9g$$$NDx$r$*4j$$$7$^$9!#(B

$B#1!%2<L>4D6-(B
$B!]%k!<%?5!K\BN!](B
PC$B!'(BThinkpadA30
NIC1:$B!!(Bfxp0$B!!(B#$B%b%G%`@\B3MQ!J(Btun0$B$K;HMQ!K(B
NIC2:$B!!(Bre0$B!!(B#LANPC$B$N(Bgateway$B$^$?$O(BLAN$BFbMQ(B

NIC1$B$N%0%m!<%P%k(BIP$BEy$N@_Dj$O2<5-$NMM$K2>Dj$7$^$9!#(B
IP$B%"%I%l%9!'(B200.201.202.203$B!!(B#$B<+F0<hF@$G$9$,(BISP$B$h$j8GDj(B
$B%"%I%l%9$G$9!#(B
DNS$B%5!<%P!'(B200.201.202.204$B!!(B#$B<+F0<hF@$G$9!#(B
gateway$B!'(B200.201.202.205$B!!!!(B#$B<+F0<hF@$G$9!#(B

NIC2$B$N%M%C%H%o!<%/@_Dj$O2<5-$N$H$*$j$G$9!#(B
IP$B%"%I%l%9!'(B192.168.0.254/24

$B!]B>(BLAN$BFb%/%i%$%"%s%H(BPC$B!](B
PC$B!'<+:n(B
OS$B!'(BWindows2000
IP$B%"%I%l%9!'(B192.168.0.10/24
DNS$B%5!<%P!'(B200.201.202.206$B!!(B#ISP$B$h$j;XDj$5$l$?(BDNS
gateway$B!'(B192.168.0.254

$B!]%k!<%?$N%+!<%M%k%3%s%U%#%0$d$=$NB>@_Dj>u67!](B
----------------- $B$3$3$+$i!!(B---------
$B!{%+!<%M%k%3%s%U%#%0(B
machine		i386
cpu		I486_CPU
cpu		I586_CPU
cpu		I686_CPU
ident		GENERIC

options 	SCHED_4BSD
options 	INET
options 	INET6
options 	FFS
options 	SOFTUPDATES
options 	UFS_ACL
options 	UFS_DIRHASH
options 	MD_ROOT
options 	NFSCLIENT
options 	NFSSERVER
options 	NFS_ROOT
options 	MSDOSFS
options 	CD9660
options 	PROCFS
options 	PSEUDOFS
options 	GEOM_GPT
options 	COMPAT_43
options 	COMPAT_FREEBSD4
options 	SCSI_DELAY=15000
options 	KTRACE
options 	SYSVSHM
options 	SYSVMSG
options 	SYSVSEM
options 	_KPOSIX_PRIORITY_SCHEDULING
options 	KBD_INSTALL_CDEV
options 	AHC_REG_PRETTY_PRINT
options 	AHD_REG_PRETTY_PRINT
options 	ADAPTIVE_GIANT

device		apic

# Bus support.  Do not remove isa, even if you have no isa
slots
device		isa
device		eisa
device		pci

# Floppy drives
device		fdc

# ATA and ATAPI devices
device		ata
device		atadisk
device		ataraid
device		atapicd
device		atapifd
device		atapist
options 	ATA_STATIC_ID

# SCSI peripherals
device		scbus

# atkbdc0 controls both the keyboard and the PS/2 mouse
device		atkbdc
device		atkbd
device		psm
device		vga
device		splash

# syscons is the default console driver, resembling an SCO
console
device		sc

device		agp		# support several AGP chipsets

# Floating point support - do not disable.
device		npx

# Add suspend/resume support for the i8254.
device		pmtimer

# PCCARD (PCMCIA) support
# PCMCIA and cardbus bridge support
device		cbb
device		pccard
device		cardbus

# Serial (COM) ports
device		sio

# Parallel port
device		ppc
device		ppbus
device		lpt
device		plip
device		ppi

# NOTE: Be sure to keep the 'device miibus' line in order
to use these NICs!
device		miibus
device		fxp
device		re
device		xl

# ISA Ethernet NICs.  pccard NICs included.
device		cs

# Wireless NIC cards
device		wlan
device		an
device		awi
device		wi
#device		wl

# Pseudo devices.
device		loop
device		mem
device		io
device		random
device		ether
device		sl
device		ppp
device		tun
device		pty
device		md
device		gif
device		faith
device		bpf

# USB support
device		uhci
device		ohci
device		usb
device		ugen
device		uhid
device		ukbd
device		ulpt
device		umass
device		ums
device		urio
device		uscanner

# FireWire support
device		firewire
device		sbp

##### PPPOE
options		NETGRAPH
options		NETGRAPH_ETHER
options		NETGRAPH_PPPOE
options		NETGRAPH_SOCKET

##### IPFilter
#options	TCP_DROP_SYNFIN
options		IPFILTER
options		IPFILTER_LOG
options		IPFILTER_DEFAULT_BLOCK

$B!{(B/etc/ppp/ppp.conf
default:
 set device PPPoE:fxp0
 set MRU 1454
 set MTU 1454
 set speed sync
 set log Phase Chat LCP IPCP CCP tun command
 set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0
 add default HISADDR
 
 nat enable no

 accept chap
 accept pap
 #ident user-ppp VERSION (built COMPILATIONDATE)

 enable dns				# request DNS info (for resolv.conf)

provider:
 set authname login@provider.jp
 set authkey passward

$B!{(B/etc/rc.conf$B!!!!(B#$B!!(Bipfilter$B!\(Bipnat$B$N@_Dj$G$9$,!"(BIPFirewall
$B!\(Bnatd$B$b8!F$Cf$G$9!#(B
gateway_enable="YES"
hostname="ksdj.org"
#defaultrouter="192.168.0.254"
inetd_enable="YES"
keymap="jp.106"
#linux_enable="YES"
#named_enable="YES"
usbd_enable="YES"
ifconfig_re0="inet 192.168.0.254 netmask 255.255.255.0 mtu
1454"
kern_securelevel_enable="NO"

########   Router setting
network_interfaces="fxp0 re0 tun0 lo0"
ifconfig_fxp0="media 10BaseT/UTP up"

### IPFilter + ipnat use
ipfilter_enable="YES"
ipfilter_rules="/etc/ipf.rules"
#ipfilter_flags=""

ipnat_enable="YES"
ipnat_program="/sbin/ipnat -CF -f"
ipnat_rules="/etc/ipnat.rules"
ipmon_enable_="YES"
ipmon_flags="-D /var/log/ipf.log"

### IPFirewall
#firewall_enable="YES"
#firewall_script="/etc/ipfw.nat"
#natd_enable="YES"
#natd_interface="tun0"
#natd_flags="-f /etc/natd.conf"

## PPPOE use
ppp_enable="YES"
ppp_mode="ddial"
ppp_nat="NO"
ppp_profile="provider"

$B!{(B/etc/ipnat.rules
#map fxp0 192.168.0.0/24 -> 200.201.202.203/32 portmap
tcp/udp auto
#map fxp0 192.168.0.0/24 -> 200.201.202.203/32
#map fxp0 192.168.0.0/24 -> 0/32 portmap tcp/udp auto
#map fxp0 192.168.0.0/24 -> 0/32
map tun0 192.168.0.0/24 -> 200.201.202.203/32 portmap
tcp/udp auto
map tun0 192.168.0.0/24 -> 200.201.202.203/32
rdr tun0 200.201.202.203/32 -> 192.168.0.0/24 

$B!{(B/etc/ipf.rules$B!!(B#$B$H$j$"$($::G=i$OA4$F2D$G@_Dj$7$^$9!#(B
pass in all
pass out all

-------$B!!$3$3$^$G!!(B-----------

$B>0!":#8=:_3NG'$G$-$F$$$k$3$H$O!"(BFreeBSD$B%k!<%?$h$j(BWAN$B$X$N(B
$BABDL$O3NG'$7$F$*$j$^$9!#$^$?%/%i%$%"%s%H!J(BWindows2000$B$+(B
$B$i$O(B200.201.202.203$B$^$G$O(Bping$B3NG'$G$-$F$$$^$9$,!"(BFreeBSD
$B%k!<%?$NABDL3NG':Q$_(BWAN$B%"%I%l%9$X$NABDL$,=PMh$J$$>u67$G(B
$B$9!#$^$?3F<o%O!<%I$NF0:n$bLdBj$"$j$^$;$s!#$3$N$h$&$J>u67(B
$B2<$G$9$,59$7$/$4;XE&$r$*4j$$$7$^$9!#(B

$B;2>H$7$?(BURL$B$J$I(B
http://www.fujie.org/freebsd/freebsd_router_ipfilter.html







__________________________________
Save the earth
http://pr.mail.yahoo.co.jp/ondanka/

