From owner-FreeBSD-users-jp@jp.FreeBSD.org Sat Jan 19 23:22:53 2002
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id g0JEMro35064;
	Sat, 19 Jan 2002 23:22:53 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from free1.him.ne.jp (11.him.ne.jp [210.235.152.11])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with ESMTP/inet id g0JEMqm35059
	for <freebsd-users-jp@jp.freebsd.org>; Sat, 19 Jan 2002 23:22:52 +0900 (JST)
	(envelope-from chores@him.ne.jp)
Received: (from root@localhost)
	by free1.him.ne.jp (8.12.1/8.12.1/him-011118) id g0JEMq6U026351
	for freebsd-users-jp@jp.freebsd.org; Sat, 19 Jan 2002 23:22:52 +0900 (JST)
	(envelope-from chores@him.ne.jp)
Received: from dev01 (71.him.local [192.168.1.71])
	by free1.him.ne.jp (8.12.1/8.12.1/him-011118av) with ESMTP id g0JEMnnC026344
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Sat, 19 Jan 2002 23:22:50 +0900 (JST)
	(envelope-from chores@him.ne.jp)
From: chores@him.ne.jp
Date: Sat, 19 Jan 2002 23:22:50 +0900
To: FreeBSD-users-jp@jp.FreeBSD.org
In-Reply-To: <20020118184038.9D61.TOMOKAZU@colx.co.jp>
References: <20020117164816.E079.CHORES@him.ne.jp> <20020118184038.9D61.TOMOKAZU@colx.co.jp>
Message-Id: <20020119163040.E085.CHORES@him.ne.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
X-Mailer: Becky! ver. 2.00.07
X-Virus-Scanned: by AMaViS perl-11
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+011218
X-Sequence: FreeBSD-users-jp 66514
Subject: [FreeBSD-users-jp 66514] Re: natd 
 =?ISO-2022-JP?B?GyRCJE4lPSE8JTklIiVJJWwlOT1xJC00OSQoJEsbKEI=?=
 =?ISO-2022-JP?B?GyRCJEQkJCRGGyhC?=
Errors-To: owner-FreeBSD-users-jp@jp.FreeBSD.org
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: chores@him.ne.jp

$BDMED$G$9!#(B

$B$G$-$^$7$?(B!!

> $BA4It$N%Q%1%C%H$r$I$3$+0c$&>l=j$XE>Aw$7$F!"(B
> $B$=$l$r$-$A$s$H85$NAw$j<g$KJV$9(B.. $B$H$+$$$&<B83$@$1$G(B
> $B$h$$$N$J$i!"$b!<$9$3$7;n834D6-$rC1=c$K$7$?$[$&$,$$$$$h$&$J(B
> $B5$$b$9$k$N$G$9$,!";v>p$b$"$k$N$G$7$g$&$M(B :-)

$B<+J,$H$7$F$O!"C1=c$K$7$F$$$k$D$b$j$J$N$G$9$,!"$J$C$F$$$J$$$h$&$G$9$M!#(B
$B;v>p$H$$$($P!"%^%7%s(BB$B0J30$O1?MQCf$N%^%7%s$r;H$C$F$$$k$H$$$&$3$H$/$i$$$J(B
$B$N$G$9$,!#!#!#(B


> $B$^$:!"K\Bj$H$O4X78$J$5$2$G$9$,!"(B
> nic $B$K(B alias $B$GHV9f$r?6$k$H$-$O!"(Bmask $B$O(B 255.255.255.255
> $B$,4pK\$G$9$N$G!"D>$7$?$[$&$,$h$$$G$7$g$&!#(B

$B$4;XE&$"$j$,$H$&$4$6$$$^$9!#(B


> $B$G!"DMED$5$s$N@_Dj$N$*$+$7$$$H$3$m$O!"2?$,2?$G$b(B -redirect_address
> $B$N@_Dj$G=q$-49$($r9T$*$&$H$7$F$$$k$H$3$m$@$H;W$$$^$9!#(B
> 
> $BA0$K$b=q$-$^$7$?$,!"$3$N:n@o$@$H!"(Bdest $B$r=q$-49$($k$R$H$H(B
> src $B$r=q$-49$($k?M$,$=$l$>$lFHN)$7$F$$$^$9!#(B
> dest $B$r=q$-49$($k$K$O(B redirect_address $B$G$9$,!"(Bsrc $B$r=q$-49$($k$N$O(B
> natd $B$NI8=`F0:n$G$9$+$i!"$3$A$i$N(B natd $B$K$O(B redirect_adress
> $B$O$$$j$^$;$s!#(B

$B$J$k$[$I!"$=$&$$$&F0:n$J$N$G$9$M!#40A4$K4*0c$$$7$F$$$^$7$?!#(B


> $B%9%F%C%W$O#4$D(B?

$B:G8e$N(B2$B$D$,M}2r$G$-$F$$$^$;$s$G$7$?!#(B

$B2?$H$J$/I,MW$J$3$H$O5$$E$$$?$N$G$9$,!"!VJL$N(B natd $B$r;H$&$H2?=h$KLa$;$P$$(B
$B$$$N$+$,J,$+$i$J$/$J$C$F$7$^$&!W$H9M$($Fm5$$$F$$$^$7$?!#JL$N(B ipfw $B$G!"F1(B
$B$8(B natd $B$KEO$;$P$h$+$C$?$N$G$9$M!#(B


>   192.x.x.10:1078 -> 192.x.x.1:80
> $B$N(B dest $B$r=q$-49$($k(B natd(a) $B$H%k!<%k(B(1)$B!#(B
>   192.x.x.10:1078 -> 210.y.y.2:80
> $B$3$N%Q%1%C%H$,=P$F9T$/$H$-$K(B src $B$r=q$-49$($k(B natd(b) $B$H%k!<%k(B(2)$B!#(B
>   192.x.x.1:????  -> 210.y.y.2:80
> 
> $BLa$C$F$-$?$b$N(B
>   210.y.y.2:80 -> 192.x.x.1:????
> $B$N(B dest $B$r85$KLa$9(B natd(b) $B$H%k!<%k(B(3)$B!#(B
> $B$d$d$3$7$$$+$b$7$l$J$$$1$I!"(Bnatd(b) $B$O$5$C$-(B src $B$r=q$-49$($??M$@$+$i!"(B
> $BK\Ev$N<u<h?M$,J,$+$j$^$9$h$M!#$G!"$3$&$J$j$^$9!#(B
>   210.y.y.2:80 -> 192.x.x.10:1078
> $B<!$K$3$l$,=P$F9T$/$H$-$K(B src $B$r85$KLa$9(B natd(a) $B$H%k!<%k(B(4)$B!#(B
> $BF1$8$/(B natd(a) $B$O=q$-La$9$?$a$N>pJs$r$b$C$F$^$9$N$G!"3Z>!!#(B
>   192.x.x.1:80 -> 192.x.x.10.1078
> 
> $B$H$$$&$o$1$G!"$a$G$?$/85$N$R$H$K%Q%1%C%H$,JV$k;EAH$_!#(B
>
> $B$3$N%k!<%k$H(B natd $B$N@_Dj$r$=$N$^$s$^=q$-9~$a$P!"(B
> $B@dBP$KF0$-$^$9!#(B

$BF0$-$^$7$?!#(B

$B$H$j$"$($:!"0J2<$N$h$&$J@_Dj$GF0:n$7$^$7$?!#(B

# ipfw list
00100 divert 8888 ip from any to 192.x.x.1
00200 divert 9999 ip from any to 210.y.y.2
00300 divert 9999 ip from 210.y.y.2 to 210.y.y.1
00400 divert 8888 ip from 210.y.y.2 to any
65535 allow ip from any to any
$B"(%$%s%?!<%U%'!<%9$dJ}8~$r2C$($?J}$,NI$5$=$&$G$9$M!#(B> $B<+J,(B

# natd -p 8888 -n ed1 -redirect_address 210.y.y.2 192.x.x.1 -v  ($BH4?h(B)
In  [TCP]  [TCP] 192.x.x.10:3714 -> 192.x.x.1:80 aliased to
           [TCP] 192.x.x.10:3714 -> 210.y.y.2:80
In  [TCP]  [TCP] 210.y.y.2:80 -> 192.x.x.10:3714 aliased to
           [TCP] 210.y.y.2:80 -> 192.x.x.10:3714
Out [TCP]  [TCP] 210.y.y.2:80 -> 192.x.x.10:3714 aliased to
           [TCP] 192.x.x.1:80 -> 192.x.x.10:3714

# natd -p 9999 -n ed2 -v  ($BH4?h(B)
In  [TCP]  [TCP] 192.x.x.10:3714 -> 210.y.y.2:80 aliased to
           [TCP] 192.x.x.10:3714 -> 210.y.y.2:80
Out [TCP]  [TCP] 192.x.x.10:3714 -> 210.y.y.2:80 aliased to
           [TCP] 210.y.y.1:3714 -> 210.y.y.2:80
In  [TCP]  [TCP] 210.y.y.2:80 -> 210.y.y.1:3714 aliased to
           [TCP] 210.y.y.2:80 -> 192.x.x.10:3714

# tcpdump -i fxp0 port 80  ($BH4?h(B)
20:55:32.776538 210.y.y.1.3714 > 210.y.y.2.http:
 S 685311506:685311506(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)

20:55:32.776664 210.y.y.2.http > 210.y.y.1.3714:
 S 2278635482:2278635482(0) ack 685311507 win 17520 <mss 1460> (DF)

20:55:32.800876 210.y.y.1.3714 > 210.y.y.2.http:
 . ack 1 win 17520 (DF)

20:55:32.804813 210.y.y.1.3714 > 210.y.y.2.http:
 P 1:211(210) ack 1 win 17520 (DF)

20:55:32.806300 210.y.y.2.http > 210.y.y.1.3714:
 P 1:1180(1179) ack 211 win 17520 (DF)

20:55:32.988118 210.y.y.1.3714 > 210.y.y.2.http:
 . ack 1180 win 16341(DF)

$B=EB<$5$s$N$4;XE&$NDL$j!"(BFTP$B$bBg>fIW$G$9$M!#(B($B$9$4$$(B!!)


> > $B$3$N>uBV$G!"%^%7%s(BA$B$+$i(B lynx 192.y.y.1 $B$H$9$k$H!"%^%7%s(BC$B$G$N(B tcpdump $B$,(B
> > $B0J2<$NDL$j$H$J$j!"%^%7%s(BA$B$N(Blynx$B$O(B Making HTTP connection $B$N$^$^$K$J$C$F(B
> > $B$7$^$$$^$9!#(B
> 
> $B$H$$$&$N$O!":G=i$N(B ack $B$9$i@5$7$/La$i$J$$$s$@$+$i!"(B
> $B$=$&$J$k$N$OEvA3$NF0:n$G$9!#(B
> 
> > $BB?J,(B R(RST) $B$,5"$C$F$-$F$$$k$N$,LdBj$J$N$@$H$O;W$&$N$G$9$,!"2?$,860x$G$I(B
> > $B$N$h$&$K2sHr$7$?$i$h$$$N$+J,$+$i$:$K$*$j$^$9!#(B
> 
> $BF1$8$/$3$l$b!"$=$l$K5/0x$7$F(B lynx $B$,%.%V%"%C%W$7$?%Q%1%C%H$G$7$g$&!#(B

lynx $B$,%.%V%"%C%W$9$kA0$KFO$$$F$$$k$h$&$G$9$N$G!"(Back $B$NLa$j@h$,L5$+$C$?(B
($B9T$->l$r<:$C$?(B)$B$N$+$HM=B,$7$F$$$?$N$G$9$,$$$+$,$J$b$N$G$7$g$&(B?


> $B$\$/$,;n$7$?$3$NJ}K!$b$I$3$+$K=q$$$F$"$C$?$o$1$8$c$J$/$F!"(B
> $B$J$s$H$J$/$"$l$3$l9M$($F<B8=$7$^$7$?!#(B
> 
> $B$"$^$j$K$b>R2p$5$l$F$$$J$$$N$G!"$3$s$J$3$H$O$7$F$O$$$1$J$$$3$H(B
> $B$J$N$@$m$&$+$H$b;W$$$^$7$?$,(B...$B$I$&$J$s$G$7$g$&$M!#(B

$B;d$,9T$$$?$+$C$?<B83$H$7$F$OB?J,$3$l$,2r$J$N$@$H;W$$$^$9!#(Bnatd $B$N;v$,>/(B
$B$7M}2r$G$-$?8=:_(B $B9M$($F$_$l$P!":G=*E*$K$d$j$?$$$3$H$O(B natd 1$B$D$G$b(B($B%5!<(B
$B%P!<B&$b9=$($P(B?)$B=PMh$=$&$J5$$b$7$F$-$^$7$?!#(B

$B$7$+$7!"0l;~E*$JMxMQ$J$N$G%5!<%P!<$d%k!<%?$N@_Dj$rJQ$($:$K:Q$`$3$NJ}K!$O(B
$BHs>o$K;H$($=$&$G$9!#(B


> $B$\$/$OFH3X$G!"$+$D<~$j$K$O(B UNIX $B$JCg4V$,A4A3$$$^$;$s$N$G!"(B
> $B$+$J$j$R$M$/$l$?J}K!$J$N$+$b$7$l$^$;$s!#(B
> $B$?$@!"F0$/$N$OJ]>Z$7$^$9(B($B>P(B)$B!#(B

$B;d$N<~$j$G$b(B UNIX $B$r;d$HF1$8$h$&$JL\E*$G;H$C$F$$$k?M$,$$$J$$$N$G!"2?$+$r(B
$BJ9$/$H$J$k$H$3$N(BML$B$K$?$h$C$F$7$^$$$^$9!#(B

$B$b$&$9$3$7!"(B1$B$D(B1$B$D$N5;=Q$K$D$$$F?<$/JY6/$7$?$$$H;W$$$D$D$b!"?'!9$J;v$rF1(B
$B;~JB9T$G$d$i$J$/$F$O$$$1$J$$$?$a!"2?$b$,CfESH>C<$J$^$^$H$J$C$F$7$^$&$H$$(B
$B$&0-=[4D$K$O$^$C$F$7$^$C$F$$$^$9!#(B($B2?$H$+$7$J$/$F$O!#!#!#(B)


$B:G8e$K$J$C$F$7$^$$$^$7$?$,!"$3$N$?$S$OB?$/$NJ}$K?'!9$H$465<($$$?$@$-$^$7(B
$B$FBgJQ46<U$7$F$*$j$^$9!#:#8e$b2?$+$H<ALd$5$;$F$$$?$@$/$3$H$,$"$k$+$H;W$$(B
$B$^$9$,!"$h$m$7$/$*4j$$$$$?$7$^$9!#(B

-- 
$B0J>e!"$h$m$7$/$*4j$$$7$^$9!#(B
 <chores@him.ne.jp>

