From owner-FreeBSD-net-jp@jp.freebsd.org  Fri May 25 02:33:06 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id CAA99075;
	Fri, 25 May 2001 02:33:06 +0900 (JST)
	(envelope-from owner-FreeBSD-net-jp@jp.FreeBSD.org)
Received: from ns.takezo.co.jp (ns.takezo.co.jp [210.239.132.178])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with SMTP id CAA99070
	for <FreeBSD-net-jp@jp.freebsd.org>; Fri, 25 May 2001 02:33:06 +0900 (JST)
	(envelope-from hirose@takezo.co.jp)
Received: from pc1.takezo.co.jp (unverified [210.239.132.181]) by ns.takezo.co.jp
 (EMWAC SMTPRS 0.83) with SMTP id <B0000177681@ns.takezo.co.jp>;
 Fri, 25 May 2001 02:39:02 +0900
Message-ID: <007801c0e477$829de180$b584efd2@takezo.co.jp>
From: =?iso-2022-jp?B?SGlyb3NlIFRha2Vub3JpKBskQlciQCUbKEIgGyRCPmZFNRsoQik=?= <hirose@takezo.co.jp>
To: <FreeBSD-net-jp@jp.freebsd.org>
Date: Fri, 25 May 2001 02:32:30 +0900
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-2022-jp"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2314.1300
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
Reply-To: FreeBSD-net-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+010328
X-Sequence: FreeBSD-net-jp 3115
Subject: [FreeBSD-net-jp 3115] Bridge =?ISO-2022-JP?B?GyRCJEdCUxsoQg==?=
 =?ISO-2022-JP?B?GyRCMGhAKThCJCw9UE1oJEokJBsoQg==?= 
Errors-To: owner-FreeBSD-net-jp@jp.freebsd.org
Sender: owner-FreeBSD-net-jp@jp.freebsd.org
X-Originator: hirose@takezo.co.jp

$BW"@%!w(BTAKEZO$B$G$9!#(B

$B:#!"0lBf$N%Q%=%3%s$G(B Bridge$B!"(BNAT$B!"(Bipfw$B!"(BDUMMYNET $B$r$9$k%k!<%?$r:n$C$F$$$k$N$G(B
$B$9$,!"0J2<$N9=@.$G?'!9$H%F%9%H$7$F$$$^$9$,!"$&$^$/;W$C$?$h$&$KF0$$$F$/$l$^$;$s!#(B

                     +-------------+
                     |   router    +
                     +------+------+
                            | 61.206.xxx.aaa/28
                            |
                            | ed0(61.206.xxx.bbb/28)
                     +------+-------+
                     |    hostA     | Bridge$B!"(BNAT$B!"(Bipfw$B!"(BDUMMYNET
                     +--+-------+---+
ed1(NAT;192.168.1.1/24) |       | ed2(Bridge)
            +-----------+       +-----------+
            | 192.168.1.2/24                | 61.206.xxx.ccc/28
        +---+---+                       +---+---+
        | hostB |                       | hostC |
        +-------+                       +-------+

hostA : FreeBSD 4.3-RELEASE
hostB : Windows 98
hostC : FreeBSD 4.3-RELEASE

hostA $B%3%s%U%#%0%l!<%7%g%s(B
kernel option $B$NFbMF(B($BH4?h(B)------------------------------------
options  IPFIREWALL
options  IPFIREWALL_FORWARD
options  IPFIREWALL_DEFAULT_TO_ACCEPT
options  IPDIVERT
options  DUMMYNET
options  BRIDGE
--------------------------------------------------------------

/etc/rc.conf $B$NFbMF(B($BH4?h(B)-------------------------------------
defaultrouter="61.206.xxx.aaa"
gateway_enable="YES"
ifconfig_ed1="inet 192.168.1.1  netmask 255.255.255.0"
ifconfig_ed2="inet 61.206.xxx.bbb  netmask 255.255.255.240"
--------------------------------------------------------------

/usr/local/etc/rc.d/route.sh----------------------------------
#!/bin/sh
sysctl -w net.link.ether.bridge=1
sysctl -w net.link.ether.bridge_cfg="ed0:1,ed2:1,"
natd -interface ed2
ipfw -f flush
ipfw add 100 divert natd all from any to any via ed2
--------------------------------------------------------------

$B>e5-$N>uBV$G(B hostA $B$O5/F0$7$F$*$j$^$9!#(B
$B$3$N>uBV$G!"(Bping $B$G3NG'$9$k$H!"(B
router <-> hostA  OK
router <-> hostC  OK
hostB   -> hostA  OK
hostB   -> hostC  OK
hostB   -> router OK

$B<!$K(B DUMMYNET $B$r2<5-$N$h$&$K@_Dj$7$^$9!#(B
ipfw add 200 pipe 1 ip from 192.168.1.0/24 to any out xmit ed0
ipfw add 250 pipe 2 ip from any to 192.168.1.0/24 in recv ed0
ipfw pipe 1 config bw 128kbit/s
ipfw pipe 2 config bw 128kbit/s
$B$3$N>uBV$G!"(Bping $B$G3NG'$9$k$H!"(B
router <-> hostA  OK
router <-> hostC  OK
hostB   -> hostA  OK
hostB   -> hostC  OK
hostB   -> router OK
$BL^O@!"BS0hL5;v!"9J$l$F$$$^$7$?!#(B

$B<!$K!"$3$N>uBV$G(B Bridge $BB&$bBS0h@)8f$7$?$$$H;W$C$F!"(BBridge $B$5$l$?(B
$B%Q%1%C%H$r(B ipfw $B$G%3%s%H%m!<%k=PMh$k$h$&$K(B sysctl $B$G!"2<5-$N$h$&(B
$B$K@_Dj$7$^$7$?!#(B
sysctl -w net.link.ether.bridge_ipfw=1
$B$H$j$"$($:!"$3$N>uBV$GDL?.$G$-$k$+$r!"(Bping $B$G3NG'$9$k$H!"(B
router <-> hostA  OK
router <-> hostC  NG
hostB   -> hostA  OK
hostB   -> hostC  NG
hostB   -> router OK
$B$K$J$j!"(BhostA $B$K$O$3$N$h$&$J!"%a%C%;!<%8$,8=$l$^$9!#(B
bdg_forward: No rules match, so dropping packet!

$B$I$N$h$&$K$7$?$i!"(BBridge $BB&$bBS0h@)8f=PMh$k$h$&$K$J$k$N$G$7$g$&$+!)(B

$B$G$o!"$G$o!"(B

