From owner-FreeBSD-users-jp@jp.freebsd.org  Thu Jul 17 14:50:15 1997
Received: by jaz.jp.freebsd.org (8.8.6+2.7Wbeta5/8.7.3) id OAA26918
	Thu, 17 Jul 1997 14:50:15 +0900 (JST)
Received: by jaz.jp.freebsd.org (8.8.6+2.7Wbeta5/8.7.3) with ESMTP id OAA26911
	for <FreeBSD-users-jp@jp.freebsd.org>; Thu, 17 Jul 1997 14:50:13 +0900 (JST)
Received: from kiri.toba-cmt.ac.jp (localhost [127.0.0.1])
	by kiri.toba-cmt.ac.jp (8.8.5/8.8.5) with ESMTP id OAA04653
	for <FreeBSD-users-jp@jp.freebsd.org>; Thu, 17 Jul 1997 14:50:15 +0900 (JST)
Message-Id: <199707170550.OAA04653@kiri.toba-cmt.ac.jp>
To: FreeBSD-users-jp@jp.freebsd.org
From: KIRIYAMA Kazuhiko <kiri@kiri.toba-cmt.ac.jp>
In-Reply-To: Your message of "Wed, 16 Jul 1997 15:18:22 +0900"
References: <199707160618.PAA04140@hirose.tohoku.iij.ad.jp>
X-Mailer: Mew version 1.70 on Emacs 19.28.1 / Mule 2.3
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Date: Thu, 17 Jul 1997 14:50:15 +0900
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: bulk
X-Distribute: distribute [version 2.1 (Alpha) patchlevel=19]
X-Sequence: FreeBSD-users-jp 16010
Subject: [FreeBSD-users-jp 16010] Re: Can't setup FireWall.
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org

$B6M;3!s(BNetworking15$B5i(B($B!)(B) $B$G$9!#(B

rc.conf $B$G(B firewall="open" $B$G$H$j$"$($:%M%C%H%o!<%/$,7R$,$C$F$$$k$3$H(B
$B$O3NG'$G$-$^$7$?!#$G0l$D5?Ld$J$s$G$9$,!"0l1~(B open $B$J$s$GA4$F$N%Q%1%C%H(B
$B$ODL$k$H;W$&$s$G$9$,!"%U%!%$%"%&%)!<%kFb$N%/%i%$%"%s%H$+$i30It$N%[%9%H(B
$B$X$O7R$,$i$J$$$G$9$M!#(B

$B%M%C%H%o!<%/$O0J2<$N$h$&$J9=@.$K$J$C$F$^$9!#(B

        +-------------+ 
        | Name Server |
        +------+------+                [Domain name : toba-cmt.ac.jp]
               |202.26.249.1(twingm)
               |
---------------+------------+--------------------------- 202.26.249.0 
                            |
                            |202.26.249.254
                     +------+------+ 
                     |    Router   +-----> Internet
                     +------+------+
                            |202.26.248.254
                            |
---------------------+------+--------------------------- 202.26.248.0 
                     |                            
                     |202.26.248.77(kazu)
              +------+------+
              |  FireWall   |                 [Sub domain name : pis]
              +------+------+
                     |192.168.1.1(firewall)
            +--------+-----------+
 192.168.1.2|(server)            |192.168.1.129(kiriyama)
     +------+------+      +------+------+ 
     |   Server    |      |   Client    |
     +-------------+      +-------------+
                                        
$B$G!":#(B FireWall $B0J2<$N@_Dj$r9T$J$C$F$$$k$H$3$m$G$9!#<B$O$^$@(B Client $B$O(B
$B7R$2$F$$$^$;$s(B($B$3$N%^%7%s$O(B 202.26.248$B$ND>2<$K$"$j8=:_$3$N%^%7%s$+$i%a!<(B
$B%k$7$F$^$9(B)$B!#LdBj$O(B Server $B$+$i(B FireWall $B$r2p$7$G30It$X8+$K$$$1$J$$$3(B
$B$H$G$9!#$H$j$"$($:(B Server $B$+$i(B ping 202.26.248.254 $B$H$d$C$F$b$=$N$^$^(B
$B8G$^$C$F$7$^$$$^$9!#(B

        % ping 202.26.248.254
        PING 202.26.248.254 (202.26.248.254): 56 data bytes
        ^C
        --- 202.26.248.254 ping statistics ---
        3 packets transmitted, 0 packets received, 100% packet loss

Server $B$N(B /etc/rc.conf $B$O$H$j$"$($:0J2<$N$h$&$K$7$F$$$^$9!#(B

hostname="server.pis"		# Set this!
nisdomainname="NO"		# Set to NIS domain if using NIS (or NO).
firewall="NO"			# firewall type (see /etc/rc.firewall) or NO.
tcp_extensions="YES"		# Allow RFC1323 & RFC1544 extensions (or NO).
network_interfaces="ep0 lo0"	# List of network interfaces (lo0 is loopback).
ifconfig_ep0="inet 192.168.1.2  netmask 255.255.255.0"
ifconfig_lo0="inet 127.0.0.1"	# default loopback device configuration.
:
defaultrouter="192.168.1.1"		# Set to default gateway (or NO).
static_routes=""		# Set to static route list (or leave empty).
gateway_enable=""		# Set to YES if this host will be a gateway.
router_enable="YES"		# Set to YES to enable a routing daemon.
router="routed"			# Name of routing daemon to use if enabled.
router_flags="-q"		# Flags for routing daemon.

$B$H$j$"$($:$3$l$@$1$N>pJs$G2?$,$o$+$k$+$o$+$j$^$;$s$,!"D9$/$J$k$N$GI,MW(B
$B$J>pJs$O$=$NETEY8f;XE&D:$1$l$P$"$j$,$?$$$G$9!#(B

$B!t(B DNS $B$N@_Dj$O$H$j$"$($:$G$-$^$7$?(B^_^ $BFbIt(B/$B30It%M%C%H%o!<%/$O<+M3$KL>(B
$B!t(B $BA0$G8+$K9T$1$^$9(B(routed$B%G!<%b%s$O%(%i%$(B!)
------------------------------------------------------------------------
$B6M;3OBI'(B <kiri@kiri.toba-cmt.ac.jp>                 $BD;1)>&A%9bEy@lLg3X9;(B
                                                          $BEE;R5!3#9)3X2J(B
