From owner-FreeBSD-net-jp@jp.freebsd.org  Mon May 28 07:48:56 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id HAA23866;
	Mon, 28 May 2001 07:48:56 +0900 (JST)
	(envelope-from owner-FreeBSD-net-jp@jp.FreeBSD.org)
Received: from tortoise.jp.freebsd.org (root@tortoise.jp.FreeBSD.ORG [210.157.158.41])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id HAA23861
	for <FreeBSD-net-jp@jp.freebsd.org>; Mon, 28 May 2001 07:48:55 +0900 (JST)
	(envelope-from kuriyama@imgsrc.co.jp)
Received: from white.imgsrc.co.jp (white.imgsrc.co.jp [2001:218:422:2:210:4bff:fe11:b455])
	by tortoise.jp.freebsd.org (8.11.3+3.4W/8.11.3) with ESMTP/inet6 id f4RMmrb20336
	for <FreeBSD-net-jp@jp.freebsd.org>; Mon, 28 May 2001 07:48:54 +0900 (JST)
	(envelope-from kuriyama@imgsrc.co.jp)
Received: from waterblue.imgsrc.co.jp (kuriyama@waterblue.imgsrc.co.jp [210.226.20.160])
	by white.imgsrc.co.jp (8.11.2/8.11.0) with ESMTP id f4RMmpe11828
	for <FreeBSD-net-jp@jp.freebsd.org>; Mon, 28 May 2001 07:48:52 +0900 (JST)
Date: Mon, 28 May 2001 07:48:50 +0900
Message-ID: <7mpucuif1p.wl@waterblue.imgsrc.co.jp>
From: Jun Kuriyama <kuriyama@imgsrc.co.jp>
To: FreeBSD-net-jp@jp.freebsd.org
In-Reply-To: <20010527115027.6984.qmail@mbc.nifty.com>
References: <200105270803.f4R83Fq25632@neofam.yf.bsdclub.org>
	<20010527115027.6984.qmail@mbc.nifty.com>
User-Agent: Wanderlust/2.4.1 (Stand By Me) SEMI/1.13.7 (Awazu) FLIM/1.13.2 (Kasanui) MULE XEmacs/21.1 (patch 14) (Cuyahoga Valley) (i386--freebsd)
MIME-Version: 1.0 (generated by SEMI 1.13.7 - "Awazu")
Content-Type: text/plain; charset=ISO-2022-JP
Reply-To: FreeBSD-net-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+010328
X-Sequence: FreeBSD-net-jp 3122
Subject: [FreeBSD-net-jp 3122] Re: ipfw =?ISO-2022-JP?B?GyRCJEcbKEI=?=
 =?ISO-2022-JP?B?GyRCPVA4fSROGyhC?= I/F
 =?ISO-2022-JP?B?GyRCJHI7WERqJDckPyVrITwlaxsoQg==?= 
Errors-To: owner-FreeBSD-net-jp@jp.freebsd.org
Sender: owner-FreeBSD-net-jp@jp.freebsd.org
X-Originator: kuriyama@imgsrc.co.jp

At Sun, 27 May 2001 11:53:32 +0000 (UTC),
Matsuo Takaharu wrote:
> $B;XDjJ}K!$,0c$&$H$$$&$3$H$G$7$g$&$+!#(B
> $BNc$($P(B
> 
> >     deny ip from any to any out recv de0 xmit fxp0
> 
> $B$@$H!"(Bde0$B$KF~$C$F(Bfxp0$B$+$i=P$F9T$/%Q%1%C%H$K%^%C%A$9$k$HM}2r$7$F$$$k$N(B
> $B$G$9$,!#!#(B

$B!!(Bbridge $B;~$N(B filtering $B$O$d$d$3$7$=$&$G$"$s$^$jM}2r$7$F$$$J$$$N$G$9$,!"(B

----- man ipfw
     Each incoming or outgoing packet is passed through the ipfw rules.  If
     host is acting as a gateway, packets forwarded by the gateway are pro-
     cessed by ipfw twice.  In case a host is acting as a bridge, packets for-
     warded by the bridge are processed by ipfw once.
-----

$B$C$F$N$,1F6A$7$F!"(Bincoming *or* outgoing $B$N$I$A$i$+$7$+$&$^$/(B match $B$G$-(B
$B$J$$!"$C$F$N$@$C$?$j$7$^$;$s$+$M!#(B

$B!!(B[net-jp 3115] $B$GW"@%$5$s$,(B

sysctl -w net.link.ether.bridge_ipfw=1

$B$C$F$$$&(B sysctl $B$r@_Dj$7$F$_$F$$$^$9$,!"$3$l$,L>A0$NDL$j$N$b$N$J$N$J$i!"(B
$B$3$A$i$r@_Dj$7$F$_$k$N$O$I$&$G$7$g$&!#(B


-- 
Jun Kuriyama <kuriyama@imgsrc.co.jp> // IMG SRC, Inc.
             <kuriyama@FreeBSD.org> // FreeBSD Project
