From owner-FreeBSD-net-jp@jp.freebsd.org  Sun May 27 04:53:17 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id EAA51351;
	Sun, 27 May 2001 04:53:17 +0900 (JST)
	(envelope-from owner-FreeBSD-net-jp@jp.FreeBSD.org)
Received: from mbc.nifty.com (mbc.nifty.com [192.47.24.179])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with SMTP id EAA51346
	for <FreeBSD-net-jp@jp.freebsd.org>; Sun, 27 May 2001 04:53:16 +0900 (JST)
	(envelope-from tmts@mbc.nifty.com)
Received: (qmail 20254 invoked by uid 10002); Sun, 27 May 2001 04:53:15 +0900
Message-ID: <20010526195315.20253.qmail@mbc.nifty.com>
Received: from seagle.elcom.nitech.ac.jp (HELO mbc.nifty.com) (133.68.130.57)
  by mbc with SMTP; Sun, 27 May 2001 04:53:15 +0900
Date: Sun, 27 May 2001 04:53:10 +0900
From: Matsuo Takaharu <tmts@mbc.nifty.com>
X-Mailer: EdMax Ver2.31.6F
MIME-Version: 1.0
To: FreeBSD-net-jp@jp.freebsd.org
Content-Type: text/plain; charset=ISO-2022-JP
Content-Transfer-Encoding: 7bit
Reply-To: FreeBSD-net-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+010328
X-Sequence: FreeBSD-net-jp 3119
Subject: [FreeBSD-net-jp 3119] ipfw =?ISO-2022-JP?B?GyRCJEc9UBsoQg==?=
 =?ISO-2022-JP?B?GyRCOH0kThsoQg==?= I/F
 =?ISO-2022-JP?B?GyRCJHI7WERqJDckPyVrITwlaxsoQg==?= 
Errors-To: owner-FreeBSD-net-jp@jp.freebsd.org
Sender: owner-FreeBSD-net-jp@jp.freebsd.org
X-Originator: tmts@mbc.nifty.com

$B>>Hx$H?=$7$^$9!#(B

$B8=:_!"(BFreeBSD 4.3-Release $B$G(B ipfw + bridge $B$rMQ$$$F%2!<%H$rN)$F$F$$$^(B
$B$9!#2<?^$N$h$&$J7A$G#3$D$N%M%C%H%o!<%/!J%5%V%M%C%H$OA4$FF1$8!K$r@\B3$7(B
$B$h$&$H9M$($F$$$^$9!JJ,3d$H8@$C$?J}$,@5$7$$(B?$B!K!#(B


         |
         |- [$B%[%9%H#A(B]
         |
+--------+----------+
|       de0         |
| $B%2!<%H%^%7%s(B  xl0 +---------$B!D(B
|       fxp0        | 
+--------+----------+ 
         |
         |- [$B%[%9%H#B(B]
         |


$B$3$3$G!"%[%9%H#A$N%M%C%H%o!<%/$+$i%[%9%H#B$N%M%C%H%o!<%/$K8~$+$&%Q%1%C(B
$B%H$r@)8B$9$k$?$a$K(B

    ipfw add 10 deny tcp from any to any 23 out recv de0 xmit fxp0

$B$H@_Dj$7$F$_$?$N$G$9$,!"<B:]$K$O$3$N%k!<%k$K0z$C$+$+$i$:!"%[%9%H#A$+$i(B
$B%[%9%H#B$K(BTELNET$B$G$-$F$7$^$$$^$9!#(Bipfw -a list $B$r8+$F$b!"$3$N%k!<%k$N(B
$B%+%&%s%H$O(B 0 $B$K$J$C$F$$$^$9!#!J$3$N%k!<%k$O(B man ipfw $B$GI=<($5$l$kNc$H(B
$B$[$\F1$8$G$9!#!K(B

$B=P8}$N%$%s%?%U%'%$%9$r;XDj$9$k>l9g!"2?$+B>$K@_Dj$,I,MW$J$N$G$7$g$&$+!)(B



$B0x$_$K!"%k!<%k$r(B

    ipfw add 10 deny tcp from any to any 23 in recv de0
                                            ^^^^^^^^^^^
$B$N$h$&$KJQ99$9$k$H>e<j$/%U%#%k%?$G$-$^$9!#$^$?(B

    ipfw add 10 deny log tcp from any to any via fxp0

$B$H$7$F$*$$$F!"%[%9%H#A$+$i#B$K(BTELNET$B$7$?8e%m%0$r3NG'$9$k$H!"(B

    ipfw: 3 Deny TCP xx.xx.xx.xx:23 yy.yy.yy.yy:yyyy in via fxp0

$B$H$J$C$F$$$k$N$G!"$d$O$j#A"*#B$ODL2a$7!"$=$NJV;v$G$"$k#B"*#A$,0z$C$+$+(B
$B$C$F$$$k$h$&$G$9!#(B

