From owner-FreeBSD-net-jp@jp.freebsd.org  Thu Jun 21 20:57:48 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id UAA12917;
	Thu, 21 Jun 2001 20:57:48 +0900 (JST)
	(envelope-from owner-FreeBSD-net-jp@jp.FreeBSD.org)
Received: from jive.tokai.or.jp (jive.tokai.or.jp [211.7.64.11])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id UAA12911
	for <FreeBSD-net-jp@jp.freebsd.org>; Thu, 21 Jun 2001 20:57:45 +0900 (JST)
	(envelope-from shimi@tokai.or.jp)
Received: from ZCXU152 (p135.net065.tokai.or.jp [211.7.65.135])
	by jive.tokai.or.jp (8.9.1/3.7W-01061211) with ESMTP id UAA02745
	for <FreeBSD-net-jp@jp.freebsd.org>; Thu, 21 Jun 2001 20:57:33 +0900 (JST)
Date: Thu, 21 Jun 2001 20:57:31 +0900
From: Hiroshi Shimizu <shimizu@syscon.co.jp>
To: FreeBSD-net-jp@jp.freebsd.org
Message-Id: <20010621201046.36E4.SHIMIZU@syscon.co.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
X-Mailer: Becky! ver. 2.00.07
Reply-To: FreeBSD-net-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+010328
X-Sequence: FreeBSD-net-jp 3167
Subject: [FreeBSD-net-jp 3167] ipfw =?ISO-2022-JP?B?GyRCJEdINBsoQg==?=
 =?ISO-2022-JP?B?GyRCJDEkRiQ3JF4kJiVRJTElQyVIJCwkIiRrGyhC?= 
Errors-To: owner-FreeBSD-net-jp@jp.freebsd.org
Sender: owner-FreeBSD-net-jp@jp.freebsd.org
X-Originator: shimizu@syscon.co.jp

$B@6?e$G$9!#(B

FreeBSD 2.2.8$B>e$G(Bipfw$B$r;HMQ$7$F(BFireWall$B$r9=C[$7$F$$$^$9!#(B
NAT$B$K4X$7$F$O(BINSrouter$B$G9T$C$F$$$k$N$G!"%Q%1%C%H%U%#%k%?%j%s%0$N$_9T$C$F(B
$B$$$^$9!#(B

$B;29M$^$G$K(BFirewall(fw01)$B$N%9%Z%C%/$O0J2<$NDL$j$G$9!#(B
CPU P2-233
MEM 64MB

$B$3$N$h$&$J9=@.$G$9!#(B
                +------+
                |INS rt|
                +------+
                   |192.168.1.1
                   |
                   |192.168.1.250
                +------+
                | fw01 |
                +------+
                   |192.168.2.250
                   |
   --------+-------+--------------
           |
           |192.168.2.24
       +---+--+
       | hoge2|
       +------+

$B:rF|$N%m%0$r%A%'%C%/$7$?$H$3$m(BFirewall(fw01)$B$G%V%m%C%/$7$F$$$k$K$b$+$+$o(B
$B$i$:!"(Bhoge2(RedHat7.0$B$,F0:n(B)$B$KH4$1$F$$$k%Q%1%C%H$,$"$k$N$rH/8+$7$^$7$?!#(B

ipfw$B$N%k!<%k>e$O5vMF$9$kJ*$@$15-=R$7$FB>$OA4$F;_$a$F$$$^$9!#(B
(ipfw s $B$N=PNO7k2L$h$jH4?h(B)
20000        161      14152 deny log ip from any to any

fw01$B$N%m%0$r8+$k$H0J2<$N$h$&$K(BDeny$B$5$l$F$$$^$9!#(B
(/var/log/messages$B$h$jH4?h(B)
Jun 21 00:40:38 fw01 /kernel: ipfw: 20000 Deny TCP 202.96.119.134:48094
192.168.2.24:111 in via fxp1
Jun 21 00:40:41 fw01 /kernel: ipfw: 20000 Deny TCP 202.96.119.134:48094
192.168.2.24:111 in via fxp1

$B$H$3$m$,!"(B192.168.2.24(hoge2)$B$N%[%9%H>e$K$O0J2<$N%"%/%;%9%m%0$,;D$C$F$$(B
$B$^$7$?!#(B
(hoge2$B$N%m%0$h$jH4?h(B)
Jun 21 00:40:19 hoge2 kernel: Packet log: input DENY eth0 PROTO=6
202.96.119.134:48094 192.168.2.24:111 L=40 S=0x00 I=31465 F=0x4000 T=231
(#18)

$B!t(B hoge2$B$O;~9o9g$o$;$r9T$C$F$$$J$+$C$?0Y$K;~4V$O$:$l$F$7$^$C$F$$$^$9!#(B

$B%V%m%C%/$7$F$$$k$O$:$J$N$KH4$1$F$7$^$&;v$,$"$j$($k$N$G$7$g$&$+(B?
$BB>$N%5!<%P$KBP$7$F$bF1MM$K%"%/%;%9(B(PortScan$B$@$H;W$&$,(B)$B$O$"$C$?$N$G$9$,!"(B
$BB>$N%5!<%P$K$ODL$C$F$$$^$;$s$G$7$?!#(B
$B$^$?!"(Bhoge$B$KBP$7$F$b?t2s%"%/%;%9$,$"$C$?$N$G$9$,!"(BFireWall$B$rDL$C$F$7$^$C(B
$B$?$N$O(B1$BEY$@$1$N$h$&$G$9!#(B
$B%?%$%_%s%0$G%U%#%k%?%j%s%0=PMh$J$$2DG=@-$,$"$k$H$$$&$3$H(B?

$B$3$N$h$&$J;v>]$,5/$-$?J}$O$$$i$C$7$c$$$^$9$+(B?

$B$d$O$j!"%[%9%HKh$N%;%-%e%j%F%#$b6/2=$7$J$/$F$O$J$i$J$$$+!#!#!#(B

--
/*  $B@6(B $B?e(B $B90(B  [ Hiroshi Shimizu ]  */
/*  E-mail:shimizu@syscon.co.jp    */
/*  ($B3t(B)$B%7%9%F%`!&%3%s%5%k%?%s%D(B   */

