From owner-doc-jp@jp.freebsd.org  Tue Jan 30 13:53:30 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id NAA32476;
	Tue, 30 Jan 2001 13:53:30 +0900 (JST)
	(envelope-from owner-doc-jp@jp.FreeBSD.org)
Received: from research.gate.nec.co.jp (research.gate.nec.co.jp [202.247.6.217])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id NAA32466
	for <doc-jp@jp.freebsd.org>; Tue, 30 Jan 2001 13:53:24 +0900 (JST)
	(envelope-from hino@nwk.cl.nec.co.jp)
Received: from leek.nwk.cl.nec.co.jp (IDENT:PbBqy7jY6pK+Vy+sZBYaR4TQnqEE0wcv@leek.nwk.cl.nec.co.jp [10.56.32.7]) by research.gate.nec.co.jp (8.9.3+3.2W/000323) with ESMTP id NAA15918 for <doc-jp@jp.freebsd.org>; Tue, 30 Jan 2001 13:53:20 +0900 (JST)
Received: from localhost by leek.nwk.cl.nec.co.jp (8.11.0/NWKM20000322) with ESMTP
	id f0U4rKE13904 for <doc-jp@jp.freebsd.org>; Tue, 30 Jan 2001 13:53:20 +0900 (JST)
To: doc-jp@jp.freebsd.org
From: hino@ccm.cl.nec.co.jp
X-In-Reply-To: susumu@wakabaya.net's message of
	"Tue, 30 Jan 2001 13:39:30 +0900"
In-Reply-To: <87u26h64cd.wl@jazz.wakabaya.net>
References: <87u26h64cd.wl@jazz.wakabaya.net>
X-Mailer: Mew version 1.93 on Emacs 19.34 / Mule 2.3 (SUETSUMUHANA)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Message-Id: <20010130135319B.hino@nwk.cl.nec.co.jp>
Date: Tue, 30 Jan 2001 13:53:19 +0900
X-Dispatcher: imput version 980905(IM100)
Lines: 28
Reply-To: doc-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: doc-jp 7961
Subject: [doc-jp 7961] Re: ANNOUNCE: FreeBSD Security Advisory: FreeBSD-SA-01:08.ipfw
Errors-To: owner-doc-jp@jp.freebsd.org
Sender: owner-doc-jp@jp.freebsd.org
X-Originator: hino@nwk.cl.nec.co.jp

>> On Tue, 30 Jan 2001 13:39:30 +0900, susumu@wakabaya.net ($B<cNS(B $B?J(B) said:
H> (ipfw $BFbIt$N=hM}J}K!$NOC(B?)
:> $B$@$H;W$$$^$9(B. 
:> ipfw-4.x.patch $B$r$_$k$H(B
:> 	-#define IP_FW_TCPF_ESTAB       0x40
:> $B$H$$$&9T$H(B
:> 	+#define        TH_ECE  0x40
:> $B$H$$$&9T$,$"$j$^$9(B. 
:> $B$I$C$A$b(B 0x40 $B$G$+$V$C$F$$$^$9(B. $BB?J,(B, overload $B$O$3$N$3$H$r;X$7$F$$$k(B
:> $B$s$G$O$J$$$+$H(B. 
:> (TCP $B$N%U%#!<%k%I$N0lIt$r(Bipfw $B$,>!<j$K(B established $B$N%U%i%0$H$7$F;H$C(B
:> $B$F$$$?$,(B, $B<B:]$K$O30It$+$i$=$N%U%i%0$,%;%C%H$5$l$F$d$C$F$/$k%Q%1%C%H$,(B
:> $B$"$k$N$GAGDL$7!D$H$$$&$3$H$G$O$J$$$+$H(B)

$B$J$k$[$I!"$3$l$OM}$K$+$J$C$F$^$9$M!#(B

:> $B$H$3$m$G(B, 
H> ipfw $B$*$h$S(B ip6fw $B$O(B, ECE $B%U%i%0$N%;%C%H$5$l$?$9$Y$F$N%Q%1%C%H$r(B
H> TCP $B@\B3$r3NN)$7$h$&$H$9$k%Q%1%C%H$N0l$D$H$7$F07$$$^$9(B.  
:> established $B$O(B, $B3NN)$7$h$&$H$9$k%Q%1%C%H$@$1$G$J$/$9$G$K3NN)$7$F$$$k(B
:> $B%;%C%7%g%s$N%Q%1%C%H$b4^$`$H;W$$$^$9(B. 

(ipfw$B$NCN<1$O$"$^$jL5$/$F!"$I$A$i$+$H$$$&$H(BCISCO$B%k!<%?$N%"%/%;%9%U%#%k(B
$B%?$NCN<1$7$+$J$$$s$G$9$,(B) established$B$OC18l$,<($9DL$j!V%;%C%7%g%s3NN)(B
$B:Q!W$N%Q%1%C%H$r<1JL$9$k$?$a$N=$>~;R$G$"$C$F!"%;%C%7%g%s$r3NN)$7$h$&$H(B
$B$9$k%Q%1%C%H$O4^$^$J$$$N$,@5$7$$$N$G$O$J$$$G$7$g$&$+!#(B

$BF|Ln(B
