From owner-FreeBSD-users-jp@jp.FreeBSD.org Sat Nov  2 11:04:30 2002
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id gA224Uj55495;
	Sat, 2 Nov 2002 11:04:30 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from mailgate.falcon.cs.ritsumei.ac.jp (alcedo.falcon.cs.ritsumei.ac.jp [133.19.62.1])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with ESMTP/inet id gA224T355490
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Sat, 2 Nov 2002 11:04:29 +0900 (JST)
	(envelope-from tetsuya@falcon.cs.ritsumei.ac.jp)
Received: from mail.falcon.cs.ritsumei.ac.jp (ardea [133.19.62.35])
	by mailgate.falcon.cs.ritsumei.ac.jp (8.12.6/8.12.6/FALCON-mailgate) with ESMTP id gA224TBI017500
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Sat, 2 Nov 2002 11:04:29 +0900 (JST)
	(envelope-from tetsuya@falcon.cs.ritsumei.ac.jp)
Received: from magpie (magpie.falcon.cs.ritsumei.ac.jp [133.19.62.77])
	(user=tetsuya mech=CRAM-MD5 bits=0)
	by mail.falcon.cs.ritsumei.ac.jp (8.12.3/8.12.3/FALCON-mailserver) with ESMTP id gA224S51044400
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Sat, 2 Nov 2002 11:04:29 +0900 (JST)
	(envelope-from tetsuya@falcon.cs.ritsumei.ac.jp)
From: tetsuya <tetsuya@falcon.cs.ritsumei.ac.jp>
To: FreeBSD-users-jp@jp.FreeBSD.org
Message-Id: <20021102110428.53777baf.tetsuya@falcon.cs.ritsumei.ac.jp>
Organization: falcon
X-Mailer: Sylpheed version 0.8.3 (GTK+ 1.2.10; i386-portbld-freebsd4.7)
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-2022-JP
Content-Transfer-Encoding: 7bit
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Sat, 2 Nov 2002 11:04:28 +0900
X-Sequence: FreeBSD-users-jp 71660
Subject: [FreeBSD-users-jp 71660] ipfw2 =?ISO-2022-JP?B?GyRCJE4bKEI=?=
 =?ISO-2022-JP?B?GyRCPEJBdSRLJEQkJCRGGyhC?= 
Errors-To: owner-FreeBSD-users-jp@jp.FreeBSD.org
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: tetsuya@falcon.cs.ritsumei.ac.jp
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+021028


$B?9K\$G$9!%(B

ipfw2$B$rF3F~$7$F$_$?$N$G$9$,(Bfiltering$B$,$&$^$/$$$-$^$;$s!%(B
$B?7$?$K2C$o$C$?(B2$B$D$N5!G=$rMxMQ$7$?>l9g$KIT6q9g$,$G$^$7$?!%(B
ipfw1$B$N%k!<%k$K$D$$$F$O@5>oF0:n$7$F$$$^$9!%(B

1) address set$B$N=q<0(B
$BNc(B : ipfw add 100 allow tcp from 192.168.0.1/24{11,12,13} to any

2) mac address$B$N(Bfilter
$BNc(B : ipfw add 100 allow tcp from 192.168.0.1 to any mac any 00:00:00:00:00:00

$B%k!<%k$NDI2C$O$G$-$k$N$G$9$,!$(B
$B<B:]$K%Q%1%C%H$,%k!<%k$K%^%C%A$7$^$;$s!%(B
$B$"$k%k!<%k$NDI2C$K$*$$$F$O$&$^$/F0:n$7$?$H$-$b$"$C$?$N$G$9$,!$(B
$B;~4V$r$*$/$H$^$?%^%C%A$7$J$/$J$C$?$j$b$7$^$7$?!%(B

/usr/src/sys/netinet$B0J2<$N(Bsrc$B$b(B
$B$H$j$"$($:L\$ODL$7$F$_$?$N$G$9$,!$(B
$BL$=O$J$?$a$h$/J,$+$j$^$;$s$G$7$?!%(B

$B<B:]$K1?MQ$5$l$F$$$kJ}$O$$$^$9$+!)(B
$B%k!<%k$N:GE,2=$d(Bip spoofing$BBP:v$K(B
ipfw2$B$rMxMQ$7$?$$$H9M$($F$$$^$9!%(B
$B$h$m$7$1$l$P$465<x$/$@$5$$!%(B

---
Tetsuya_MORIMOTO
tetsuya@falcon.cs.ritsumei.ac.jp
