From owner-FreeBSD-users-jp@jp.freebsd.org  Sat Dec 16 16:48:44 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id QAA24697;
	Sat, 16 Dec 2000 16:48:44 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from ns.mmc.co.jp (ns.mmc.co.jp [202.33.246.162])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id QAA24691
	for <FreeBSD-users-jp@jp.freebsd.org>; Sat, 16 Dec 2000 16:48:43 +0900 (JST)
	(envelope-from ueno@mmc.co.jp)
Received: from mailhub.sys.mmc.co.jp ([172.17.10.2])
	by ns.mmc.co.jp (8.9.3/3.7W) with ESMTP id QAA10428;
	Sat, 16 Dec 2000 16:22:04 +0900
Received: from kueno.mmc.co.jp ([172.20.111.254]) by mailhub.sys.mmc.co.jp (8.8.8/HUB2.00) with ESMTP id QAA78138; Sat, 16 Dec 2000 16:37:15 +0900
Received: from localhost (localhost. [127.0.0.1]) by kueno.mmc.co.jp (8.9.3/3.7W-0012102225) with ESMTP id QAA01534; Sat, 16 Dec 2000 16:49:44 +0900 (JST)
To: FreeBSD-users-jp@jp.freebsd.org, hiromi@tac.tsukuba.ac.jp
Cc: kueno@mmc.co.jp
From: =?iso-2022-jp?B?GyRCPmVMbjlAMGwbKEI=?= <kueno@mmc.co.jp>
In-Reply-To: <20001216141557M.hiromi@tac.tsukuba.ac.jp>
References: <20001216011224L.ueno@mmc.co.jp>
	<20001216141557M.hiromi@tac.tsukuba.ac.jp>
X-Mailer: Mew version 1.94.2 on Emacs 19.34 / Mule 2.3 (SUETSUMUHANA)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Message-Id: <20001216164944J.ueno@mmc.co.jp>
Date: Sat, 16 Dec 2000 16:49:44 +0900
X-Dispatcher: imput version 20000228(IM140)
Lines: 24
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: FreeBSD-users-jp 57568
Subject: [FreeBSD-users-jp 57568] Re: IPFW =?ISO-2022-JP?B?GyRCJEcbKEI=?=
 FTP
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: ueno@mmc.co.jp

$B>eLn$G$9!#(B
$B$"$j$,$H$&$4$6$$$^$9!#(B

From: Hiromi Kimura <hiromi@tac.tsukuba.ac.jp>
Subject: [FreeBSD-users-jp 57564] Re: IPFW $B$G(B FTP
Date: Sat, 16 Dec 2000 14:15:57 +0900
> $BNc$($P!"(B-punch_fw 1000:100
> $B$r;XDj$7$F$*$$$F!"FbB&!J(B192.168.0.2$B!K$+$i30It$N(B ftp $B%5!<%P!J(B11.22.33.44$B!K$X(B
> $B%"%/%;%9$7!"DL>o%b!<%I$G%G!<%?E>Aw$9$k$H!"(B
> 
> 01001 allow tcp from 192.168.0.2 49168 to 11.22.33.44 20
> 01001 allow tcp from 11.22.33.44 20 to 192.168.0.2 49168

$B;d$N=q$$$F$$$k%k!<%k$G$O(B
01000 deny log tcp from any to any in recv de0 setup
$B$H$J$C$F$$$?$N$G:G=i(B01001$B$N%k!<%k$,E,MQ$5$l$^$;$s$G$7$?!#(B

$B$=$3$G(Bipfw add 65000 deny log tcp from any to any in recv de0 setup
$B$K$9$k$3$H$G(BFTP$B$,DL$k$h$&$K$J$j$^$7$?!#(B

$B$H$3$m$G!"(BNAT$B$NFbB&$N%^%7%s$KBP$7$FD>@\@\B3$9$k%k!<%k$N=q$-J}$H$$$&$b(B
$B$N$OM-$k$N$G$7$g$&$+!)(B $BNc$($P(B NAT$B$,(B 192.168.1.2 NAT$B$NFbB&$N%^%7%s$,(B 
192.168.2.10$B$G%]!<%H(B22$BHV$KBP$7$F30B&$+$iD>@\@\B3$9$k$H$$$C$?;vNc$G$9!#(B

