From owner-FreeBSD-users-jp@jp.freebsd.org  Tue Oct 14 22:10:15 1997
Received: by jaz.jp.freebsd.org (8.8.7+2.7Wbeta7/8.7.3) id WAA09013
	Tue, 14 Oct 1997 22:10:15 +0900 (JST)
Received: by jaz.jp.freebsd.org (8.8.7+2.7Wbeta7/8.7.3) with SMTP id WAA09007
	for <FreeBSD-users-jp@jp.freebsd.org>; Tue, 14 Oct 1997 22:10:13 +0900 (JST)
Received: by canongate.in.canon.co.jp (4.1/2.7W)
	id AA20355; Tue, 14 Oct 97 22:10:12 JST
Received: from canongw(150.61.8.7) by canongate via smap (V1.3)
	id sma020240; Tue Oct 14 22:08:52 1997
Received: from snsh1.cks.canon.co.jp (root@snsh1.cks.canon.co.jp [150.61.111.44]) by canongw.cecn.canon.co.jp (8.8.5/3.5W) with ESMTP id WAA20886 for <FreeBSD-users-jp@jp.freebsd.org>; Tue, 14 Oct 1997 22:10:08 +0900 (JST)
Received: from snsh1.cks.canon.co.jp by snsh1.cks.canon.co.jp (8.8.4/3.4W4-06/10/96)
	id WAA05745; Tue, 14 Oct 1997 22:08:50 +0900 (JST)
Message-Id: <199710141308.WAA05745@snsh1.cks.canon.co.jp>
To: FreeBSD-users-jp@jp.freebsd.org
From: "K.[NAO-NAO].Kawai" <kawai@cks.canon.co.jp>
In-Reply-To: Your message of "Tue, 14 Oct 1997 21:58:18 +0900"
References: <9710141258.AA00022@dec.toyama.hkr.ntt.co.jp>
X-Mailer: Mew version 1.68 on Emacs 19.28.1 / Mule 2.3
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Date: Tue, 14 Oct 1997 22:08:49 +0900
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: bulk
X-Distribute: distribute [version 2.1 (Alpha) patchlevel=20]
X-Sequence: FreeBSD-users-jp 19291
Subject: [FreeBSD-users-jp 19291] Re: FreeBSD2.2.2
	=?ISO-2022-JP?B?GyRCJEchIiVAJSQlIiVrJSIlQyVXJTUhPCVQOT1DWyEqGyhC?=
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org

$B$+$o$$!w$-$d$N$s(B

From: yamagishi hiroshi <hero-yam@toyama.hkr.ntt.co.jp>
Subject: [FreeBSD-users-jp 19290] FreeBSD2.2.2$B$G!"%@%$%"%k%"%C%W%5!<%P9=C[!*(B
Date: Tue, 14 Oct 1997 21:58:18 +0900

$B$d(B>$B;34_!w(BNTT$BIY;3;YE9(B $B$G$9!#(B
$B$d(B>$BBjL>$NDL$j!"(BFreeBSD2.2.2$B$G!"%@%$%"%k%"%C%W%5!<%P9=C[$r9M$($F$$$^$9!#(B
$B$d(B>$B<B:]$K!"9=C[$5$l$F$$$kJ}!"$<$R$=$N$d$jJ}$r65$($F$$$?$@$1$^$;$s$+!)(B

$B$3$N$"$$$@(B ppp $B%5!<%P$r$D$/$C$F$_$?;~$N(B log
PPP server $B$r:n$k$?$a$K!#(B
	1.FreeBSD-2.2.2 $B$N(B INSTALL
		$B%N!<%H$@$C$?$+$i(B
		PAO $BMQ$K(B kernel reconfig
	2.$B7gHV(B
	3./etc/rc.conf $B$G(B
		gateway_enable="YES"		# Set to YES if this host will be a gateway.
			slave $B$K!"(BIPforwarding $B$9$k@_Dj!#(B
			$B$3$l$K$h$j(B /etc/rc.network $B$G!"(B
				sysctl -w net.inet.ip.forwarding=1
			$B$,<B9T$5$l$k(B
	4.login user$B:n@.(B
		ppp/xxxxxx
			login shell $B$r(B/usr/local/bin/pppstart $B$K(B
		pppstart$B$NCf?H(B
			#!/bin/sh
			/usr/sbin/ppp -direct
		ppp$B$K$h$kG'>Z$r$7$h$&$9$k$?$a$K!#(B
		/usr/local/bin/ppplogin
		ppplogin$B$NCf?H(B
			#!/bin/sh
			/usr/sbin/ppp -direct chap
		$B!&(Bchap$B$G$b!"(Bpap$B$G$b9%$-$JJ}$r!#(B
	5.ppp $B$N@_Dj(B
		/etc/ppp/ppp.conf
		
		default:
		 set device /dev/cuaa0
		 set speed 115200
		 set timeout 300
		 set ifaddr 10.0.0.33/32 10.0.0.54/32 255.255.255.0
		 disable lqr
		 deny lqr
		# set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" ATE1Q0 OK-AT-OK \\dATDT\\T TIMEOUT 40 CONNECT"
		##       
		## Don't keep Alive with ICMP,DNS and RIP packet
		##
		# set afilter 0 deny icmp
		# set afilter 1 deny udp src eq 53
		# set afilter 2 deny udp dst eq 53
		# set afilter 3 deny udp src eq 520
		# set afilter 4 deny udp dst eq 520
		# set afilter 5 permit 0/0 0/0
		##
		## Don't dial with ICMP packet
		##
		# set dfilter 0 deny icmp
		# set dfilter 1 permit 0/0 0/0
		#
		# Allow ident packet pass through
		#
		 set ifilter 0 permit tcp dst eq 113
		 set ofilter 0 permit tcp src eq 113
		#
		# Allow pop/pop3 connection to Ours
		#
		 set ifilter 1 permit tcp dst eq 109
		 set ofilter 1 permit tcp src eq 109 estab
		 set ifilter 2 permit tcp dst eq 110
		 set ofilter 2 permit tcp src eq 110 estab
		#
		# Allow DNS connection to the Ours
		#
		 set ifilter 3 permit udp dst eq 53
		 set ofilter 3 permit udp src eq 53
		 set ifilter 4 permit tcp dst eq 53
		 set ofilter 4 permit tcp src eq 53
		#
		# Allow ping and traceroute response
		#
		 set ifilter 5 permit icmp
		 set ofilter 5 permit icmp
		 set ifilter 6 permit udp dst gt 33433
		 set ofilter 6 permit udp dst gt 33433
		#
		# Allow pop3pw connection to Ours
		#
		 set ifilter 7 permit tcp dst eq 106
		 set ofilter 7 permit tcp src eq 106 estab
		#
		# Allow telnet to eagle
		#
		 set ifilter 8 permit 0.0.0.0/0 10.0.0.3/32 tcp dst eq 23
		 set ofilter 8 permit 10.0.0.3/32 0.0.0.0/0 tcp src eq 23 estab
		#
		# Allow http connection to Ours
		#
		 set ifilter 9 permit tcp dst eq 80
		 set ofilter 9 permit tcp src eq 80 estab
		##
		## If none of above rules matches, then packet is blockd.
		##

		chap:chap:
		 enable chap
		# disable chap
		# enable pap
		 disable pap
		# accept chap
		# accept pap
		# enable passwdauth
		# disable vjcomp
		# disable lqr
		# disable pred1
		 set debug phase chat lcp lqm

		pap:
		 disable chap
		 enable pap
		 disable vjcomp
		 disable lqr
		 disable pred1
		 set debug phase chat lcp lqm

		$B!&(Bfilter 8 $B$,!"FCDj$N(B host $B$KBP$9$k(B telnet $B$N5v2D@_Dj!#(B
			ifilter $B$N(B src $BB&(B IP $B$H!"(Bofilter $B$N(B dst $BB&(B IP $B$b;XDj$7$F$*$$$F$b$$$$$+$b!#(B
		$B!&(Bfilter 9 $B$O!"(BWWW$B$r5v2D$9$k@_Dj!#(B

		/etc/ppp/ppp.secret$B$N@_Dj(B

		##################################################
		# Sysname	Secret Key	Peer's IP address
		#
		# $Id: ppp.secret.sample,v 1.2 1995/02/26 12:16:37 amurai Exp $
		#
		##################################################
		ppp	password	10.0.0.54/32

		$B!&$3$3$G!"(Bclient $BB&%"%I%l%9$r5-:\!#(B
	6.$B7gHV(B
	7.gettytab $B$N@_Dj(B
		host $BL>$J$I$O=P$7$?$/$J$$$+$i!"(Bim $B$OL5$7!#(B
		$B%b%G%`$O=i4|(B bps $B$r!"EE8;$r@Z$C$F$b3P$($F$$$kJ*$G$J$$$H%@%a!#(B
		sp $B$K@_Dj$9$k(B bps $B$r!"3P$($3$^$;$F$*$/!#(B
		ppp.115200:\
			:cb:ce:ck:lc:fd#1000:im=:\
			:np:sp#115200:pp=/usr/local/bin/ppplogin

		ppp packet $B$r<u$1<h$C$?$i!"(Bppplogin $B$r5/F0$7$F!"(Bppp $B$KG'>Z$rG$$;$k!#(B
		win95 $B$"$$$F$G$O!"(Bchap/pap $B$I$C$A$b;H$($k$h$&$@$1$I!"(Bchap$B$NJ}$,G'>Z;~4V$,C;$$5$$,$9$k!#(B
	8./etc/ttys
		root access$B$7$J$$$N$G!"(Bsecure $B$K$O$7$J$$!#(B
		ttyd0	"/usr/libexec/getty ppp.115200"	unknown	on
