From owner-FreeBSD-users-jp@jp.FreeBSD.org Wed Jul 28 17:54:14 2004
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) id i6S8sEp86562;
	Wed, 28 Jul 2004 17:54:14 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from dns02.mail.yahoo.co.jp (dns02.mail.yahoo.co.jp [211.14.15.205])
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) with SMTP/inet id i6S8sC886546
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Wed, 28 Jul 2004 17:54:14 +0900 (JST)
	(envelope-from yamanaka_hideki@yahoo.co.jp)
Received: from unknown (HELO dellhyamanaka) (210.227.65.110 with poptime)
  by dns02.mail.yahoo.co.jp with SMTP; 28 Jul 2004 08:54:05 -0000
X-Apparently-From: <yamanaka_hideki@yahoo.co.jp>
Message-ID: <002101c47480$6f9e2e90$39660278@sunnt.sunarrow.co.jp>
From: "h.yamanaka" <yamanaka_hideki@yahoo.co.jp>
To: <FreeBSD-users-jp@jp.FreeBSD.org>
References: <003a01c46576$85c7d9f0$39660278@sunnt.sunarrow.co.jp> <20040709152857.315144b8.bugbird@timedia.co.jp>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-2022-jp"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1437
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Wed, 28 Jul 2004 17:53:05 +0900
X-Sequence: FreeBSD-users-jp 80354
Subject: [FreeBSD-users-jp 80354] Re: MAC =?ISO-2022-JP?B?GyRCJSIbKEI=?=
 =?ISO-2022-JP?B?GyRCJUklbCU5JEclVSUjJWslPyVqJXMlMCRyJDkbKEI=?=
 =?ISO-2022-JP?B?GyRCJGskSyRPGyhC?=
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: yamanaka_hideki@yahoo.co.jp
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+040717

$B$d$^$G$9!#(B

$B$@$$$VCY$/$J$C$F?=$7Lu$"$j$^$;$s$G$7$?$,(B
MAC$B%"%I%l%9$G$N%U%#%k%?%j%s%0$,$G$-$^$7$?$N$G(B
$BJs9p$5$;$F$$$?$@$-$^$9!#(B

$BA02s<ALd$7$?;~$O(BFreeBSD4.9-RELEASE$B$r;HMQ$7$F(B
$B$*$j$^$7$?$,!"(BIPFW2$B$,I8=`$GF~$C$F$$$k(B5.2.1$B!](BRELEASE$B$r(B
$B:#2s$O;HMQ$9$k;v$K$7$^$7$?!#(B
$B$^$?(BNIC$B$O(B de $B$N$b$N$r#2Kg;HMQ$7$F!"%V%j%C%8$G%U%#%k%?$r(B
$B$+$1$^$7$?!#(B

   +----+----+   +----+----+   +----+----+
   |   DHCP  |   | server  |   | router  |
   +----+----+   +----+----+   +----+----+
        |             |             |
        +-------------+-------------+
        |de0                       
   +----+----+
   | FreeBSD |$B"+$3$3$G(Bbridge$B$G(BMAC$B%"%I%l%9$N%U%#%k%?$r$+$1$k(B
   +----+----+
        |de1
        +-------------+
        |             | 
   +----+----+   +----+----+
   |  client |   | windows |
   +----+----+   +----+----+

$B@_Dj$G$9$,!"(B
/boot/loader.conf $B$K(B
bridge_load="YES"

/etc/sysctl.conf $B$K(B
net.link.ether.bridge.enable=1
net.link.ether.bridge.ipfw=1 
net.link.ether.bridge.config=de0,de1

/etc/rc.conf $B$K(B
firewall_enable="YES"
firewall_quiet="YES"
firewall_script="/etc/macfilter.sh"
ifconfig_de0="inet 10.1.1.5 netmask 255.0.0.0"

$B$r$=$l$>$l%;%C%H$7$^$7$?!#(B

/etc/macfilter.sh $B$r:n@.$7$^$7$?!#Cf?H$O$3$s$J46$8$G$9!#(B
----------------------------------------------------
#!/bin/sh

mac_addr=

case ${firewall_quiet} in
[Yy][Ee][Ss])
        fwcmd="/sbin/ipfw -q"
        ;;
*)
        fwcmd="/sbin/ipfw"
        ;;
esac

if [ -r /usr/local/etc/macaddress ]; then

    ${fwcmd} -f flush

    while read mac_data
    do
        mac_addr=`expr "${mac_data}" : "\(\([0-9|a-f|A-F]\{2\}:\)\{5\}[0-9|a-f|A-F]\{2\}\)"`
        if [ -z $mac_addr ]; then
        else
            ${fwcmd} add allow layer2 mac ${mac_addr} any 
            ${fwcmd} add allow layer2 mac any ${mac_addr} 
        fi
    done < /usr/local/etc/macaddress
else
    echo "error /usr/local/etc/macaddress"
fi
--------------------------------------------------------------

/usr/local/etc/macaddress $B$K$O(B
00:30:6e:11:11:11
00:30:6e:22:22:22
00:30:6e:33:33:33
00:30:6e:44:44:44
$B!!!!!!!!!!(B:
$B!!!!!!!!!!(B:$B!!!!$3$s$J46$8$G(BMAC$B%"%I%l%9$rMeNs$7$F$$$^$9!#(B

$B0J>e$G!"0l1~:#$N$H$3$mLdBj$J$/F0$$$F$$$^$9!#(B

ipfw -a list $B$G$I$s$J46$8$K$J$C$F$$$k$+$H$$$&$H(B

00100 411435 142515484 allow ip from any to any layer2 MAC 00:30:6e:11:11:11 any
00200 489168 382306188 allow ip from any to any layer2 MAC any 00:30:6e:11:11:11
00300  86204  25305616 allow ip from any to any layer2 MAC 00:30:6e:22:22:22 any
00400  90791  49545879 allow ip from any to any layer2 MAC any 00:30:6e:22:22:22
00500 111521  51025471 allow ip from any to any layer2 MAC 00:30:6e:33:33:33 any
00600 132553 118066643 allow ip from any to any layer2 MAC any 00:30:6e:33:33:33
00700     79      8621 allow ip from any to any layer2 MAC 00:30:6e:44:44:44 any
00800    276     29575 allow ip from any to any layer2 MAC any 00:30:6e:44:44:44
00900  24036   6370216 allow ip from any to any layer2 MAC 00:10:dc:55:55:55 any
01000  20397   4233707 allow ip from any to any layer2 MAC any 00:10:dc:55:55:55
                                 :
                                 :        $B$3$s$J46$8$G$9!#(B

$B$*$+$2$5$^$GAaB.!"IT@5$K@\B3$7$F$$$?%^%7%s$,#3Bf$[$I@\B3$G$-$J$/$J$j(B
$B$3$A$i$KO"Mm$,$-$^$7$?!#(B

$B$A$J$_$K$3$N%V%j%C%8$N%^%7%s$N%9%Z%C%/$O(B CPU:Pen3 800MHz $B%a%b%j(B128MB $B$G$9!#(B
$B%5!<%P$d%k!<%?$,7W(B10$BBf!"%/%i%$%"%s%H$,Ls(B200$BBf$N9=@.$G$9!#(B

$B0l1~!":#$N$H$3$m$OLdBj$J$$$N$G$9$,!"K\Ev$KLdBj$J$$$N$G$7$g$&$+!#(B
$B<+?.$,$J$$$N$G$9$,!"$3$N$^$^$7$P$i$/MM;R$r8+$F$_$h$&$H;W$$$^$9!#(B
$B$4=u8@$J$ID:$1$?$i$H;W$$$^$9!#(B

$B$^$?!"$3$N%^%7%s$N%9%k!<%W%C%H$,$I$N0L$J$N$+(B
$BB,$C$F$_$?$$$N$G$9$,!"$I$&$9$l$PNI$$$N$+(B
$B$o$+$j$^$;$s!#$b$7$h$m$7$1$l$P!"$*65$(2<$5$$!#(B

$B0J>e$G$9!#$"$j$,$H$&$4$6$$$^$7$?!#(B

__________________________________________________
GANBARE! NIPPON!
Yahoo! JAPANJOC OFFICIAL INTERNET PORTAL SITE
http://mail.ganbare-nippon.yahoo.co.jp/

