From owner-FreeBSD-users-jp@jp.FreeBSD.org Tue Jul 27 09:44:38 2004
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) id i6R0icQ04984;
	Tue, 27 Jul 2004 09:44:38 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from smtp1.dti.ne.jp (smtp1.dti.ne.jp [202.216.228.36])
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) with ESMTP/inet id i6R0ib804978
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Tue, 27 Jul 2004 09:44:37 +0900 (JST)
	(envelope-from daisaito@lares.dti.ne.jp)
Received: from [127.0.0.1] (p233.akuma.jp [211.19.48.233]) by smtp1.dti.ne.jp (3.08s) with ESMTP id i6R0iZNI012887;Tue, 27 Jul 2004 09:44:37 +0900 (JST)
From: SAITO Masaru <daisaito@lares.dti.ne.jp>
To: FreeBSD-users-jp@jp.FreeBSD.org
In-Reply-To: <040726154948.M0160700@ushida.msa.biglobe.ne.jp>
References: <040726154948.M0160700@ushida.msa.biglobe.ne.jp>
Message-Id: <20040727092450.F02D.DAISAITO@lares.dti.ne.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
X-Mailer: Becky! ver. 2.11.02 [ja]
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Tue, 27 Jul 2004 09:44:35 +0900
X-Sequence: FreeBSD-users-jp 80276
Subject: [FreeBSD-users-jp 80276] Re: firewall
 =?ISO-2022-JP?B?GyRCRmJJdCROGyhC?= ftp server (Windows,Warftpd)
 =?ISO-2022-JP?B?GyRCJHI4eDMrJDkka0p9SyEbKEI=?= 
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: daisaito@lares.dti.ne.jp
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+040717

$Bc7F#!w2#IM$G$9!#(B

202004/07/26 15:49:51 $B$4$m(B
Jun USHIDA <ushida@msa.biglobe.ne.jp> $B$5$s$O(B
"[FreeBSD-users-jp 80261] firewall $BFbIt$N(B ftp server (Windows,Warftpd) $B$r8x3+$9$kJ}K!(B "$B$N7o$K$D$$$F(B
$B0J2<$N$h$&$K=q$-$^$7$?(B

> 
> $B5mED$H?=$7$^$9!#(B
> 
> firewall $BFbIt$N(B ftp server (172.26.168.1)$B$O(B 
> Windows 2000 $B$G(B War ftpd ver. 1.82.0.7 $B$,F0:n$7$F$$$^$9!#(B
> (ftp server$B$NF0:n3NG'<+BN$O(B firewall $BFbIt$NB>$N%[%9%H$+$i%F%9%H:Q$G$9!#(B)
> 
> firewall $B$O(B FreeBSD 4.10-STABLE(5$B7nKv(B) $B$G(B, IPfilter + ipnat $B$G(B
> $B<B8=$7$h$&$H$7$F$$$^$9(B
> $B%F%9%H$N$?$a!"(Bipf $B$N@_Dj$OA4ItDL$9$3$H$K$7$F!"$^$:!"(BNAT$B$N@_Dj$r$7$^$7$?!#(B
> $B30It$+$iFbIt$N(B Windows2000 $B$X$N(B VNC $B$K$h$k@\B3$O(B rdr $B$G<B8=$G$-$^$7$?!#(B
> $B30It$+$iFbIt$N(B Windows2000 $B$X$N(B ftp $B$K$h$k@\B3$O(B ftp $B$N(B 21$BHV(B port $B$K$D$$$F$O(B
> rdr $B$G<B8=$G$-$^$7$?!#(B($B$3$3$G$O(Bfirewall $B$N(B 3000$BHV$r(B redirect $B$7$F$$$^$9!#(B)
> 
> ------  /etc/ipnat.rules $B$3$3$+$i(B -----------------------------------------
> # For War ftpd 
> rdr fxp0 0/0 port 3000 -> 172.26.168.1 port 21 tcp/udp
> ------  /etc/ipnat.rules $B$3$3$^$G(B -----------------------------------------
$B;d$N4D6-$G$O!"0J2<$N5-=R$G(BOK$B$G$7$?!#(B
rdr tun0 0/0 port 21 -> ftp-server port 21
rdr tun0 0/0 port 20 -> ftp-server port 20

$B$?$@$7!";d$N4D6-$G$O!"(Bftp-server$B$O(Bproftpd+tcpserver$B$J$N$G(B
$B$3$N@_Dj$G$O$&$^$/$$$+$J$$$+$b$7$l$^$;$s!#(B
$B$^$?!"%k!<%?$G(Bppp+ipf+ipnat$B$H$J$C$F$$$k$?$a(Binterface$B$,(Btun0$B$K(B
$B$J$C$F$$$^$9!#(B

$B$A$J$_$K$3$N>l9g(Bactive mode$B$G$O$&$^$/$$$-$^$9$,!"(B
passive mode$B$G$O$&$^$/$$$-$^$;$s!#(B



$B$H!"$3$3$^$G=q$$$F$A$g$C$H5$$K$J$C$?;v$,!#!#(B
> $B30It$+$iFbIt$N(B Windows2000 $B$X$N(B ftp $B$K$h$k@\B3$O(B ftp $B$N(B 21$BHV(B port $B$K$D$$$F$O(B
> rdr $B$G<B8=$G$-$^$7$?!#(B($B$3$3$G$O(Bfirewall $B$N(B 3000$BHV$r(B redirect $B$7$F$$$^$9!#(B)

3000$BHV(Bport$B$G$O$J$/IaDL$K(B21$BHV(Bport$B$r;H$C$F$_$^$7$?$+!)(B
$BIaDL$N(BFTP$B%/%i%$%"%s%H$,$I$&F0$/$+$H$$$&;v$OCN$j$^$;$s$,!"(B
[$B%3%^%s%I(BPORT - 1]$B$,(Bftp-data port$B$K$J$k$N$G$O$J$$$G$7$g$&$+!)(B(active mode$B;~(B)
$B$J$N$G$3$N>l9g$O!"(B
rdr tun0 0/0 port 2999 -> ftp-server port 20
$B$H$7$F$_$?$i$&$^$/$$$/!"!"!"2DG=@-$O$"$k$H;W$$$^$9!#(B
# $B$C$F$$$&$+$^$:$OIaDL$K(B21,20$BHV(Bport$B$G@.8y$7$F$+$iJL(BPORT
# $B$G<B83$7$^$7$g$&$h!#!#(B


---
SAITO Masaru <daisaito@lares.dti.ne.jp>


