From owner-FreeBSD-users-jp@jp.freebsd.org  Fri Apr 24 12:53:06 1998
Received: by jaz.jp.freebsd.org (8.8.8+3.0Wbeta7/8.7.3) id MAA14649
	Fri, 24 Apr 1998 12:53:06 +0900 (JST)
Received: by jaz.jp.freebsd.org (8.8.8+3.0Wbeta7/8.7.3) with ESMTP id MAA14644
	for <FreeBSD-users-jp@jp.freebsd.org>; Fri, 24 Apr 1998 12:53:04 +0900 (JST)
Received: from mx.nttdata.co.jp (mx1.nttdata.co.jp [163.135.10.12])
	by ms.nttdata.co.jp (8.8.8/3.6W-NTTDATA-TOP-04/14/98) with ESMTP id MAA08355
	for <FreeBSD-users-jp@jp.freebsd.org>; Fri, 24 Apr 1998 12:53:02 +0900 (JST)
Received: from lily.pi.nttdata.co.jp ([163.135.214.109]) by mx.nttdata.co.jp (8.8.5/3.5Wpl4-NTTDmx/97062616) with ESMTP id MAA28286 for <FreeBSD-users-jp@jp.freebsd.org>; Fri, 24 Apr 1998 12:53:00 +0900 (JST)
Received: from viola ([10.25.197.85]) by lily.pi.nttdata.co.jp (8.8.7/3.3Wb96100109) with SMTP id MAA29043; Fri, 24 Apr 1998 12:52:58 +0900 (JST)
Message-Id: <199804240352.MAA29043@lily.pi.nttdata.co.jp>
To: FreeBSD-users-jp@jp.freebsd.org
From: Mitsuru Furuya <furuya@pi.nttdata.co.jp>
X-Mailer: Winbiff [Version 2.05 PL1]
Date: Fri, 24 Apr 1998 12:52:58 +0900
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-2022-jp
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: bulk
X-Distribute: distribute [version 2.1 (Alpha) patchlevel=24]
X-Sequence: FreeBSD-users-jp 27541
Subject: [FreeBSD-users-jp 27541] Why dropping packets at IPFW ?
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org


$B!!$U$k$d!w(BNTTDATA $B$G$9!#(B
$B!!(B
$B!!(BIPFW $B$G!"%I%a%$%s!J(B210.154.AA.AAA/28$B!K0J30$+$i$N%Q%1%C%H$O!"(B
DNS $B$H(B ntp $B$@$1DL$9$h$&$K@_Dj$7$?$N$G$9$,!"%m%0$r8+$k$H(B DNS $B$N(B
$B%Q%1%C%H$r7k9=(B deny $B$7$F$$$^$9!#(B
$B$=$l$b3N<B$KMn$9$N$G$J$/!"DL$7$?$j!&Mn$H$7$?$j$H0l4S@-$,$"$j$^$;$s!#(B
$B!t!!(BDNS $B$,0z$1$?$j!"0z$1$J$+$C$?$j$7$F!"7k9=:$$C$F$$$^$9!#(B

$B!!(BQ&A $B$d(B HandBook $B$b8+$^$7$?$,!"3:Ev$9$k$h$&$JJs9p$b$J$+$C$?$N$G!"(B
$BF1$8$h$&$J8=>]$r7P83$7$?J}$O$$$^$;$s$G$7$g$&$+!#(B

---------------------------------------------------------------
$B;HMQ%^%7%s!'(B
$B!!(BNEC PC-9801NA/20
$B!!(BAllied Telesis SIC-98NOTE-T
$B!!(BFreeBSD(98)2.2.5-Rev02

---------------------------------------------------------------
#ipfw list
00100 allow ip from any to any via lo0
00200 deny log ip from 127.0.0.0/8 to 127.0.0.0/8
00300 allow ip from 210.154.AA.AAA/28 to any
00400 allow tcp from any to any established
00500 allow tcp from any 53 to 210.154.BB.BBB setup
00600 allow tcp from any 80 to 210.154.BB.BBB setup
00700 allow tcp from any 123 to 210.154.BB.BBB setup
00800 allow udp from any 53 to 210.154.BB.BBB
00900 allow udp from any 123 to 210.154.BB.BBB
01000 deny log ip from any to any
65535 deny ip from any to any

 210.154.AA.AAA : $B%M%C%H%o!<%/%"%I%l%9(B
 210.154.BB.BBB : $B3:Ev%^%7%s%"%I%l%9(B
---------------------------------------------------------------


---
              $B$=$l$b0l6=!%!%!%(B
                  by Mitsuru Furuya (furuya@pi.nttdata.co.jp)        
