From owner-FreeBSD-users-jp@jp.FreeBSD.org Wed Oct  8 15:32:41 2008
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) id m986WfM16718;
	Wed, 8 Oct 2008 15:32:41 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from srv2.ozaki.bz (fu-156-115.edit.ne.jp [218.219.156.115])
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) with ESMTP/inet id m986WfJ16713
	for <FreeBSD-users-jp@jp.freebsd.org>; Wed, 8 Oct 2008 15:32:41 +0900 (JST)
	(envelope-from kino@ozaki.biz)
Received: (qmail 63924 invoked by uid 0); 8 Oct 2008 15:35:23 +0900
Received: from unknown (HELO private.ozaki.bz) (127.0.0.1)
  by 0 with SMTP; 8 Oct 2008 15:35:23 +0900
Received: from 221.253.41.210
        (SquirrelMail authenticated user kino@ozaki.biz)
        by private.ozaki.bz with HTTP;
        Wed, 8 Oct 2008 15:35:23 +0900 (JST)
Message-ID: <55013.221.253.41.210.1223447723.squirrel@private.ozaki.bz>
From: kino@ozaki.biz
To: FreeBSD-users-jp@jp.FreeBSD.org
User-Agent: SquirrelMail/1.4.13
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
Importance: Normal
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Wed, 8 Oct 2008 15:35:23 +0900
X-Sequence: FreeBSD-users-jp 91844
Subject: [FreeBSD-users-jp 91844] FreeBSD =?ISO-2022-JP?B?GyRCJEcbKEI=?=
 =?ISO-2022-JP?B?GyRCJWshPCU/JHI5PUNbJDkkaxsoQg==?= 
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: kino@ozaki.biz
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+060209

$B$O$8$a$^$7$F!#LZ2<(B@ozaki.biz$B$H?=$7$^$9!#(B

$B8=:_!"0J2<$N4D6-$G(BFreeBSD$B$G%k!<%?$r9=C[$7$h$&$H;W$C$F$*$j$^$9!#(B

--------------+---------------------+------
              |                     |
     +--------+-------+       +-----+------+
     |    192.168.1.3 |       | 192.168.1.4|
     | router         |       |  client    |
     |    172.16.0.1  |       |            |
     +-------+--------+       +------------+
             |
-------------+--------------+--------------
             |              |
     +-------+-----+  +-----+--------+
     | 172.16.0.2  |  | 172.16.0.3   |
     | pc1         |  |   pc2        |
     +-------------+  +--------------+

$B>e5-$G(Brouter$B$H$J$C$F$$$k$N$,(BFreeBSD7.0$B5!$G$9!#(B
$B8=>u!"(Bclient$B$+$i(Bpc1$B!"(Bpc2$B$X$N(BICMP$BJVEz$O$"$k$N$G$9$,!"(B
pc1$B!"(Bpc2$B$+$i(Bclient$B$X$N(BICMP$BJVEz$O$J$$$N$G$9!#(B

pc1$B!"(Bpc2$B$H(Bclient$B$NAPJ}8~$NDL?.$,$G$-$k$h$&$K$J$j$?$$$N$G$9!#(B
$BEvA3!"(BNAT$B$O;H$($J$$$N$G!&!&!&(B

1. client(192.168.1.4)$B$+$i(Bpc1(172.16.0.2) -> ping$BJVEz$"$j(B(tcp$B@\B3$b2D(B)
2. client(192.168.1.4)$B$+$i(Bpc2(172.16.0.3) -> ping$BJVEz$"$j(B(tcp$B@\B3$b2D(B)
3. pc1(172.16.0.2)$B$+$i(Brouter(172.16.0.1) -> ping$BJVEz$"$j(B(tcp$B@\B3$b2D(B)
4. pc2(172.16.0.3)$B$+$i(Brouter(172.16.0.1) -> ping$BJVEz$"$j(B(tcp$B@\B3$b2D(B)
5. pc1(172.16.0.2)$B$+$i(Brouter(192.168.1.3) -> ping$BJVEz$"$j(B(tcp$B@\B3$b2D(B)
6. pc2(172.16.0.3)$B$+$i(Brouter(192.168.1.3) -> ping$BJVEz$"$j(B(tcp$B@\B3$b2D(B)
7. pc1(172.16.0.2)$B$+$i(Bclient(192.168.1.4) -> ping$BJVEz$J$7(B(tcp$B@\B3IT2D(B)
8. pc2(172.16.0.3)$B$+$i(Bclient(192.168.1.4) -> ping$BJVEz$J$7(B(tcp$B@\B3IT2D(B)

$B>e5-$N(B7$B!"(B8$B$N9`L\$NDL?.$b$G$-$k$h$&$K$7$?$$$N$G$9!#(B
roter(FreeBSD7.0$B5!(B)$B$KBP$7$F$I$N$h$&$K@_Dj$9$l$P$h$m$7$$$G$7$g$&$+!)(B

$B$I$&$+$h$m$7$/$*4j$$?=$7>e$2$^$9!#(B
-----------------

$B8=:_$N@_DjFbMF$G$9!#(B
uname -a
FreeBSD router.dev.***.**.jp 7.0-RELEASE-p5 FreeBSD 7.0-RELEASE-p5 #0: Tue
Oct  7 17:25:43 JST 2008    
root@router.dev.***.**.jp:/usr/src/sys/i386/compile/ROUTER  i386

sysctl -a net.inet.ip
net.inet.ip.portrange.randomtime: 45
net.inet.ip.portrange.randomcps: 10
net.inet.ip.portrange.randomized: 1
net.inet.ip.portrange.reservedlow: 0
net.inet.ip.portrange.reservedhigh: 1023
net.inet.ip.portrange.hilast: 65535
net.inet.ip.portrange.hifirst: 49152
net.inet.ip.portrange.last: 65535
net.inet.ip.portrange.first: 49152
net.inet.ip.portrange.lowlast: 600
net.inet.ip.portrange.lowfirst: 1023
net.inet.ip.forwarding: 1
net.inet.ip.redirect: 1
net.inet.ip.ttl: 64
net.inet.ip.rtexpire: 3600
net.inet.ip.rtminexpire: 10
net.inet.ip.rtmaxcache: 128
net.inet.ip.sourceroute: 1
net.inet.ip.intr_queue_maxlen: 50
net.inet.ip.intr_queue_drops: 0
net.inet.ip.accept_sourceroute: 0
net.inet.ip.keepfaith: 0
net.inet.ip.same_prefix_carp_only: 0
net.inet.ip.subnets_are_local: 0
net.inet.ip.fastforwarding: 0
net.inet.ip.fw.dyn_keepalive: 1
net.inet.ip.fw.dyn_short_lifetime: 5
net.inet.ip.fw.dyn_udp_lifetime: 10
net.inet.ip.fw.dyn_rst_lifetime: 1
net.inet.ip.fw.dyn_fin_lifetime: 1
net.inet.ip.fw.dyn_syn_lifetime: 20
net.inet.ip.fw.dyn_ack_lifetime: 300
net.inet.ip.fw.static_count: 1
net.inet.ip.fw.dyn_max: 4096
net.inet.ip.fw.dyn_count: 0
net.inet.ip.fw.curr_dyn_buckets: 256
net.inet.ip.fw.dyn_buckets: 256
net.inet.ip.fw.verbose_limit: 0
net.inet.ip.fw.verbose: 1
net.inet.ip.fw.debug: 1
net.inet.ip.fw.one_pass: 1
net.inet.ip.fw.autoinc_step: 100
net.inet.ip.fw.enable: 1
net.inet.ip.maxfragpackets: 526
net.inet.ip.maxfragsperpacket: 16
net.inet.ip.fragpackets: 0
net.inet.ip.check_interface: 0
net.inet.ip.random_id: 0
net.inet.ip.sendsourcequench: 0
net.inet.ip.process_options: 1

kernel$B$N@_DjFbMF(B
< # IPFW
< options IPFIREWALL
< options IPFIREWALL_FORWARD
< options IPFIREWALL_VERBOSE
< options IPFIREWALL_DEFAULT_TO_ACCEPT
$B$=$NB>I,MW$N$J$$%G%P%$%9%I%i%$%P!"(Bipv6$B4XO"$r:o=|$7$^$7$?!#(B

/etc/rc.conf$B$NFbMF(B
hostname="dev.***.**.jp"
ifconfig_fxp0="inet 192.168.1.3 netmask 255.255.255.0"
defaultrouter="192.168.1.1"
keymap="jp.106"
ntpdate_enable="YES"
ntpdate_flags="ntp.jst.mfeed.ad.jp"
sshd_enable="YES"
ifconfig_rl0="inet 172.16.0.1  netmask 255.255.0.0"
hostname="router.xxx.xx.jp"
sendmail_enable="NONE"
gateway_enable="YES"



