  Linux IP Masquerade HOWTO
  David Ranch, dranch@trinnet.net
  v1.95, November 14, 2000
  {: JF Project (jf@linux.or.jp)
  v1.0.0j  Jul. 12, 2001

  ̕ɂ́ALinux zXg IP }XJ[h@\𓮍삳@ڂ
  qׂĂ܂B IP }XJ[h́Albg[NAhXϊȂ
   NAT ̈`ԂŁA Linux BOX ɊU̃C^[lbg IP Ah
  XʂāAȃC^[lbg IP AhXȂAlbg
  [ÑRs[^AC^[lbgɐڑł悤ɂ܂B
  ______________________________________________________________________

  ڎ

  1. ͂߂
     1.1 IP }XJ[h̊T
     1.2 AtB[hobNƃNWbg
     1.3 Copyright & Disclaimer

  2. \m
     2.1 IP }XJ[hƂ
     2.2 ݂̏
     2.3 IP }XJ[hLpȏꍇ
     2.4 IP }XJ[hpȏꍇ
     2.5 ǂ̂悤ɂ IP }XJ[h͓삷邩
     2.6 IP }XJ[h Linux 2.2.x Ŏg߂̕Kv
     2.7 IP }XJ[h Linux 2.3.x y 2.4.x Ŏg߂̕Kv
     2.8 IP }XJ[h Linux 2.0.x Ŏg߂̕Kv

  3. IP }XJ[h̐ݒ
     3.1 IP }XJ[hgݍ񂾃J[l̃RpC
        3.1.1 Linux 2.2.x J[l
        3.1.2 Linux 2.0.x J[l
        3.1.3 Linux 2.3.x / 2.4.x J[l
     3.2 vCx[glbg[N IP AhX LAN Ɋ蓖Ă
     3.3 IP tH[fBO|V[ݒ肷
        3.3.1 Linux 2.2.x J[l
        3.3.2 Linux 2.0.x J[l

  4. }XJ[hڑ鑼̓}V̐ݒ
     4.1 Microsoft Windows 95 ł̐ݒ
     4.2 Windows NT ł̐ݒ
     4.3 Windows for Workgroup 3.11 ł̐ݒ
     4.4 UNIX nVXeł̐ݒ
     4.5 NCSA Telnet pbP[Wgp DOS ̐ݒ
     4.6 MacTCP ̓삷 MacOS x[XVXeł̐ݒ
     4.7 Open Transport ̓삷 MacOS x[XVXeł̐ݒ
     4.8 DNS gp Novell lbg[Nł̐ݒ
     4.9 OS/2 Warp ł̐ݒ
     4.10 IBM AS/400 ŉғ OS/400 ł̐ݒ
     4.11 ̑̃VXeł̐ݒ

  5. IP }XJ[h̃eXg
     5.1 [J PC ̐ڑeXg
     5.2 Linux ̓ڑ̃eXg
     5.3 Linux ̊Oڑ̃eXg
     5.4 [J PC  Linux ւ̐ڑeXg
     5.5 }XJ[h ICMP ]̃eXg
     5.6 }XJ[hꂽ ICMP ̊O]̃eXg
     5.7 DNS gȂ}XJ[h@\̃eXg
     5.8 DNS g}XJ[h@\̃eXg
     5.9 DNS g}XJ[h@\̒ǉeXg
     5.10 ̑̋@\A\Ɋւ鎖

  6. IP }XJ[hɊ֘Ȃ̍ڂƃ\tgEGAT|[g
     6.1 IP }XJ[hɊ֌W
     6.2 OĂT[rX
     6.3 T|[gĂNCAg\tgEGAƂ̑̐ݒ
        6.3.1 IP }XJ[hœ삷lbg[NNCAg
        6.3.2 IP }XJ[hŊSɂ̓T|[gĂȂ -
     6.4 苭͂ IP t@CAEI[ (IPFWADM) [Zbg
     6.5 IPCHAINS ɂ邳ɋł IP t@CAEI[E[Zbg
     6.6 ̓lbg[Nւ IP }XJ[h
     6.7 If}hE_CAAbvڑł IP }XJ[h
     6.8 IPPORTFW, IPMASQADM, IPAUTOFW, REDIR, UDPRED, yт̑̃|[g]c[
        6.8.1 2.2.x nJ[lł́AIPPORTFW T|[g IPMASQADM
        6.8.2 2.0.x nJ[lł IPPORTFW
     6.9 CU-SeeMe  Linux  IP }XJ[h
     6.10 ~rXЂ ICQ
     6.11 Q[}[ - LooseUDP pb`
  7. 悭鎿 (FAQ)
     7.1 IP }XJ[hT|[gĂ Linux fBXgr[V͂ǂłH
     7.2 IP }XJ[hg߂́An[hEFAɍŒKvȏ ĂBłǂȐ\o܂?
     7.3 rc.firewall R}hsuR}h܂v (command not found) ƂG[܂BȂł傤?
     7.4 ݒSă`FbN܂A IP }XJ[h𓮍삳 Ƃł܂Bǂ悢ł傤?
     7.5 IP }XJ[hE[OXg IP }XJ[hEJ [OXgɎQÃA[JCuɂ͂ǂΗǂł?
     7.6 IP }XJ[h́AvLV NAT T[rXƂǂႤ̂ł傤?
     7.7 GUI  t@CA[EH[쐬Ǘc[͂܂?
     7.8 IP }XJ[h͓IɊ蓖Ăꂽ IP AhXœ삵܂?
     7.9 P[uEf(oƃfE^[̗)A DSL, qNgpăC^[lbgɐڑA IP }XJ[h gƂł܂?
     7.10 Diald ܂ PPPd ̃_CAIf}h@\ IP }XJ[h ꏏɎgł傤?
     7.11 IP }XJ[hł́AǂȃAvP[VT|[gĂ܂?
     7.12 ǂ IP }XJ[h Redhat, Debian, Slackware  ғ邱Ƃł܂?
     7.13 ΂ΎgpĂȂ TELNET ڑ؂悤Ɍ܂B Ȃł傤?
     7.14 C^[lbgڑ悤ƂĂAŏ͐ڑł܂B xĂ݂ƁAȂ삵܂BȂł傤?
     7.15 ( MTU ) - IP }XJ[h͂܂삵Ă悤Ɍ܂B A̃TCgł͓삵܂B ́Aʏ WWW  FTP ŋN܂B
        7.15.1 PPP N MTU ̕ύX -
        7.15.2 Â UNIX ̃VAC^[tF[X -
        7.15.3 PPPoE [U -
        7.15.4 Linux:
        7.15.5 MS Windows 95 -
        7.15.6 MS Windows 98 -
        7.15.7 MS Windows NT 4.x
        7.15.8 MS Windows 2000
     7.16 IP }XJ[h FTP NCAg삵܂B
     7.17 IP }XJ[hx悤Ɍ܂B
     7.18 PORTFW  IP }XJ[hŎgĂ܂ACԑ҂Ԃ ȂƐ؂Ă܂܂B
     7.19 IP }XJ[h𓮂Ƃł܂ASYSLOG ̃Ot@C ނ̖ȒʒmG[󂯎Ă܂B IPFWADM  IPCHAINS ̃t@CAEH[G[ǂǂ߂΂悢ł傤?
     7.20 C^[lbg[Uڂɓ}XJ[hENCAgƘA 邱Ƃł悤 IP }XJ[hݒł܂?
     7.21 SYSLOG t@C "kernel: ip_masq_new(proto=UDP): no free ports."  bZ[W܂B ǂ̂ł傤?
     7.22 IPPORTFW gƂ "ipfwadm: setsockopt failed: Protocol not available" ƂG[o܂B
     7.23 ( SAMBA ) - Microsoft t@Cƃv^p (File and Print Sharing)  Microsoft hCNCAg IP }XJ[hœ삵܂B Microsoft  SMB vgRK؂ɃT|[gɂ́A IP }XJ[hE W[Kv܂A3 ̎s\ȕ@܂B ڍׂ AURL CDATA http://support.microsoft.com/support/kb/articles/q172/2/27.aspANAME CDATA this Microsoft KnowledgeBase article(HTMLURL)HTMLURL ĂB
     7.24 ( IDENT ) - IRC }XJ[hENCAg IRC [Uł܂ 삵܂B Ȃł傤?
     7.25 ( DCC ) - mIRC  DCC M삵܂B
     7.26 ( IP Aliasing ) - IP }XJ[h1̃C[Tlbg lbg[NJ[hœ삵܂?
     7.27 ( MULTI-LAN ) -  2 ̃}XJ[hꂽ LANĂ܂A݂͌ɒʐMł܂B
     7.28 ( SHAPING ) - ́Ã^CṽgtBbN̑x𐧌Ǝv܂B
     7.29 ( ACCOUNTING ) -  ͒Nlbg[NgpĂ邩ɂĊǗKv܂B
     7.30 ( MULTIPLE IPs ) -  ̊O IP AhXgāA̓}V PORTFW ̂łǂ̂悤ɂ̂ł傤B
     7.31 ̓}XJ[hꂽڑׁA NETSTAT R}h gƂ܂Aꂪ삵Ă܂B
     7.32 ( VPNs ) - Microsoft PPTP (GRE tunnels) ܂ IPSEC (Linux SWAN) gl IP }XJ[h ʂĎĝłB
     7.33 XYZ lbg[NEQ[ IP }XJ[h ʂĎĝłA ܂܂B!
     7.34 IP }XJ[h ͎b̊Ԃ͂܂삵܂B ǍA삵ȂȂ܂B ċNƎb̊Ԃꂪꂽ悤Ɍ܂B Ȃł傤?
     7.35 lbg[Ñ}XJ[hĂRs[^ SMTP  POP-3 [𑗂Ă܂!
     7.36 ( IPROUTE2 ) - ́AOɏo邽߂̈قȂO IP AhXAقȂ }XJ[hlbg[N̊eXɊ蓖ĂKv܂B
     7.37 ȂV 2.1.x y 2.2.x J[ĺAIPFWADM ̑ IPCHAINS ĝł?
     7.38 J[l 2.2.x ɃAbvO[hA IP }XJ[h ȂȂ܂BȂł傤?
     7.39 J[l 2.0.38 (邢͂ȍ~) ɃAbvO[hA IP }XJ[hȂȂ܂BȂł傤?
     7.40 EQL ڑ IP }XJ[hĝłB
     7.41 IP }XJ[h삵Ă܂! Windows vbgtH[ł̑I͂܂?
     7.42 IP}XJ[hJɋ͂̂łAł܂?
     7.43 IP }XJ[h̏񂪂Ɨ~̂łB
     7.44  HOWTO ʂ̌ɖ|󂵂̂łAǂ΂ł傤?
     7.45  HOWTO ͌ÂȂĂ悤Ɍ܂A܂ێ炵 ܂? ...ɊւǉĂ炦܂?  HOWTO P\͂܂?
     7.46 IP}XJ[h삵Ă܂B ͑f炵! ͂ȂɊӂ̂łAłł傤?

  8. ̑̏
     8.1 Lpȏ
     8.2 Linux IP }XJ[h̏
     8.3 ӎ
     8.4 Ql
     8.5 ύX_

  9. {ɂ

  ______________________________________________________________________

  1.  ͂߂

  1.1.  IP }XJ[h̊T

  ̕ł́ALinux zXg IP }XJ[hs@ɂĐ
  B IP }XJ[h̓lbg[NAhXϊAȂ킿 NAT ̈
  ŁAgƓlbg[ÑRs[^̌ȃC^[
  lbgAhXȂĂ Linux BOX ̂̃C^[lbg IP
  AhXgăC^[lbgɐڑł悤ɂȂ܂B}V
   Linux zXgƂ́AC[TlbgATokenRing, FDDI  LAN p
  @łȂA_CAbv ppp  SLIP NAFXȌ`ԂŐڑ
  邱Ƃ\łB̕ł͎ɁAłʓIȃC[Tlbgڑɂ
  Đ܂B

       ͈̕ŃJ[l 2.0.38 ȍ~܂ 2.2.1 ȍ~ IBM
       ݊ PC ŎgĂ郆[U[ɏĂ܂BJ[l
       1.2.x, 1.3.x Ȃǂ̌Âo[W 2.1.x ͈Ă܂B
       ܂J[l̃o[WɂĂ͓삵Ȃ̂邩m
       ܂B IP }XJ[hgOɁAŃJ[l̂ǂꂩ
       ɍXVĂĂBV 2.3  2.4 J[l
       NetFilter R[h͖Ă܂񂪁AQlׂ̈ URL L
       ڂĂ܂B NetFilter ̋@\ł܂AŐVR[hł
       g HOWTO ̒Ŏ舵Ă܂B

       A IP }XJ[h}bLgbVŎgƂĂ
       A Taro Fukunaga, tarozax@earthlink.net  E [𑗂
       āAނ HOWTO  Mklinux po[W̃Rs[
       ĂB

  1.2.  AtB[hobNƃNWbg

  ́A Linux J[l IP }XJ[hݒ肷邱Ƃ́AV[U
  ɂƂĂȂȂƂƂƂɋCt܂ (J[l 1.2.x 
  O̍̂Ƃł)B FAQ ⃁[OXg݂ĂɂS炸A
  ̓_ɉ͂Ȃ̂łB܂A[OXgɂ́A
  ̂悤 HOWTO ߂鐺x񂹂Ă܂BŎ́AV
  [U[̂߂̎肪ƂāA܂ƒm̂郆[U[ɕ
  Ă炤߂̒@ƂāA̕ƂŜłB
  ̏̕o]ǂȂƎvꂽAȂɂĂ
  BPĂƎv܂B

  ́̕A Ken Eves ɂ FAQ ƁAIP }XJ[h[OXg
  ɗꂽR̗LvȃbZ[Wɑ𕉂Ă܂B܂ IP }XJ
  [hݒ肵AŏIIɂ͂̕ƂȂbZ[W
  [OXgőĂꂽ Matthew Driver ɂ́AʂȊӂ̈ӂ
  \Ǝv܂Bŋ߁ADavid Ranch  HOWTO ł芮S
  邽߂ɂȂ̕ǉA܂B

  񂪊ԈĂAĂꍇɂ́AȂ[
  ambrose@writeme.com y dranch@trinnet.net ɑĂBȂ
  MdȃtB[hobŃAƂ HOWTO ɔf܂!

  y: {ɊւRǵA Linux JF Project <jf@linux.or.jp>
  肢܂Bz

   HOWTO ́Ał邾ZԂ IP }XJ[hg悤ɂ邽
  ߂ ȒPȃKChƂďꂽ̂łB David ̓eNjJC^[
  ͂܂񂩂A ͈̏̕ʓIłȂAqϐɌ
  Ă邱Ƃł傤B HOWTO  IP }XJ[hɊւŐV
  j[X́AX͓IɃeiXĂ IP }XJ[h
   <http://ipmasq.cjb.net/> web y[Wɂ܂B IP }XJ[h
  ɊւZpIȎ₪ꍇɂ́ADavid Ƀ[𑗂炸 IP }XJ
  [h[OXgɎQĂB}XJ[hɊւ̖w
  ǂ̓}XJ[h[Uɋʂ̖łA[OXg̒N
  PɉĂł傤BɃ[OXg̉񓚂̕A
  David ̉񓚂肸ƑłB

  ̍̕ŐVo[ẂAȉ̃TCgɂ܂B HTML ƃ|XgXN
  vg̃o[W܂B

  o  http://ipmasq.cjb.net/ - IP }XJ[h̏

  o  http://ipmasq2.cjb.net/ - IP }XJ[h̏񌹁E~[TCg

  o  The Linux Documentation Project

  o  Dranch's Linux page

  o  ̃[J~[TCgƂIP }XJ[h̏񌹁E~[TCg
     ̈ꗗ <http://ipmasq.cjb.net/index.html#mirror>QƂĂ
     B

  1.3.  Copyright & Disclaimer

  y: ͌̂̕܂܎܂Bz

  This document is copyright(c) 2000 David Ranch and it is a FREE
  document. You may redistribute it under the terms of the GNU General
  Public License.

  The information herein this document is, to the best of David's
  knowledge, correct.  However, the Linux IP Masquerade feature is
  written by humans and thus, there is the chance that mistakes, bugs,
  etc. might happen from time to time.

  No person, group, or other body is responsible for any damage on your
  computer(s) and any other losses by using the information on this
  document.  i.e.

       THE AUTHORS AND ALL MAINTAINERS ARE NOT RESPONSIBLE FOR ANY
       DAMAGES INCURRED DUE TO ACTIONS TAKEN BASED ON THE INFORMA-
       TION IN THIS DOCUMENT.

  ł̂ŁA{ɓ܂傤B

  2.  \m

  2.1.  IP }XJ[hƂ

  IP }XJ[h́A Linux ɂlbg[LO@\łȀ
  p̃t@CAEH[lbg[N[^Ɍ󂯂 1Α NAT
  (Network Address Translation: lbg[NAhXϊ) ƎĂ܂B
  ƂāA Linux zXg PPP C[TlbgɂăC^[lbgɐڑ
  ĂƂ܂傤B IP }XJ[h̓ Linux {bNX (PPP
  C[Tlbgɂ) ڑ "" Rs[^ɂC
  ^[lbg𗘗pł悤ɂ܂B Linux  IP }XJ[fBO
  ́A}VɊ蓖Ăꂽ IP AhXȂĂA}
  VC^[lbgɐڑł悤ɂ܂B

  }XJ[h́A }XJ[hQ[gEFCoRāASẴ}VB
  ăC^[lbgɃANZXł悤ɂ܂BC^[lbg̑
  }V́ASẴgtBbN͂ IP }XJ[h
  Linux T[oĝ̂ł悤Ɍ܂B̒ǉ@\ɉāA
  IP }XJ[h͔ɈSȃlbg[LO邽߂̓y
  ܂Bꂽt@CAEH[𔺂΁Aݒ肳ꂽ
  }XJ[hVXeƓ LAN ̃ZLeB󂷂Ƃ͂Ȃ
  Ȃł傤B

  }XJ[h 11  NAT vLVɂ@Ƃǂ̂悤Ɉ
  ̂Aƒm肽́A FAQ ̏  ``IP }XJ[h́AvLV
   NAT T[rXƂǂႤ̂ł傤?''  B

  2.2.  ݂̏

  IP }XJ[h͉N̊ԎgꑱĂALinux J[l 2.2.x ̒i
  Kɂ錻݁AƂĂnԂɂ܂B Linux J[l 1.3.x 
  AMASQ T|[ggݍ܂Ă܂BǍl⏤ƃx[X
  rWlXɂĎgADGȌʂ߂Ă܂B

  Web uEWOA TELNET, FTP, PING, TRACEROUTE ̈ʓIȃlbg
  [N̗ṕA IP }XJ[hł܂삵܂B FTP, IRC ƃA
  I[fBI (Real Audio) ̂悤ȑ̃R~jP[V͓K؂ IP
  MASQ W[[h΂܂삵܂BXg[~OI[fB
  Î悤ȑ̃lbg[NɓL̃vO ( MP3, True Speech Ȃ)
  lɓ삵܂B[OXg̉l̗DGȃ[U̓rfIc
  \tgEFAɂĂǂʂo܂B

  ƊÕC[Tlbglbg[N̊Ԃ 1 ̃lbg[NJ[
  h (NIC) ɂ IP }XJ[h𓮍삳邱Ƃ͂E߂ł܂Bڍ
  ɂĂ FAQ ̏͂ ``IP }XJ[h1̃C[Tlbglbg
  [NJ[hœ삵܂?''  ɂB

  ƂA芮SȃT|[gς݃\tgEFÄꗗ ``T|[gĂ
  NCAg\tgEGAƂ̑̐ݒ'' ̏͂ɂȂĂ
  B

  IP }XJ[h́A̗lXȈقȂ OS n[hEFAvbgtH[
  ɂĉғ 'NCAg}V' ɑ΂AT[oƂėǍDɓ삵
  B

  ȉɓ MASQ ꂽVXeł̐܂ -

  o  Unix:  Sun Solaris, *BSD, Linux, Digital UNIX, .

  o  Microsoft Windows 2000, NT (3.x  4.x), 95/98/ME, Windows for
     Workgroups (TCP/IP pbP[W܂)

  o  IBM OS/2

  o  MacTCP  Open Transport ̂ꂩғ Apple Macintosh
     MacOS }V

  o  pPbghCo NCSA Telnet pbP[W܂ DOS x[X̃VXe
     

  o  VAXen

  o  Linux  NT ғ Compaq/Digital Alpha

  o  AmiTCP  AS225-stack ܂ Amiga Rs[^

  ̃Xg͂܂܂܂BvɁA TCP/IP 𒝂 OS vbg
  tH[ł΁A IP }XJ[hƈꏏɎg͂Ȃ̂łB

  2.3.  IP }XJ[hLpȏꍇ

  o  C^[lbgɐڑꂽ Linux zXgA

  o   Linux box Ƀ[JTulbg TCP/IP ڑꂽRs[
     ^邩A

  o  Linux zXgɃfڑĂāÃRs[^ɐڑ
     PPP  SLIP T[oƂē삵A

  o    }V͌͌Ɋ蓖Ăꂽ IP AhX
      (Ȃ킿AvCx[g TCP/IP ԍ蓖ĂĂ)A

  o  Ėܘ_AȂǉ̌/ TCP/IP AhX ISP 
     肵A Linux [^ƂĐݒ肷邩͊O[^wׂ̗]
     ȂgƂȂA  }VC^[lbgɐڑ
     悤ɂ̂Ȃ΁B

  2.4.  IP }XJ[hpȏꍇ

  o  C^[lbgɐڑĂ}VX^hA Linux zXg
     ̏ꍇB (Ȃt@CAEH[\ẑ͗ǂlł)
     邢́A

  o   y: T[ołȂz NCAg}Vׂ̈ɂ IP
     AhX𕡐蓖ĂĂꍇAIP }XJ[h͕Kv܂B

  o  ĂA Linux g '^_' lDłȂAS
     Ƃ鍂ȏpc[gƂKƊ
     B

  2.5.  ǂ̂悤ɂ IP }XJ[h͓삷邩

  Ken Eves ɂIWi IP }XJ[h FAQ p܂ -

  ͂ƂȒPȍ\}ł -

     SLIP/PPP         +------------+                         +-------------+
     ISP            |  Linux     |         SLIP/PPP        | Anybox      |
    <---------- modem1|    #1      |modem2 ----------- modem3|             |
      111.222.121.212 |            |           192.168.0.100 |             |
                      +------------+                         +-------------+

  }ɂāA IP_MASQUERADING 𔺂 Linux box  Linux #1 Ƃ
  CXg[ĂA modem1 g SLIP  PPP ڑɂāA
  C^[lbgɐڑĂ܂B
  ̃}Vɂ̓pubN IP AhXƂ 111.222.121.212 蓖
  Ă܂B
  XɔM̃_CC SLIP  PPP ڑ󂯓邽߂
  modem2 ڑĂ܂B
  2 ̃VXe ( Linux ғĂKv͂܂) 
  Linux #1 box ֔ĂA SLIP  PPP ڑJn܂B
  ̃}V̓C^[lbgpubN IP AhX
  *蓖Ă܂*̂ŁAvCx[gAhX 192.168.0.100 
  p܂B(LQƁB)

  }XJ[hƃ[eBO̐ݒ肪K؂ł΁A}V "Anybox" 
  C^[lbgɒڐڑꂽ̂悤ɐU镑Ƃł܂
  (̗O͂܂)B

  Pauline Middelink ̈p -

  Linux #1 box  "ANYBOX" }ṼQ[gEFCƂĐݒ肳ĂȂ
  ȂȂƂYĂ͂Ȃ܂B (ŁAꂪftHg[gȂ̂A
  ͒PȂTulbgł͖̂ł͂܂B)

   "ANYBOX" ̂悤ɂłȂ̂ł΁A Linux }V͑SĂ
  [eBOꂽAhXɑ΂đ㗝 arp T|[g悤
  ݒ肳ׂłB

  ǂA㗝 arp ̃ZbgAbvƐݒ͈͂̈͊̕OłB

  ɂ̂ comp.os.linux.networking ̉ߋ̓e
  pŁALɍv悤ɖOAҏŴł -

     o ANYBOX  Linux }VQ[gEFCƋĂ܂B
     o }V ANYBOX ɁA PPP  SLIP ڑ Linux box 
       Q[gEFCł邱ƂĂ܂B
     o ANYBOX  Linux box ɃpPbg ͂A Linux box 
       pPbgɑ΂ĐV TCP/IP \[X|[gԍ蓖ĂāA
       pPbgwb_Ɏ IP AhXŁA IP
       AhXۑĂ܂B
       MASQ T[o͂ďCpPbg SLIP/PPP
       C^[tF[XʂăC^[lbg֑M܂B
     o pPbgC^[lbg  Linux box ɋAėA
       Linux ̓|[gԍɊ蓖Ă̂̈ł邩ׂ܂B
       ȂA MASQ T[o͌̃|[g IP AhX𓾂āA
       ߂ėpPbgwb_ɂ𕜌ÃpPbg
       ANYBOX ֑܂B
     o pPbg𑗂ꂽzXǵÄႢɑSCtȂł傤B

   IP }XJ[fBO̗ -

  T^Iȗ}Ɏ܂ -

      +----------+
      |          |  C[Tlbg
      | A-box    |::::::
      |          |.2   : 192.168.0.x
      +----------+     :
                       :      +----------+   PPP
      +----------+     :   .1 |  Linux   |   link
      |          |     :::::::| Masq-Gate|:::::::::::::::::::// C^[lbg
      | B-box    |::::::      |          |  111.222.121.212
      |          |.3   :      +----------+
      +----------+     :      (}XJ[h
                       :       Q[gEFC)
      +----------+     :
      |          |     :
      | C-box    |::::::
      |          |.4
      +----------+

      |                       |          |
      | <-lbg[N--> |          | <- Olbg[N ---->
      |                       |          |

  ̗ł́A4̃Rs[^VXeڑĂ܂B܂炭
  ̑ɁA}̂ƉEɃC^[lbgւ PPP ڑ񋟂zXg
  AĂɂ̉Eɂ͂Ȃ肵ƎvC^[
  lbg̃[gzXg݂邱Ƃł傤B Linux VXe masq-
  gate  IP }XJ[hsQ[gEFCŁA}V A-boxAB-box y
  C-box \lbg[NC^[lbgւ̐ڑs
  Blbg[N RFC-1918 ɂĊ蓖Ăꂽ̃vCx[g
  lbg[NAhẌ (̗ł 192.168.0.0) g܂B Linux
  box  TCP/IP AhX 192.168.0.1 Ȃ̃zXg͈ȉ̃Ah
  XĂ܂ -

  o  A-Box: 192.168.0.2

  o  B-Box: 192.168.0.3

  o  C-Box: 192.168.0.4

  3̃}V A-box AB-box y C-box TCP/IP bƂł΂ǂ
  ȃIy[eBOVXe삵ĂĂ\܂B OS  Windows
  95 A Macintosh MacTCP  OpenTransport ͕ʂ Linux box ȂǁAC
  ^[lbg̑̃}Vɐڑł̂łB쒆A}XJ[fB
  OVXe MASQ-gate ͂ڑ̑SĂ masq-gate g
  悤Ɍ悤ɕϊ܂BɃ}XJ[h́A}XJ[h
  ꂽڑ֖߂Ăf[^pāAM̃VXe֖߂
  ɏ܂BɂAlbg[ÑVXe̓C^[
  lbgւ̒ڌoH悤ɌAf[^}XJ[hĂ邱
  ͈ӎ܂B "ߓI" ڑƌĂт܂B

   - ȉɎgsbN̏ڍׂɂĂ ``悭鎿 (FAQ)'' 
   -

  o  NAT, MASQ ƃvLVT[oƂ̑_

  o  pPbgt@CAEH[̓

  2.6.  IP }XJ[h Linux 2.2.x Ŏg߂̕Kv

       ** ŐV̏ɂĂ IP }XJ[h̏
       <http://ipmasq.cjb.net/> QƂĂB **

  o  J[l 2.2.x \[X http://www.kernel.org/ \łB
      #1 - Linux 2.2.x J[l 2.2.16 ȑÕo[W TCP ڑ
     ɂă[g悳_A 2.2.11 ȑÕo[W
     ɂ IPCHAINS ̃tOe[VɃoO܂B̂߁A
     ̃o[Wŋ͂ IPCHAINS ̃[Zbg𓮍삳ĺA
     Uɑ΂ĖhłBJ[lCς݃o[WփAbvO[
     hĂB

      #2 - Redhat 5.2 ̂悤ȁÂV ``}XJ[hT
     |[gς݃fBXgr[V'' ́A Linux 2.2.x ɑΉĂ
     B DHCP, NetUtils ̃c[̓AbvO[h̕Kv܂B
     ڍׂ͂ HOWTO ɂ܂B

  o  [h\ȃJ[lW[AD܂ 2.1.121 ȍ~B
     http://www.pi.se/blox/modutils/index.html 
     ftp://ftp.ocs.com.au/pub/modutils/ \łB

  o  Linux NET-3-4 HOWTO
     <http://www.linuxdoc.org/HOWTO/NET3-4-HOWTO.html> y Network
     Administrator's Guide <http://www.linuxdoc.org/LDP/nag/nag.html>
     ĂTCP/IP lbg[N  LAN
     TrinityOS <http://www.ecst.csuchico.edu/~dranch/LINUX/index-
     linux.html#TrinityOS> ̃hLgׂĂĂB
     TrinityOS  Linux lbg[LOɂƂĂL͈͂ȃKCh
     B IP }XJ[hAZLeBA DNS, DHCP, Sendmail, PPP,
     Diald, NFS, IPSEC x[X VPN, ܂ptH[}X̏͂X
     ܂B 50 ȏ̏͂܂B

  o  Linux zXg̃C^[lbgւ̐ڑɊւẮAȉ̕ɂĈ
     Ă܂ - Linux ISP Hookup HOWTO
     <http://www.linuxdoc.org/HOWTO/ISP-Hookup-HOWTO.html>, Linux PPP
     HOWTO <http://www.linuxdoc.org/HOWTO/PPP-HOWTO.html>, TrinityOS
     <http://www.ecst.csuchico.edu/~dranch/LINUX/index-
     linux.html#TrinityOS>, Linux DHCP mini-HOWTO
     <http://www.linuxdoc.org/HOWTO/mini/DHCP/index.html>, Linux Cable
     Modem mini-HOWTO <http://www.linuxdoc.org/HOWTO/Cable-
     Modem/index.html> 
     http://www.linuxdoc.org/HOWTO/mini/ADSL.html
     <http://www.linuxdoc.org/HOWTO/mini/ADSL.html>

  o  IPCHAINS 1.3.9 ȍ~̃o[W
     http://netfilter.filewatcher.org/ipchains/ \łB
     o[W̕KvɊւXȂɊւẮAŐV IPCHAINS
     HOWTO  Linux IP Firewalling Chains page
     <http://netfilter.filewatcher.org/ipchains/> 瓾܂B

  o  VJ[l̐ݒARpCyуCXg[̃mEnE Linux
     Kernel HOWTO <http://www.linuxdoc.org/HOWTO/Kernel-HOWTO.html> ɏ
     Ă܂B

  o  ̑X̋@\tI IP }XJ[hc[͈ȉ
     _E[hĎgpł܂ -

     o  TCP/IP |[gtH[_̓_CN^ -

        o  IP |[gtH[fBO (IPMASQADM) - E
           <http://juanjox.kernelnotes.org/> ͔ނ̌Â ~[ B

     ICQ MASQ W[

     o  Andrew Deryabin  ICQ MASQ W[

     PORTFW FTP \[V(@) -

     o  }XJ[hꂽ}V FTP |[gtH[fBO邽
        ́A2.2.x  2.0.x ̗̃J[l MASQ W[̖
        @܂Bڍׂ IP }XJ[h̏񌹂̃AvP[V
        y[WB

     o  SuSe ɁA FTP T[oɓBׂ̃|[gtH[fBO
        @\񋟂銮S FTP vLVAvP[V
        Bڍׂ SuSe Proxy URL B

     ^ 1  1 NAT ׂ̈ IPROUTE2, |V[x[X (M) [eB
     OA gtBbNVFCsO -

     o  ftp://ftp.inr.ac.ru/ip-routing

     o   http://www.compendium.com.ar/policy-routing.txt 
        \łB

     o  Advanced Routing HOWTO

     o

        \[XR[h̃~[͈ȉɂ܂ -

        ftp://linux.wauug.org/pub/net
        ftp://ftp.nc.ras.ru/pub/mirrors/ftp.inr.ac.ru/ip-routing/
        ftp://ftp.gts.cz/MIRRORS/ftp.inr.ac.ru/
        ftp://ftp.funet.fi/pub/mirrors/ftp.inr.ac.ru/ip-routing/ (STM1
        to USA) ftp://sunsite.icm.edu.pl/pub/Linux/iproute/
        ftp://ftp.sunet.se/pub/Linux/ip-routing/
        ftp://ftp.nvg.ntnu.no/pub/linux/ip-routing/
        ftp://ftp.crc.ca/pub/systems/linux/ip-routing/
        ftp://ftp.paname.org (France) ftp://donlug.ua/pub/mirrors/ip-
        route/ ftp://omni.rk.tusur.ru/mirrors/ftp.inr.ac.ru/ip-routing/

        RPM pbP[W ftp://omni.rk.tusur.ru/Tango/ 
        ftp://ftp4.dgtu.donetsk.ua/pub/RedHat/Contrib-Donbass/KAD/ 
        \łB

     ڍׂȏƂ̑pb` IP }XJ[h̏
     <http://ipmasq.cjb.net/> B

  2.7.  IP }XJ[h Linux 2.3.x y 2.4.x Ŏg߂̕Kv

       ** ŐVɂĂ IP }XJ[h̏
       <http://ipmasq.cjb.net/> QƂĂB **

  o  ݁AŐV 2.3.x y 2.4.x J[l NetFilter ƌĂ΂SV
     VXeĂ܂ ( 2.2.x J[lɂ IPCHAINS 
     Ă܂)BKA IPCHAINS ւ̈ڍs̎Ƃ͈قȂAV
     NetFilter c[́A IPCHAINS  IPFWADM ̕@*S*K
     łJ[lW[Ă̂ŁAÂXNvg
     Kv͂܂BāAǂقǂȂǧÂ[Zbg
     ̗ǂɈˑĂƂĂA邱Ƃɂ̗
     _ (Xs[hAV@\) ܂B[U[ɑ̏_Ə
     ̋@\񋟂Å{݌vIȕύXAVR[hɂ
     炳܂B

     V@\̒ɂ͂Ȏ^ۗ_܂ł̂܂ -

     ^ӌ -

     o

     o  TCP/IP Tulbgɐ^ 1:1 NAT @\񋟂܂B

     o  rgC^Cṽ|[gtH[fBO͂͂ IPMASQADM K
        vƂ܂B

     o  VrgC^Cṽ|[gtH[fBO@\́AOƓ
        ̃gtBbN̗ɑ΂ē삵܂B̂Ƃ͊OgtBb
        N PORTFW gA_CNV REDIR gĂ
        [U[ɂƂāA͂₱̓̃c[gKvȂƂ
        ܂B

     o  SɃ|V[x[X̃[eBO@\ (\[Xx[X TCP/IP A
        hX[eBO) B

     o  荂ȃpPbgtH[fBO\ Linux FastRoute @\
        Ƃ̌݊ ( Linux lbg[NXCb`OƂĒmĂ܂)
        B

     o  TCP/IP v4, v6,  DECnet łSɃT|[g܂B

     o  PPP0, PPP1, w ppp* ̂悤ȃChJ[hC^[tF[X
        T|[g܂B

     o  input  output ̗̃C^[tF[Xɑ΂ătB^O
        T|[g܂B

     o  C[Tlbg MAC tB^OB

     o  T[rXs\U (DoS: Denial of Service) pPbg[g̐B

     o  ƂĂVvŔėpIȏԌ@\

     o  pPbg REJECT ͌݃[U[I\ ICMP bZ[W̕ԓ
        T|[g܂B

     o  ύX\ȃMOx (قȂpPbgقȂ SYSLOG x
        Bł܂)
     Έӌ -

     o

     o  Netfilter ͑SVA[LeN`AwǑSĂ̌Â MASQ
        J[lW[͏Kv܂BȂ킿A FTP 
        W[̓Abvf[g܂Aȉ̃W[͏
        ςł܂:

        ip_masq_cuseeme.o  ip_masq_icq.o  ip_masq_quake.o
        ip_masq_user.o ip_masq_irc.o  ip_masq_raudio.o
        ip_masq_vdolive.o

        ̈ڐAǂ邩ɂĂ̕
        http://netfilter.kernelnotes.org/unreliable-guides/netfilter-
        hacking-HOWTO-5.html
        <http://netfilter.kernelnotes.org/unreliable-guides/netfilter-
        hacking-HOWTO-5.html> ɂ܂BԂ܂A
        ڐA邱ƂłȂ̍˔\͍]邱Ƃł傤B

     ̃o[W HOWTO ł́A Netfilter ̓Jo[Ă܂BU
     Netfilter ̓Œ肳΁A -- HOWTO ɒǉ邩AV
      HOWTO ɏł傤B܂ł́AȉɎ Netfilter ̕
     ւ̃NQƂĂBł́AV Netfilter R[h
     ́A IPCHAINS [UpݒƃguV[eBO 95%
     ̂LłĂ܂Bł̂ŁA HOWTO ͖ Netfilter
     ɂt@CAEH[ NAT [U[ɂƂĂɓK؂łB

     http://netfilter.filewatcher.org/unreliable-guides/index.html 
     Ăڍׂɂ http://netfilter.filewatcher.org/unreliable-
     guides/NAT-HOWTO.html ǂB

  ڍׂȏƂ̑pb` IP }XJ[h̏
  <http://ipmasq.cjb.net/> B

  2.8.  IP }XJ[h Linux 2.0.x Ŏg߂̕Kv

       ** ŐV IP }XJ[h̏
       <http://ipmasq.cjb.net/> QƂĂB **

  o  ^ȃRs[^n[hEFABڍׂ ``n[hEFA
     FAQ'' ̏͂QƂĂB

  o  http://www.kernel.org/ \ 2.0.x ̃\[XB
     (Redhat 5.2 ̂悤ȁA̍ŋ߂ Linux  ``}XJ[hT|[g
     ς݃fBXgr[V'' ́ARpC IP }XJ[hJ[l
     W[܂ł܂B̂悤ȏꍇAV Linux J[l
     RpCKv͂܂BAJ[lAbvO[h
     ȂAɐVȃvOKvƂ邩A̓AbvO[hK
     v邱Ƃӎׂł傤B ( HOWTO ɂČq
     B)

  o  [h\ȃJ[lW[AD܂ 2.1.85 
     ~Bhttp://www.pi.se/blox/modutils/index.html 
     ftp://ftp.ocs.com.au/pub/modutils/ \łB
     (Œł modules-1.3.57 ͕KvłB)
  o  Linux NET-3-4 HOWTO <http://www.linuxdocs.org/NET3-4-HOWTO.html> y
      Network Administrator's Guide
     <http://www.linuxdoc.org/LDP/nag/nag.html> ňAғĂA
     TCP/IP lbg[NB
     ܂ TrinityOS <http://www.ecst.csuchico.edu/~dranch/LINUX/index-
     linux.html#TrinityOS> ׂĂĂB TrinityOS 
     Linux lbg[LOɂƂĂL͈͂ȃKChłB IP }XJ
     [hAZLeBA DNS, DHCP, Sendmail, PPP, Diald, NFS, IPSEC
     x[X VPN, ܂ptH[}X̏͂X܂B 50 ȏ
     ͂܂B

  o  Linux zXg̃C^[lbgւ̐ڑɊւẮAȉ̕ɂĈ
     Ă܂: Linux ISP Hookup HOWTO
     <http://www.linuxdoc.org/HOWTO/ISP-Hookup-HOWTO.html>, Linux PPP
     HOWTO <http://www.linuxdoc.org/HOWTO/PPP-HOWTO.html>, TrinityOS
     <http://www.ecst.csuchico.edu/~dranch/LINUX/index-
     linux.html#TrinityOS>, Linux DHCP mini-HOWTO
     <http://www.linuxdoc.org/HOWTO/mini/DHCP/index.html>, Linux Cable
     Modem mini-HOWTO <http://www.linuxdoc.org/HOWTO/Cable-
     Modem/index.html>  Linux ADSL mini-HOWTO
     <http://www.linuxdoc.org/HOWTO/mini/ADSL.html>

  o  Ipfwadm 2.3 ȍ~
     ftp://ftp.xos.nl/pub/linux/ipfwadm/ipfwadm-2.3.tar.gz \
     łB
     Kvȃo[WɊւڍׂȏ Linux IPFWADM page
     <http://www.xos.nl/linux/ipfwadm/> ɂ܂B

     o   2.0.38+ J[l IPCHAINS 𓮍삳邱Ƃɋ
        ȂA Willy Tarreau  2.0.36 p IPCHAINS Cl[u
        <http://www-miaif.lip6.fr/willy/pub/linux-patches/>  Rusty
         2.0.x J[lp IPCHAINS QƂĂB

  o  VJ[l̐ݒARpCyуCXg[̃mEnE Linux
     Kernel HOWTO <http://www.linuxdoc.org/HOWTO/Kernel-HOWTO.html> ɏ
     Ă܂B

  o  ̑X̋@\tI IP }XJ[h̃pb`͈ȉ
     _E[hēKpł܂ -

     o  TCP/IP |[gtH[_̓_CN^ - ̃c[ŁA
        MASQ Ԃœ삳vO MASQ T[ǒ둤ŉғ
        邱Ƃł܂BɉāA MASQ T[oC^[lbg
        [U[ WWW, TELNET, SMTP, FTP (pb`Kv) ̃T[
        oɐڑł悤ɐݒł܂Bڍׂ͂ HOWTO  ``tH[
        _ (|[g]c[)'' ̏͂Bȉ 2.0.x J[l
        p IP }XJ[h̃pb`̈ꗗł -

        o  Steven Clarke  IP |[gtH[fBO (IPPORTFW) - 
           E

        o  IP I[gtH[h y ~[
           <ftp://ftp.netis.com/pub/members/rlynch/ipautofw.tar.gz>
           (IPAUTOFW) - E߂܂

        o  _CN^ <http://ipmasq.cjb.net/redir_0.7.orig.tar.gz>
           TCP p (REDIR) - E߂܂

        o  UDP _CN^ (UDPRED) - E߂܂

        |[gtH[h FTP -

        o  FTP gtBbN FTP T[o֓]ȂAFred
           Viles  FTP T[opb` ( HTTP oR)  Fred Viles 
           FTP T[opb` ( FTP oR) _E[hKv
           傤Buł傤vƏqׂ̂ɂ͖󂪂܂āAꕔ̃[
           U̓pb`KpꂽJ[lW[Ăꍇ
           邩łB̘bɊւڍׂ͂ HOWTO  ``tH[_
           (|[g]c[)'' ̏͂B

        X-Window fBXvCtH[_ -

        o  X-windows tH[fBO (DXCP)
           <ftp://sunsite.unc.edu/pub/Linux/X11/compress/dxpc-3.7.0.tar.gz>

        ICQ MASQ W[

        o  Andrew Deryabin  ICQ MASQ W[

        PPTP (GRE) y SWAN (IPSEC) VPN glOtH[_ -

        o  John Hardin  VPN }XJ[htH[_ ͈ȉ̌Â
           pb` PPTP T|[g
           <http://ipmasq.cjb.net/ip_masq_pptp.patch.gz>

        Q[L̃pb`:

        o  Glenn Lamb  2.0.36+ p LooseUDP
           <ftp://ftp.netcom.com/pub/mu/mumford/loose-
           udp-2.0.36.patch.gz> pb`B

           ꕔ WWW uEU͂ .gz t@CIɉ𓀂邱
           ɒӂĂB̃t@C_E[hۂ
           ́ASHIFT L[ȂL URL NbNĂB

           ڍׂ Dan Kegel  NAT Page
           <http://www.alumni.caltech.edu/~dank/peer-nat.html> ׂ
           ĂBXȂ ``Q[NCAg'' ̏͂ ``
           悭鎿 (FAQ)'' ̏͂ł܂B

     Lpb`yт̑̏ڍׂ IP }XJ[h̏
     <http://ipmasq.cjb.net/> ɂēł܂B

  3.  IP }XJ[h̐ݒ

       vCx[glbg[Nɏdvȏ񂪂ꍇɂ́A IP }
       XJ[hOɁAZLeB̊ϓ_TdɌ
       ĂBӂƁA IP }XJ[h͂ȂC^[
       lbg֏očsQ[gEFCɂȂ܂AƋɊO̐
       EɂNȂ̃lbg[NɐNQ[gEFCƂ
       ȂĂ܂̂łB

       ЂƂ IP }XJ[h@\ݒ肷Ȃ΁A͂
       IPFWADM/IPCHAINS ɂt@CAEH[̃[Zbg
       邱ƂE߂܂Bڍׂ͌q `` IPFWADM 
       [Zbg'' y `` IPCHAINS ̃[Zbg'' ̏͂
       B

  3.1.  IP }XJ[hgݍ񂾃J[l̃RpC

       g Linux fBXgr[VAɉL̕Kvȋ@
       \̑SĂT|[gĂāc -

       o  IPFWADM/IPCHAINS

       o  IP tH[fBO

       o  IP }XJ[fBO

       o  IP t@CAEH[O

       o  ̑

          đSĂ MASQ Ɋ֌W郂W[RpC
           (̃W[J[l͕KvƂSĂ܂܂
          Ă邱Ƃł傤) ȂAJ[lăRpCKv
          ͂܂BȂ̎gp Linux fBXgr[V
           MASQ @\𑕔ĂƎMĂȂȂA ``}X
          J[hT|[gς݃fBXgr[V'' ̏͂QƂ
          ĂB̃XgMpłȂAȂ̎gp
          fBXgr[VXgɂȂȂAȉ̃eXg
          Ă݂Ă -

       o  Linux box ɃOCāAR}h "ls
          /proc/sys/net/ipv4" sĂ݂ĂB

       o  R}h̕\ʂ̒ "ip_forward", "ip_masq_debug",
          "ip_masq_udp_dloose"(C), y "ip_always_defrag"(C)
          邩mFĂB

          炪΁AȂ̃J[lɂ̓}XJ[h@\
          Ă܂B

       Ȃ̎gpfBXgr[VW IP }XJ[
       fBOT|[gĂɂ炸Lt@C
       ȂꍇA}XJ[h@\̓T|[gĂȂƐ
       𓾂܂B̏ꍇcJ[lRpCȂ΂Ȃ
       BłASzBȂłB

       WŃT|[gĂ邩ۂɂ炸Ȁ̗͂͑Lp
       ȏ܂ł܂̂ŁAǂނƂE߂܂B

  3.1.1.  Linux 2.2.x J[l

  KvƂ\tgEFApb` ``2.2.x J[l̕Kv'' ̏
  B

  o  ܂ɁA 2.2.x ̃J[l\[XKvłB (]܂ 2.2.16
     ȍ~̍ŐṼJ[lǂłB)

      #1 - 2.2.16 ȑO Linux 2.2.x J[lɂ́A TCP ڑɂ
     ă[g悳_A 2.2.11 ȑÕo[Wɂ
     IPCHAINS ̃tOe[VɃoO܂B̂߁A͂
     IPCHAINS ̃[Zbg𓮍삳悤ƂĺAUɑ΂
     hłBȂ̃J[lCς݃o[WփAbvO[h
     ĂB

      #2 - 2.2.x J[lꑱꂽʁARpC̃I
     vVϖeĂ܂B̃o[W̕ɂāA
     ͂̓J[l 2.2.15 ̐ݒe𔽉fĂ܂Bg̃J[
     lƌÂo[W̏ꍇłƁA_CAO̕\͈Č
     ł傤BV@\萫炷ŐVo[W̃J[lւ
     AbvO[hE߂܂B

  o  J[l̃RpC߂ĂłA邱Ƃ͂܂B̏
     ȂȒPłA ``2.2.x J[l̕Kv'' ̏͂Ŏ
     URL łĂ܂B

  o  ̃R}hɂăJ[l\[X /usr/src/ fBNg֓WJĂ
      - tar xvzf linux-2.2.x.tar.gz -C /usr/src ŁA2.2.x 
     "x"  Linux 2.2 J[ľ݂̃o[Wio[łB܂
     A /usr/src/linux/ ƂfBNg邩A܂̓V{b
     NNĂ邱ƂmFĂB

  o  KȁA͔Cӂ̃pb`J[l\[XR[hɓĂĂB
     J[l 2.2.1 ̎_ł́A IP Masq ғׂ̓ȃpb`
     ͕svłB PPTP y Xwindow ̃tH[fBŐ@\̓IvV
     łB ``2.2.x J[l̕Kv'' ̏͂ɂ URL IP }XJ[
     h̏񌹂ɂŐVƃpb` URL QƂĂB

  o  ȉɃJ[lRpCۂɍŒKvȃIvVL
     BCXg[ꂽlbg[NC^[tF[Xlɐݒ肷
     Kv܂BJ[lRpC@̏ڍׂɂẮA
     Linux Kernel HOWTO <http://www.linuxdoc.org/HOWTO/Kernel-
     HOWTO.html> ƁAJ[l\[XfBNg README t@CQ
     ĂBy: JFɂ Kernel-HOWTO ̓{܂B
     <http://www.linux.or.jp/JF/JFdocs/Kernel-HOWTO.html> ܂A Debian
     GNU/Linux ł́A fakeroot  kernel-package ƂpbP[W𓱓
     邱ƂŁAJX^J[l̍쐬ʃ[Ũz[fBNg
     zŁAȒPɂł悤ɂȂĂ܂BAA̕Ŏ
     make menuconfig  make xconfig ̓e͋ʂłBz

     ȉ YES or NO ̑I ɒӂĂBSẴIvV͂
     HOWTO ɂČq鐳J[lpb`ȂāALƂ͌܂
     B

    * JsSȃR[h/hCo\ (CONFIG_EXPERIMENTAL) [Y/n/?]
      - YES: IP MASQ ̂ł͕KvȂǂÃIvV MASQ
      W[̍쐬ƃ|[gtH[fBO܂B

    -- }XJ[hɖ֌W̃IvV΂܂ --

    * [_uEW[gp\ɂ܂ (CONFIG_MODULES) [Y/n/?]
      - YES: ŃJ[l IP MASQ ̃W[g悤ɂȂ܂B

    -- }XJ[hɖ֌W̃IvV΂܂ --

    * lbg[ÑT|[g (CONFIG_NET) [Y/n/?]
      - YES: lbg[NTuVXeLɂ܂B

    -- }XJ[hɖ֌W̃IvV΂܂ --

    * Sysctl T|[g (CONFIG_SYSCTL) [Y/n/?]
      - YES: tH[fBOA_Ci~bN IP A[Y UDP ̃IvV
      L/ɂ܂B

    -- }XJ[hɖ֌W̃IvV΂܂ --

    * pPbgE\Pbg (CONFIG_PACKET) [Y/m/n/?]
      - YES: ͔CӂłAIP MASQ ɓZ邠fobO
      邽߂ TCP DUMP g悤ɂۂɕKvȋ@\łB

    * J[l^[U lbg[NENE\Pbg (CONFIG_NETLINK) [Y/n/?]
      - YES: ͔CӂłAoH񓙂̍xȃt@CAEH[
      _̋L^̂ɖ𗧂܂B

  y: ́̕Aۂ́uJ[l^[U lbg[NENEhCo
  (Kernel/User network link driver) vƂȂĂ܂Bz

    * [eBOEbZ[W (CONFIG_RTNETLINK) [Y/n/?]
      - NO:  ̃IvV̓pPbgt@CAEH[̋L^邱ƂƂ
      ֌WłB

    -- }XJ[hɖ֌W̃IvV΂܂ --

    * t@CAEH[@\ (CONFIG_FIREWALL) [Y/n/?]
      - YES: J[l IPCHAINS t@CAEH[c[ɂݒ肪ł
      悤ɂ܂B

    * \Pbgł̕ (CONFIG_FILTER) [Y/n/?]
      - C:  IPMASQ Ɩ֌WłAlbg[N DHCP T[o
      ȂÃIvVKvɂȂ܂B

    * Unix hCE\Pbg (CONFIG_UNIX) [Y/m/n/?]
      - YES:  UNIX TCP/IP \Pbg@\Lɂ܂B

    * TCP/IP lbg[LO (CONFIG_INET) [Y/n/?]
      - YES: TCP/IP vgRLɂ܂B

    -- }XJ[hɖ֌W̃IvV΂܂ --

    * IP: @\[^ (CONFIG_IP_ADVANCED_ROUTER) [Y/n/?]
      - YES: ȍ~̍@\ MASQ IvV̐ݒ肪LɂȂ܂B

    * IP: |V[[eBO (CONFIG_IP_MULTIPLE_TABLES) [N/y/?]
      - NO: MASQ ł͕svłA TCP/IP MAhXp邩A
       TOS (Type-Of-Service) lp郋[eBO̍@\
      KvƂl͂̃IvVKvłB

    * IP: RXgdpX (CONFIG_IP_ROUTE_MULTIPATH) [N/y/?]
      - NO: ʏ MASQ @\ɂ͕svłB

    * IP: oHƂ TOS lgp (CONFIG_IP_ROUTE_TOS) [N/y/?]
      - NO: ʏ MASQ @\ɂ͕svłB

    * IP: 璷ȌoHĎ (CONFIG_IP_ROUTE_VERBOSE) [Y/n/?]
      - YES:
      IP AhX̂pPbgjAOL^郋[eBO
      R[hgۂɂ͕֗ł (E߂܂) B

    * IP: 傫ȃ[eBOe[u (CONFIG_IP_ROUTE_LARGE_TABLES) [N/y/?]
      - NO: ʏ MASQ @\ɂ͕svłB

    * IP: J[lx̎\ (CONFIG_IP_PNP) [N/y/?] ?
      - NO: ʏ MASQ @\ɂ͕svłB

    * IP: t@CAEH[ (CONFIG_IP_FIREWALL) [Y/n/?]
      - YES: t@CAEH[@\Lɂ܂B

    * IP: t@CA[EH[̃pPbgElbgNEfoCX (CONFIG_IP_FIREWALL_NETLINK) [Y/n/?]
      - C: CӂłA̋@\ IPCHAINS Rs[pPbg
      [UԂ̃vOɓnă`FbN邱Ƃ܂B

    * IP: ߃vLṼT|[g (CONFIG_IP_TRANSPARENT_PROXY) [N/y/?]
      - NO: ʏ MASQ @\ɂ͕svłB

  y: ́̕Aۂ́uvLV (IP: transparent proxying)v
  ƂȂĂ܂Bz

    * IP: }XJ[fBO (CONFIG_IP_MASQUERADE) [Y/n/?]
      - YES: lbg[N TCP/IP pPbgOlbg[N
      ̂ɏA IP }XJ[hLɂ܂B

    * IP: ICMP }XJ[fBO (CONFIG_IP_MASQUERADE_ICMP) [Y/n/?]
      - YES: ICMP ping pPbg̃}XJ[fBO܂
      (ICMP ̃G[R[h́ÃIvV̐ݒɊ֌WȂ}XJ[h
      ܂)B
      ڑ̃guV[eBOɕK{̋@\łB

    * IP: }XJ[fBOpꃂW[̃T|[g (CONFIG_IP_MASQUERADE_MOD) [Y/n/?]
      - YES: łCӂłB
      ̃IvV́Aȍ~̃IvVŊÕlbg[N
      Rs[^ MASQ ꂽlbg[Ñ}Vm𒼐ړI
      ɐڑ TCP/IP |[gtH[fBOLɂ̂łB

    * IP: ipautofw }XJ[h̃T|[g(EXPERIMENTAL) (CONFIG_IP_MASQUERADE_IPAUTOFW) [N/y/m/?]
      - NO:  IPautofw  |[gtH[fBǑÂ@łB
      wǂÂR[hŐ߂A̖_Ă܂B
      E*܂*B

  y:  ipautofw masq support ƂȂĂ܂Aۂ
  ipautofw masquerade support ƂȂĂ܂Bz

    * IP: ipportfw }XJ[hET|[g (EXPERIMENTAL) (CONFIG_IP_MASQUERADE_IPPORTFW) [Y/m/n/?]
      - YES:
      Õlbg[ÑRs[^ MASQ ꂽlbg[N
      ̃}Vm𒼐ړIɐڑ IPPORTFW Lɂ܂B
      TA̋@\͓ SMTP, TELNET, y WWW T[oւ̃ANZX
      ɗp܂B
      FTP |[gtH[fBO͂ MASQ HOWTO  FAQ ̏͂ɏڏq
      Ăǉ̃pb`KvłB
      |[gtH[fBOɊւڍׂȏ́A HOWTO 
      tH[h̏͂ɂ܂B

  y: ł EXPERIMENTAL łAۂ̓J[l 2.2.0 ȍ~A
  EXPERIMENTAL Ă܂Bz

    * IP: ip fwmark }XJ[hEtH[fBOET|[g (EXPERIMENTAL) (CONFIG_IP_MASQUERADE_MFW) [Y/m/n/?]
      - C:   PORTFW ̐V@łB
      ̃IvVɂāA IPCHAINS ͍XȂ铭LɂȂA
      pPbgɈt悤ɂȂ܂B
      IPMASQADM  IPPORFW ̃[Uԃc[pāAIPCHAINS
      ͎IɃpPbg̃AhX܂B
      ł́A PORTFW ̓eXgĂ܂񂪁AMłł傤B
      ݁A IPMASQADM y IPPORTFW ̎gpĂ܂B
       MFW ɍlłA[肢܂B

  y: ۂ IP: ipmarkfw masquerade support ƁA forwarding 
  Ă܂Bz

    * IP: zXgł͂Ȃ[^ƂčœK (CONFIG_IP_ROUTER) [Y/n/?]
      - YES: ̓J[llbg[NTuVXëׂɍœK
      ܂AɂăptH[}XɏdȉeyڂƂ
      F߂܂B

    * IP: glO (CONFIG_NET_IPIP) [N/y/m/?]
      - NO: ̔Cӂ̑I IP }XJ[hʂ IPIP gl
      ׂ̈ɂ܂B
      glO/VPN @\]݂ȂA GRE  IPSEC gl
      gpE߂܂B

    * IP: IP z GRE gl (CONFIG_NET_IPGRE) [N/y/m/?]
      - NO: ̔Cӂ̑ÍA IP MASQ {bNXʂ PPTP GRE
      glׂɂ܂B

    -- }XJ[hɖ֌W̃IvV΂܂ --

    * IP: TCP syn NbL[̃T|[g (ftHgł͖) (CONFIG_SYN_COOKIES) [Y/n/?]
      - YES: {I TCP/IP lbg[NZLeBׂ̈ɋE߂܂B

  y: ۂ SYN flood protection (SYN U̖h)
  Ƃ̂ɂȂĂ܂Bz

    -- }XJ[hɖ֌W̃IvV΂܂ --

    * IP: EBhE傫܂ ( 16 MB ̏ꍇ͊߂܂) (CONFIG_SKB_LARGE) [Y/n/?]
      - YES:  Linux  TCP EBhEœKׂɂE߂܂B

    -- }XJ[hɖ֌W̃IvV΂܂ --

    * lbg[NfoCX̃T|[g (CONFIG_NETDEVICES) [Y/n/?]
      - YES: Linux lbg[NfoCXwLɂ܂B

    -- }XJ[hɖ֌W̃IvV΂܂ --

    * lbg[Np_~[hCõT|[g (CONFIG_DUMMY) [M/n/y/?]
      - YES: CӂłÃIvṼ͖fobO܂B

    == lbg[NJ[h̃T|[gRpCYȂł!! ==

    -- }XJ[hɖ֌W̃IvV΂܂ --

    == f PPPoE DSL f̕ PPP/SLIP ̃T|[g
    RpCYȂłB ==

    -- }XJ[hɖ֌W̃IvV΂܂ --

    * /proc t@CVXẽT|[g (CONFIG_PROC_FS) [Y/n/?]
      - YES: Linux lbg[NtH[fBOLɂׂɕKvłB

   -  IP }XJ[ḧׂɕKvȗvfłBȂ̃VX
  eɓLȁA̐ݒ荀ڂIKv܂B

  o  J[lRpCAȉ̂悤 IP MASQ W[Rp
     CāACXg[Ă -

         make modules; make modules_install

  o  ɁAu[g IP }XJ[hW[ǂݍ܂A IP MASQ 
     IɗLɂׂɁA /etc/rc.d/rc.local ɉsǉ܂ -

               .
               .
               .
               #rc.firewall script - Start IPMASQ and the firewall
               /etc/rc.d/rc.firewall
               .
               .
               .

  3.1.2.  Linux 2.0.x J[l

  KvƂ\tgEFApb` ``2.0.x J[l̕Kv'' ̏
  B

  o  ܂ɁAJ[l\[XKvłB (]܂ 2.0.38 ȍ~̍
     ṼJ[lǂłB)

  o  J[l̃RpC߂ĂłA邱Ƃ͂܂B̏
     ȂȒPłA ``2.0.x J[l̕Kv'' ̏͂Ŏ
     URL łĂ܂B

  o  ̃R}hɂăJ[l\[X /usr/src/ fBNg֓WJĂ
      - tar xvzf linux-2.0.x.tar.gz -C /usr/src ŁA2.0.x 
     "x"  Linux 2.0 J[ľ݂̃o[Wio[łB܂
     A /usr/src/linux/ ƂfBNg邩A܂̓V{b
     NNĂ邱ƂmFĂB

  o  KȁA͔Cӂ̃pb`J[l\[XR[hɓĂĂB
     J[l 2.0.36 ̎_ł́A IP Masq ғׂ̓ȃpb`
     ͕svłB IPPORTFW, PPTP y Xwindow ̃tH[fBŐ@\
     IvVłB ``2.0.x J[l̕Kv'' ̏͂ɂ URL IP
     }XJ[h̏񌹂ɂŐVƃpb` URL QƂĂ
     B

  o  ȉɃJ[lRpCۂɍŒKvȃIvVL
     BCXg[ꂽlbg[NC^[tF[Xlɐݒ肷
     Kv܂BJ[lRpC@̏ڍׂɂẮA
     Linux Kernel HOWTO <http://www.linuxdoc.org/HOWTO/Kernel-
     HOWTO.html> ƁAJ[l\[XfBNg README t@CQ
     ĂBy: JFɂ Kernel-HOWTO ̓{܂B
     <http://www.linux.or.jp/JF/JFdocs/Kernel-HOWTO.html> z

     ȉ YES or NO ̑I ɒӂĂBSẴIvV͂
     HOWTO ɂČq鐳J[lpb`ȂāALƂ͌܂
     B

    * JsSȃR[h/hCo\ (CONFIG_EXPERIMENTAL) [Y/n/?]
      - YES: ̃IvV IP }XJ[h@\̃R[hI
      ł悤ɂȂ܂B

    * [_uEW[gp\ɂ܂ (CONFIG_MODULES) [Y/n/?]
      - YES: ŃJ[l IP MASQ ̃W[g悤ɂȂ܂B

    * lbg[ÑT|[g (CONFIG_NET) [Y/n/?]
      - YES: lbg[NTuVXeLɂ܂B

    * t@CAEH[@\ (CONFIG_FIREWALL) [Y/n/?]
      - YES: IPFWADM t@CAEH[c[Lɂ܂B

    * TCP/IP lbg[LO (CONFIG_INET)
      - YES: TCP/IP vgRLɂ܂B

    * IP: tH[fBO/Q[gEFCO (CONFIG_IP_FORWARD)
      - YES: IPFWADM ɂĐ䂳 Linux lbg[ÑpPbg]
      [eBOLɂ܂B

    * IP: syn NbL[ (CONFIG_SYN_COOKIES) [Y/n/?]
      - YES: {Iȃlbg[NZLeBׂ̈ɋE߂܂B

    * IP: t@CAEH[O (CONFIG_IP_FIREWALL) [Y/n/?]
      - YES: t@CAEH[@\Lɂ܂B

    * IP: t@CAEH[̃pPbgL^ (CONFIG_IP_FIREWALL_VERBOSE) [Y/n/?]
      - YES: (CӂłE߂܂) - t@CAEH[Ɉ
      pPbgOɋL^܂B

    * IP: }XJ[fBO (CONFIG_IP_MASQUERADE [Y/n/?]
      - YES: lbg[N TCP/IP pPbgOlbg[N̂̂
      A IP }XJ[hLɂ܂B

    * IP: ipautofw }XJ[h̃T|[g (EXPERIMENTAL) (CONFIG_IP_MASQUERADE_IPAUTOFW) [Y/n/?]
      - NO: IPautofw  |[gtH[fBǑÂ@łB
      ͂܂A IPPORTFW ̕ǂ@ł̂ŁA IPAUTOFW 
      E߂܂B

    * IP: ipportfw }XJ[hET|[g (EXPERIMENTAL) (CONFIG_IP_MASQUERADE_IPPORTFW) [Y/n/?]
      - YES: ̃IvV 2.0.x J[l̃pb`ł̂ݗLłB
      ̃IvVŁAC^[lbg̊ÕRs[^ MASQ
      ꂽlbg[Ñ}VmړIɐڑł悤
      Ȃ܂B
      TA̋@\͓ SMTP, TELNET, y WWW T[oւ̃ANZX
      p܂B
      FTP |[gtH[fBO͂ FAQ ̏͂ɏڏqĂǉ
      pb`KvɂȂł傤B
      |[gtH[fBOɊւڍׂȏ́A HOWTO 
      tH[h̏͂ɂ܂B

    * IP: ICMP }XJ[fBO (CONFIG_IP_MASQUERADE_ICMP) [Y/n/?]
      - YES: ICMP ping pPbg̃}XJ[fBO܂B
      CӂƎv܂ÃvO ICMP T|[gȂ
      Sɂ͋@\Ȃł傤B

    * IP: loose UDP |[gtH[fBO (EXPERIMENTAL) (CONFIG_IP_MASQ_LOOSE_UDP) [Y/n/?]
      - YES: ̃IvV 2.0.x J[lɃpb`Kp邱Ƃ
      Ă̂ݗLłB
      ̃IvVŁAC^[lbgoRA NAT p悤
      lbg[Nΐ^Q[A}XJ[hꂽlbg[N
      Rs[^ŏo悤ɂȂ܂B
      ڍׂɂĂ͂ HOWTO  FAQ ̏͂ɌfڂĂ܂B

    * IP: ɃftOg (CONFIG_IP_ALWAYS_DEFRAG) [Y/n/?]
      - YES:  ̋@\ IP MASQ ڑœK܂B- E߂܂B
    * IP: zXgƂĂł͂Ȃ[^ƂčœK (CONFIG_IP_ROUTER) [Y/n/?]
      - YES:  ɂăJ[llbg[NTuVXeƂ
      œK܂B

    * IP: MAhXŌoHtꂽt[j (CONFIG_IP_NOSR) [Y/n/?]
      - YES: {Iȃlbg[NZLeBׂ̈ɋE߂܂B

    * lbg[Np_~[hCõT|[g (CONFIG_DUMMY) [M/n/y/?]
      - YES:  CӂłÃIvV͖fobOۂ
      ɂȂ܂B

    * /proc t@CVXẽT|[g (CONFIG_PROC_FS) [Y/n/?]
      - YES:  Linux J[llbg[NŃpPbg]
      @\LɂׂɕKvłB

   -  IP }XJ[ḧׂɕKvȗvfłBȂ̃lb
  g[Nn[hEFAɓLȑ̐ݒ荀ڂIKv܂B

  o  J[lRpCAȉ̂悤 IP MASQ W[Rp
     CāACXg[Ă -

       make modules; make modules_install

  o  ɁA IP }XJ[hXNvgǂݍ܂Au[g̓x IP
     MASQ IɗLɂׂɁA /etc/rc.d/rc.local ɉsǉ
      -

               .
               .
               .
               #rc.firewall script - Start IPMASQ and the firewall
               /etc/rc.d/rc.firewall
               .
               .
               .

  3.1.3.  Linux 2.3.x / 2.4.x J[l

   HOWTO ł 2.3.x  2.4.x J[l͖舵Ă܂B
  ``2.3.x/2.4.x J[l̕Kv'' ̏͂ɋL URL QƂ邩A
  舵ĂV HOWTO QƂĂB

  3.2.  vCx[glbg[N IP AhX LAN Ɋ蓖Ă

  SĂ lbg[N MASQ ꂽ }V́AC^[lbgŌ
  Ɋ蓖ĂꂽAhXׂ*ł͂܂*Bł̂ŁAC^[
  lbg̃AhXƂԂ炸ɁAlbg[Ñ}VɃAhX
  mۂׂ́AœK؂ȕ@݂Ȃ΂Ȃ܂B

  >IWi IP }XJ[h FAQ  -

  RFC 1918 ̓C^[lbg֒ڐڑȂA܂ "vCx[g"
  lbg[Nɗp IP AhXɊւłB̗pr̈
  ɓʂɊ蓖Ăꂽ 3 IP AhX̃ubN܂B

       Section 3 - vCx[gAhX

       Internet Assigned Numbers Authority (IANA) ́AIP AhXԂ̂
       ȉ3̃ubNvCx[glbg[Npɗ\񂵂Ă܂B

                     10.0.0.0        -   10.255.255.255
                     172.16.0.0      -   172.31.255.255
                     192.168.0.0     -   192.168.255.255

       ŏ̃ubŃu24rbgubNvA2Ԗڂ̃ubŃu20rbg
       ubNvA3Ԗڂ̃ubŃu16rbgvubNƌĂ΂܂B
       ŏ̃ubN͒P̃NX A lbg[NԍȊÔȂɂ̂łȂA
       2Ԗڂ̃ubN͘A16̃NX B lbg[Nԍ̏WłA
       3Ԗڂ̃ubN͘A255̃NX C lbg[Nԍ̏Wł邱Ƃ
       ӂĂB

  Qlׂ̈ɁA 192.168.0.0 ̃lbg[NAhX 255.255.255.0 
  Class-C Tulbg}XNIĂA HOWTO ɂĂ
  fĂ܂BłAL̃vCx[glbg[N͑SėLł
  AKTulbg}XNpĂBł̂ŁA Class-C
  ̃lbg[NgȂAȂ̃lbg[N TCP/IP vgR
  @\Ă}VɊ蓖Ăԍ́A 192.168.0.1, 192.168.0.2,
  192.168.0.3, ..., 192.168.0.x ƂȂ܂B

  192.168.0.1 ͑̏ꍇAOlbg[N֏očsׂ̓Q[gEF
  C Linux MASQ }VƂȂ܂B 192.168.0.0  192.168.0.255 ͂
  ꂼlbg[Nyуu[hLXgAhXł邱ƂɒӂĂ
   (̃AhX*\ς*ł) B̃AhX}VɊ
  蓖ĂȂłAȂ΂Ȃ̃}Vlbg[N͐ɓ
  삵܂B

  3.3.  IP tH[fBO|V[ݒ肷

  ̓_ɊւẮAJ[lƂ̑KvȃpbP[WCXg[
  ׂłBSẴlbg[N IP AhXAQ[gEFCA
  DNS AhX Linux MASQ T[ołlɐݒ肳ĂׂłB
   Linux lbg[NJ[h̐ݒ@mȂȂA HOWTO 
  ``2.0.x J[l̕Kv''  ``2.2.x J[l̕Kv'' ̏͂
  QƂĂB

  āAŌɂcƂ́Aw肳ꂽ}VɓK؂ɃpPbg]
  (FORWARD) y }XJ[h (MASQUERADE) ׂ́A IP t@CAEH[
  Oc[ݒ肷邱ƂłB

  ** ̎ɂ͐FXƈႤ@R蓾܂Bꂩ玦
  ĂƎ͎̏œ삵Ă܂AȂȂ̈ႤAC
  fBAKv邱Ƃł傤B

       ̏͂ IP }XJ[h@\삵ׂ́Af̍Œ
       t@CAEH[̃[ZbgЉ**łBU (
        HOWTO ɂČq) IP MASQ ̃eXgA
       Sȃt@CAEH[̃[Zbgׂ̈ `` IPFWADM 
       [Zbg''  `` IPCHAINS ̃[Zbg'' ̏͂Q
       ƂĂBXɁAڍׂɂĂ IPFWADM (2.0.x) y/
        IPCHAINS (2.2.x) ̃IC}jAQƂĂ
       B

  3.3.1.  Linux 2.2.x J[l

  2.1.x  2.2.x J[l̗ɂ IP }XJ[fBÕ[𑀍
  ׂɁA IPFWADM ͂͂t@CAEH[c[ƂĂ͎gȂ 
  ɒӂĂBAVJ[lł IPCHAINS c[g
  ܂B̕ύXɊւڍׂɂẮA ``悭鎿 (FAQ)'' ̏͂Q
  ƂĂB

  IŒPȃ[ZbgɂāA ȉɋL悤
  /etc/rc.d/rc.firewall 쐬܂ -

       #!/bin/sh
       #
       # rc.firewall - IPCHAINS pA 2.1.x y 2.2.x J[lׂ̈́A
       #               IŒP IP }XJ[h̃eXg
       #
       #
       # Kv IP MASQ W[Sēǂݍ݂܂B
       #
       #    - KvƂ IP MASQ W[[hĂB
       #          ݂ IP MASQ W[̑SĂȉɋLĂ܂A
       #          RgAEg΃[h}~ł܂B

  # W[̃[h̏iKɕKvłB
  #
  /sbin/depmod -a

  # PORT \bhp FTP t@C]̓K؂ȃ}XJ[fBO
  # T|[g܂B
  # y: PORT \bh̓pbVu[hłȂAʏ FTP ڑw܂B
  # ڑAf[^|[ggpۂɁA FTP T[oNCAg
  # ΂ TCP ڑm悤Ƃ܂B
  # ̃W[ FTP NCAgpbVu[hŎgpۂɂ͕sv
  # łBz
  #
  /sbin/modprobe ip_masq_ftp

  # UDP  RealAudio ̃}XJ[fBOT|[g܂B
  # ̃W[ȂƁA RealAudio ͋@\܂A TCP [hœ
  # ǍʂƂĉ̗򉻂ЂN܂B
  #
  #/sbin/modprobe ip_masq_raudio

       # IRC ɂ DCC t@C]̃}XJ[fBOT|[g܂B
       #
       #/sbin/modprobe ip_masq_irc

       y: DCC (Direct Client Connection) Ƃ́Aclient m IRC server
       ɒ connection 𒣂ăt@C𑗎󂵂Ab肷
       邵݂w܂B DCC ̏ڍׂɂĂ irchat-micro-howto A
       irchat-jp pbP[WɓYtĂ FAQ-about-jp24.txt QƂĂ
       Bz

       # ftHg Quake y QuakeWorld ̃}XJ[fBOT|[g܂B
       # ̃W[ Linux MASQ T[ǒ둤ɂ镡̃[Üׂɂ
       # ܂B
       # Quake I, II, y III vCȂA 2Ԗڂ̗pĂB
       #
       #    -  QUAKE W[̃[hɎs ERROR \ꂽA
       #   -----  ̓oO܂܂ꂽÂJ[lłBŐṼJ[lɍXV
       #          B
       #
       #Quake I / QuakeWorld (26000 y 27000 ԃ|[g)
       #/sbin/modprobe ip_masq_quake
       #
       #Quake I/II/III / QuakeWorld (26000, 27000, 27910, 27960 ԃ|[g)
       #/sbin/modprobe ip_masq_quake 26000,27000,27910,27960

       # CuSeeme rfIc\tgEFÃ}XJ[fBOT|[g܂B
       #
       #/sbin/modprobe ip_masq_cuseeme

       # VDO-live rfIc\tgEFÃ}XJ[fBOT|[g܂B
       #
       #/sbin/modprobe ip_masq_vdolive

       #dv - ftHgŖɂȂĂ IP tH[fBOLɂ܂B
       #
       #           Redhat [U - /etc/sysconfig/network ȉ̂悤
       #                             āÃIvVύXł
       #                             ł̂ŁAĂ݂ĂB
       #
       #                       FORWARD_IPV4=false
       #                             
       #                       FORWARD_IPV4=true
       #
       echo "1" > /proc/sys/net/ipv4/ip_forward

       #dv - 2.2.x J[l̃ftHgŖɂȂĂ IP ftOg
       #       (œK)Lɂ܂B
       #       ̓RpC̃IvVŗLłA 2.2.12 ̎
       #       ̓삪ύXĂ܂܂B
       #
       echo "1" > /proc/sys/net/ipv4/ip_always_defrag

       # I IP [U -
       #
       #    SLIP, PPP,  DHCP œI IP AhX𓾂ĂȂA
       #   Lȉ̃IvVLɂĂB
       #   ɂ IP MASQ ɂēI IP AhX̃nbLOA
       #   eՂ Diald ⓯l̃vỎғԂL΂܂B
       #
       #echo "1" > /proc/sys/net/ipv4/ip_dynaddr

       y: ̃IvVLɂƁA ppp ̍ĐڑAC^[tF[X
       IP AhXςĂAȑÕ}XJ[he[ujA IP AhX
       čėp܂Bz

       # ̃C^[lbgΉQ[vA[Y UDP pb`
       # Lɂ܂B
       #
       #  IP }XJ[h{bNXzɃC^[lbgΉQ[肽āA
       #  ̃Q[𗧂グčĐݒ肷邱ƂȂy݂ȂÃIvV
       #  LɂĂ݂Ă ("#" ɂRgAEg폜܂) B
       #  }V UDP |[gXLōU₷Ȃ\̂ŁA
       #  ̃IvV̓ftHgł͖ɂȂĂ܂B
       #
       #echo "1" > /proc/sys/net/ipv4/ip_masq_udp_dloose

  # MASQ ^CAEgl
  #
  #  TCP ZbVɂ 2 Ԃ̃^CAEglA
  #  TCP/IP "FIN" pPbgM̃gtBbNɂ 10 b̃^CAEg
  #  lA
  #  UDP gtBbNɂ 160 b̃^CAEgl(MASQ ꂽ ICQ [U
  #  ׂ̈ɏdvł) ݒ肵܂B
  #
  /sbin/ipchains -M -S 7200 10 160

  # DHCP - ADSL  P[uf̃[Û悤ȁADHCP  BOOTP 
  #        ꂩO IP AhX擾ĺǍɋLq
  #        ipchains  deny R}h̑Oɂ̍sKvƂ܂B
  #        "bootp_client_net_if_name" ɂ DHCP/BOOTP T[oAhX
  #        蓖ĂC^[tF[XɏĂB
  #        炭 "eth0", "eth1" ɂȂ邱Ƃł傤B
  #
  #        ̗͍̏RgAEgĂ܂B
  #
  #/sbin/ipchains -A input -j ACCEPT -i bootp_clients_net_if_name -s 0/0 67 -d 0/0 68 -p udp

  # P IP tH[fBOyу}XJ[fBOLɂ܂B
  #
  #   - ȉ̗ 192.168.0.x ̓ LAN AhX 255.255.255.0 
  #         "24" rbg̃Tulbg}XNȂlbg[NA eth0
  #         C^[tF[XʂăC^[lbg֐ڑꍇL
  #         ܂B
  #
  #         ** Ȃ̓ LAN ̐ݒɍ悤ɁAlbg[NԍA
  #         ** Tulbg}XNyуC^[lbgڑ̃C^[tF[X
  #         ** ύXĂB
  #
  /sbin/ipchains -P forward DENY
  /sbin/ipchains -A forward -i eth0 -s 192.168.0.0/24 -j MASQ

  U /etc/rc.d/rc.firewall ̃[ZbgҏWIAs\
  悤 chmod 700 /etc/rc.d/rc.firewall ͂AsĂ
  B

  āAt@CAEH[̃[Zbg̏܂Bu[g
  ɎsKv܂Bsɂ́Aōs@ (ɂł)
  Au[gXNvgɒǉ@܂Bȉ 2̕@L
  ܂ -

  o  Redhat y Redhat hfBXgr[V -

  o  NXNvg̃[hɊւA Redhat ɂ 2̕@܂ -
     /etc/rc.d/rc.local  /etc/rc.d/init.d/ ̒ɂ init XNv
     głBO҂̕@łȒPłBׂƂ͈ȉ̍s
     /etc/rc.d/rc.local t@C̍Ōɒǉ邱Ƃł -

     o  echo "Loading the rc.firewall ruleset.." /etc/rc.d/rc.firewall

     ̎@̖_́Ałȃt@CAEH[̃[Zbg𓮍삳
     悤ƂۂɁAt@CAEH[̓u[gIɎ܂Ŏs
     AƂ_ɂ܂BD܂@ƂẮAlbg[NTuVX
     e̐ݒ肪[hꂽɁAt@CAEH[̐ݒ肪[h
     悤ɂ邱ƂłB̏A HOWTO  /etc/rc.d/rc.local ̐
     ݂̂Ă܂B苭łȃVXe]݂ȂA HOWTO 
     Ō̏͂ɃN TrinityOS 10͂QƂ邱ƂE߂
     B

  o  Slackware -

  o  NXNvg̃[hɊւA Slackware ɂ 2̕@܂ -
     /etc/rc.d/rc.local  /etc/rc.d/rc.inet2 t@CҏW邱Ƃ
     BO҂̕@łȒPłBׂƂ͈ȉ̍s
     /etc/rc.d/rc.local t@C̍Ōɒǉ邱Ƃł -

     o  echo "Loading the rc.firewall ruleset.."

        /etc/rc.d/rc.firewall

     ̎@̖_́Ałȃt@CAEH[̃[Zbg𓮍삳
     悤ƂۂɁAt@CAEH[̓u[gIɎ܂Ŏs
     AƂ_ɂ܂BD܂@ƂẮAlbg[NTuVX
     e̐ݒ肪[hꂽɁAt@CAEH[̐ݒ肪[h
     悤ɂ邱ƂłB̏A HOWTO  /etc/rc.d/rc.local ̐
     ݂̂Ă܂B苭łȃVXe]݂ȂA HOWTO 
     Ō̏͂ɃN TrinityOS 10͂QƂ邱ƂE߂
     B

  q̃t@CAEH[̃[ZbgύX[Uւ̒ -

  S TCP/IP lbg[Nq̕@̑ɁA*P̂̃}V
  * IP }XJ[fBOƎv邱Ƃł
  BႦ΁A 192.168.0.2  192.168.0.8 ̃zXgC^[lb
  g֐ڑƂ܂B̎lbg[Nɑ̃}V݂͑
  ܂B (q) "P IP tH[fBOyу}XJ[fB
  O" ̏͂́A /etc/rc.d/rc.firewall ̃[ZbgAȉ
  悤ɏ܂B

       #!/bin/sh
       #
       # P IP tH[fBOyу}XJ[fBOLɂ܂B
       #
       #   - ȉ̗ 192.168.0.x ̓ LAN AhX 255.255.255.0 
       #         "24" rbg̃Tulbg}XNȂlbg[NA eth0
       #         C^[tF[XʂăC^[lbg֐ڑꍇL
       #         ܂B
       #
       #         ** Ȃ̓ LAN ̐ݒɍ悤ɁAlbg[NԍA
       #         ** Tulbg}XNyуC^[lbgڑ̃C^[tF[X
       #         ** ύXĂB
       #
       /sbin/ipchains -P forward DENY
       /sbin/ipchains -A forward -i eth0 -s 192.168.0.2/32 -j MASQ
       /sbin/ipchains -A forward -i eth0 -s 192.168.0.8/32 -j MASQ

  悭ԈႢ -

  iK IP Masq [UƂȂ悭ԈႢƂāAȉ̂悤
  ȃR}h܂ -

  /sbin/ipchains -P forward masquerade

  āAftHg|V[}XJ[fBOɂĂ͂܂B
  Ȃ΁AoHe[u𑀍łNȂ̃Q[gEFC}VɌ
  JAg̐g}XJ[hĂ܂mȂł!

  JԂ܂A̍s /etc/rc.d/rc.firewall t@CAȂ
  I鑼 rc t@Ĉ̈ɒǉł邩A IP }XJ[h
  KvƂxɎƂŎsł܂B

  IPCHAINS Ƌł IPCHAINS ̃[Zbg̗̏ڍׂȎɊւẮA
  `` IPFWADM ̃[Zbg''  `` IPCHAINS ̃[Zbg'' 
  ͂QƂĂBXɏڍׂ IPCHAINS ̎gɊւẮAvC}
   IPCHAINS TCgł http://netfilter.filewatcher.org/ipchains/
  A Linux IP CHAINS HOWTO Backup QƂĂB

  3.3.2.  Linux 2.0.x J[l

  IŒPȃ[ZbgɂāA ȉɋL悤
  /etc/rc.d/rc.firewall 쐬܂ -

       # rc.firewall - IPFWADM pA 2.0.x J[lׂ̈́A
       #               IŒP IP }XJ[h̐ݒ
       #
       # Kv IP MASQ W[Sēǂݍ݂܂B
       #
       #    - KvƂ IP MASQ W[[hĂB
       #          ݂ IP MASQ W[̑SĂȉɋLĂ܂A
       #          RgAEg邱ƂŃ[h}~邱Ƃł܂B

       # W[̃[h̏iKɕKvłB
       #

       #
       /sbin/depmod -a

       # Supports the proper masquerading of FTP file transfers using the PORT method
       # PORT \bhp FTP t@C]̓K؂ȃ}XJ[fBO
       # T|[g܂B
       # y: PORT \bh̓pbVu[hłȂAʏ FTP ڑw܂B
       # ڑAf[^|[ggpۂɁA FTP T[oNCAg
       # ΂ TCP ڑm悤Ƃ܂B
       # ̃W[ FTP NCAgpbVu[hŎgpۂɂ͕sv
       # łBz
       #
       /sbin/modprobe ip_masq_ftp

       # UDP  RealAudio ̃}XJ[fBOT|[g܂B
       # ̃W[ȂƁA RealAudio ͋@\܂A TCP [hœ
       # ǍʂƂĉ̗򉻂ЂN܂B
       #
       #/sbin/modprobe ip_masq_raudio

       # IRC ɂ DCC t@C]̃}XJ[fBOT|[g܂B

  y: DCC (Direct Client Connection) Ƃ́Aclient m IRC server
  ɒ connection 𒣂ăt@C𑗎󂵂Ab肷
  邵݂w܂B DCC ̏ڍׂɂĂ irchat-micro-howto A
  irchat-jp pbP[W ɓYtĂ FAQ-about-jp24.txt QƂ
  Bz

  #
  #/sbin/modprobe ip_masq_irc

  # ftHg Quake y QuakeWorld ̃}XJ[fBOT|[g܂B
  # ̃W[ Linux MASQ T[ǒ둤ɂ镡̃[Üׂɂ
  # ܂B
  # Quake I, II, y III vCȂA 2Ԗڂ̗pĂB
  #
  #    -  QUAKE W[̃[hɎs ERROR \ꂽA
  #   -----  ̓oO܂܂ꂽÂJ[lłBŐṼJ[lɍXV
  #          B
  #
  #Quake I / QuakeWorld (ports 26000 and 27000)
  #/sbin/modprobe ip_masq_quake
  #
  #Quake I/II/III / QuakeWorld (ports 26000, 27000, 27910, 27960)
  #/sbin/modprobe ip_masq_quake 26000,27000,27910,27960

  # CuSeeme rfIc\tgEFÃ}XJ[fBOT|[g܂B
  #
  #/sbin/modprobe ip_masq_cuseeme

  # VDO-live rfIc\tgEFÃ}XJ[fBOT|[g܂B
  #
  #/sbin/modprobe ip_masq_vdolive

  #vI - ftHgŖɂȂĂ IP tH[fBOLɂ܂B
  #
  #           Redhat [U - /etc/sysconfig/network ȉ̂悤
  #                             āÃIvVύX
  #                             Ƃłł傤B
  #
  #                       FORWARD_IPV4=false
  #                             to
  #                       FORWARD_IPV4=true
  #
  echo "1" > /proc/sys/net/ipv4/ip_forward

  #vI - ftHgŖɂȂĂ IP ftOg(œK)L
  #         ܂B
  #         ̓RpC̃IvVŗLłA 2.2.12 ̎
  #         ̓삪ύXĂ܂܂B
  #         ̃IvV 2.0 y 2.2 J[l̗ɕKvłB
  #
  echo "1" > /proc/sys/net/ipv4/ip_always_defrag

  # I IP [U -
  #
  #    SLIP, PPP,  DHCP œI IP AhX𓾂ĂȂA
  #   Lȉ̃IvVLɂĂB
  #   ɂ IP MASQ ɂēI IP AhX̃nbLOA
  #   eՂ Diald ⓯l̃vỎғԂL΂܂B
  #
  #echo "1" > /proc/sys/net/ipv4/ip_dynaddr

  # MASQ ^CAEgl
  #
  #  TCP ZbVɂ 2 Ԃ̃^CAEglA
  #  TCP/IP "FIN" pPbgM̃gtBbNɂ 10 b̃^CAEg
  #  lA
  #  UDP gtBbNɂ 160 b̃^CAEgl(MASQ ꂽ ICQ [U
  #  ׂ̈ɏdvł) ݒ肵܂B
  #
  /sbin/ipfwadm -M -s 7200 10 160
  # DHCP - ADSL  P[uf̃[Û悤ȁADHCP  BOOTP 
  #        ꂩAO IP AhX擾ĺǍɋLq
  #        ipchains  deny R}h̑Oɂ̍sKvƂ܂B
  #        "bootp_client_net_if_name" ɂ DHCP/BOOTP T[oAhX
  #        蓖ĂC^[tF[XɏĂB
  #        炭 "eth0", "eth1" ɂȂ邱Ƃł傤B
  #
  #        ̗͍̏RgAEgĂ܂B
  #
  #
  #/sbin/ipfwadm -I -a accept -S 0/0 67 -D 0/0 68 -W bootp_clients_net_if_name -P udp

  # P IP tH[fBOyу}XJ[fBOLɂ܂B
  #
  #   - ȉ̗ 192.168.0.x ̓ LAN AhX 255.255.255.0 
  #         "24" rbg̃Tulbg}XNȂlbg[NA eth0
  #         C^[tF[XʂăC^[lbg֐ڑꍇL
  #         ܂B
  #
  #         ** Ȃ̓ LAN ̐ݒɍ悤ɁAlbg[NԍA
  #         ** Tulbg}XNyуC^[lbgڑ̃C^[tF[X
  #         ** ύXĂB
  #
  /sbin/ipfwadm -F -p deny
  /sbin/ipfwadm -F -a m -W eth0 -S 192.168.0.0/24 -D 0.0.0.0/0

  U /etc/rc.d/rc.firewall ̃[ZbgҏWIAs\
  悤 chmod 700 /etc/rc.d/rc.firewall ͂AsĂ
  B

  āAt@CAEH[̃[Zbg̏܂Bu[g
  ɎsKv܂Bsɂ́Aōs@ (ɂł)
  Au[gXNvgɒǉ@܂Bȉ 2̕@L
  ܂ -

  o  Redhat y Redhat hfBXgr[V -

     o  NXNvg̃[hɊւA Redhat ɂ 2̕@܂ -
        /etc/rc.d/rc.local  /etc/rc.d/init.d/ ̒ɂ init XN
        vgłBO҂̕@łȒPłBׂƂ͈ȉ̍s
        /etc/rc.d/rc.local t@C̍Ōɒǉ邱Ƃł -

        o  echo "Loading the rc.firewall ruleset.."
           /etc/rc.d/rc.firewall

     ̎@̖_́Ałȃt@CAEH[̃[Zbg𓮍삳
     悤ƂۂɁAt@CAEH[̓u[gIɎ܂Ŏs
     AƂ_ɂ܂BD܂@ƂẮAlbg[NTuVX
     e̐ݒ肪[hꂽɁAt@CAEH[̐ݒ肪[h
     悤ɂ邱ƂłB̏A HOWTO  /etc/rc.d/rc.local ̐
     ݂̂Ă܂B苭łȃVXe]݂ȂA HOWTO 
     Ō̏͂ɃN TrinityOS 10͂QƂ邱ƂE߂
     B

  o  Slackware:

     o  NXNvg̃[hɊւA Slackware ɂ 2̕@
         - /etc/rc.d/rc.local  /etc/rc.d/rc.inet2 t@CҏW
        邱ƂłBO҂̕@łȒPłBׂƂ͈ȉ̍s
        /etc/rc.d/rc.local t@C̍Ōɒǉ邱Ƃł -

        o  echo "Loading the rc.firewall ruleset.."

           /etc/rc.d/rc.firewall

        ̎@̖_́Ałȃt@CAEH[̃[Zbg𓮍삳
        悤ƂۂɁAt@CAEH[̓u[gIɎ܂Ŏs
        ȂAƂ_ɂ܂BD܂@ƂẮAlbg[NTu
        VXe̐ݒ肪[hꂽɁAt@CAEH[̐ݒ肪[
        h悤ɂ邱ƂłB̏A HOWTO 
        /etc/rc.d/rc.local ̐ݒ݂̂Ă܂B苭łȃVXe
        ]݂ȂA HOWTO ̍Ō̏͂ɃN TrinityOS 10
        ͂QƂ邱ƂE߂܂B

  q̃t@CAEH[̃[ZbgύX[Uւ̒ -

  S TCP/IP lbg[Nq̕@̑ɁA*P̂̃}V
  * IP }XJ[fBOƎv邱Ƃł
  BႦ΁A 192.168.0.2  192.168.0.8 ̃zXgC^[lb
  g֐ڑƂ܂B̎lbg[Nɑ̃}V݂͑
  ܂B (q) "P IP tH[fBOyу}XJ[fB
  O" ̏͂́A /etc/rc.d/rc.firewall ̃[ZbgAȉ
  悤ɏ܂B

       #!/bin/sh
       #
       # P IP tH[fBOyу}XJ[fBOLɂ܂B
       #
       #   - ȉ̗ 192.168.0.x ̓ LAN AhX 255.255.255.0 
       #         "24" rbg̃Tulbg}XNȂlbg[NA eth0
       #         C^[tF[XʂăC^[lbg֐ڑꍇL
       #         ܂B
       #
       #         ** Ȃ̓ LAN ̐ݒɍ悤ɁAlbg[NԍA
       #         ** Tulbg}XNyуC^[lbgڑ̃C^[tF[X
       #         ** ύXĂB
       #
       /sbin/ipfwadm -F -p deny
       /sbin/ipfwadm -F -a m -W eth0 -S 192.168.0.2/32 -D 0.0.0.0/0
       /sbin/ipfwadm -F -a m -W eth0 -S 192.168.0.8/32 -D 0.0.0.0/0

  悭ԈႢ -

  iK IP Masq [UƂȂ悭ԈႢƂāAȉ̂悤
  ȃR}h܂ -

  ipfwadm -F -p masquerade

  āAftHg|V[}XJ[fBOɂĂ͂܂B
  Ȃ΁AoHe[u𑀍łNȂ̃Q[gEFC}VɌ
  JAg̐g}XJ[hĂ܂mȂł!
  JԂ܂A̍s /etc/rc.d/rc.firewall t@CAȂ
  I鑼 rc t@Ĉ̈ɒǉł邩A IP }XJ[h
  KvƂxɎƂŎsł܂B

  苭ł IPCHAINS  IPFWADM ̃[Zbg̗̏ڍׂȎɊւ
  ́A `` IPCHAINS ̃[Zbg''  `` IPFWADM ̃[Zb
  g'' ̏͂QƂĂB

  4.  }XJ[hڑ鑼̓}V̐ݒ

  }XJ[hڑe}Vł́AK؂ IP AhXݒ肷邾
  łȂALinux }XJ[hT[o DNS T[õQ[gEFC IP Ah
  Xݒ肷Kv܂BʓIɌāAقǓƂł͂
  ܂BLinux zXg̃AhX(ʏ́A192.168.0.1 ƂAhX)
  Q[gEFCAhXƂē͂邾łB

  DNS(hCl[T[rX)ɂ́Apł DNS T[oł΁Aǂ
  DNS T[ow肵Ă܂܂BLinux T[o̎gpĂ̂Ɠ
   DNS T[ow肷̂₷ł傤B̂ƂACӂ́uh
  CT[`vTtBbNXǉ邱Ƃł܂B

  }XJ[h}V̐ݒIAlbg[NT[rXN
  AVXeu[gĂB

  ł́ALinux }XJ[hT[õAhXƂ 192.168.0.1 Ƃ
  NX C lbg[NAhXgp̂ƂĐݒ̎菇
  B192.168.0.0  192.168.0.255 ́ALAN ɗ\񂳂Ă TCP/IP Ah
  XłB

  ȉ̃vbgtH[́A}XJ[h}VƂĎgpт̂
  ̂łB̓}XJ[hɑΉ OS ̈ɂ܂B

  o  Apple Macintosh OS(MacTCP ܂ Open Transport @\̓삵Ă
     )

  o  Commodore Amiga(AmiTCP ܂ AS225 X^bN̓삵Ă)

  o  Digital VAX Stations 3520 y 3100 ŉғĂ UCX(VMS p
     TCP/IP X^bN)

  o  Digital Alpha/AXP ŉғ Linux/Redhat

  o  RS/6000 ŉғ IBM AIX

  o  IBM OS/2(Warp v3 ܂)

  o  AS/400 ŉғ IBM OS400

  o  Linux 1.2.xA1.3.xA2.0.xA2.1.xA2.2.x

  o  Microsoft DOS(NCSA Telnet pbP[WgpADOS Trumpet ꕔ@
     \Ă)

  o  Microsoft Windows 3.1(Netmanage Chameleon pbP[WgpĂ
     )

  o  Microsoft Windows For Workgroup 3.11(TCP/IP pbP[W̓삵Ă
     )

  o  Microsoft Windows 95AOSR2A98A98SE

  o  Microsoft Windows NT 3.51A4.0A2000(Workstation y Server)

  o  Novell Netware 4.01 Server(TCP/IP T[rX̓삵Ă)

  o  SCO Openserver(v3.2.4.2 y 5)

  o  Sun Solaris 2.51A2.6A7

  y: Microsoft Windows for Workgroup 3.11 ́A{ł͔Ă
  ܂Bz

  4.1.  Microsoft Windows 95 ł̐ݒ

  1. 炩߃lbg[NJ[hA_v^hCoCXg[Ă
     ܂BCXg[̎菇ɂẮAlbg[NJ[h̐
     QƂĂB

  2. uRg[plvulbg[NvI܂B

  3. uǉvuvgRvu: Microsoft(Manufacture:
     Microsoft)vuvgR: TCP/IP vgRvI܂(ł
     TCP/IP vgRCXg[Ă΁A̍Ƃ͕svł)B

  4. Windows95 ̃lbg[NJ[h TCP/IP ڂIԂŁuv
     peBvNbN܂BuIP AhXv^uJāAIP AhX
      192.168.0.x(1 < x < 255)ɐݒ肵AuTulbg}XNv
     255.255.255.0 ɐݒ肵܂B

  5. ɁAuQ[gEFCv^uJāAuQ[gEFCv 192.168.0.1
     Ɠ͂AuǉvNbN܂B

  6. uDNS ̐ݒv^uŁÃ}V̖OĂ邱ƂmF
     ĂAȃhC͂܂BÕhCȂꍇ
     ́ApĂC^[lbgvoC_ (ISP) ̃hC͂
     ܂BɁA Linux zXg̎gpĂ DNS T[o (ʏ́A
     /etc/resolv.conf Ŏw肳Ă DNS T[o) ׂĒǉ܂B
      DNS T[oɂ́AȂ Linux }XJ[hT[oɂ
     Ǝ̃LbVOl[T[o␳ DNS T[ogp邱Ƃ
     ܂A ISP ̃T[ow肷̂ʂłB̂ƂAhC
     T[`TtBbNXt邱Ƃł܂B

  7. 悭Ȃ΁Aق̐ݒׂ͂Ă̂܂܂ɂĂ܂B

  8. ׂẴ_CAO{bNXŁuOKvNbNāAVXeċN
     ܂B
  9. Linux }V ping łAlbg[NڑeXg܂But@
     Cw肵ĎsvŁAȉ̂悤ɓ͂Ă - ping
     192.168.0.1
     (܂ LAN ̐ڑeXgĂ邾Ȃ̂ŁALAN ̊O ping ͑
     Ă܂)B ping ɁuvȂꍇɂ́Albg[N̐ݒmF
     ĂB

  10.
     C:\Windows fBNg HOSTS Ƃt@C쐬Ă΁ADNS
     T[ogpȂĂe LAN }V́uzXgv ping ʂ悤
     Ȃ܂BC:\windows fBNgɂ HOSTS.SAM ƂTvt@
     C߂Ă܂B

  4.2.  Windows NT ł̐ݒ

  y:  NT 3.x ̐ݒ@ŁAUI (_CO^u)̖ NT 3.x
  ɊÂ̂łBNT4.0  Windows 2000 ȂǁȂ Windows NT n
  OS ̐ݒTOƂĂ͓lłA菇̏ڍׂɂĂOS ̃}jA
  QƂĂBz

  1. 炩߃lbg[NJ[hA_v^hCoCXg[Ă
     ܂BCXg[̎菇ɂẮAlbg[NJ[h̐
     QƂĂB

  2. uRg[plvulbg[NvuvgRvI
     B

  3. TCP/IP T[rX܂CXg[ĂȂꍇɂ́Au\tgEFA
     ̒ǉvj[ TCP/IP vgRƊ֘AR|[lgǉ
     ܂B

  4. ulbg[N\tgEFAƃA_v^J[h(Network Software and
     Adapter Cards)vŁugݍ܂Ălbg[N\tgEF
     A(Installed Network Software)vƂI{bNXuTCP/IP v
     gR(TCP/IP Protocol)vI܂B

  5. uTCP/IP ̍\vŁAK؂ȃA_v^(Ƃ΁A[1]Novell NE2000
     Adapter)I܂BIP AhX 192.168.0.x(1 < x < 255)ɐݒ
     ATulbg}XN 255.255.255.0 ɁAftHgQ[gEFC
     192.168.0.1 ɐݒ肵܂B

  6. (eIvV̋@\𐳊mɗĂȂ)ȉ̃IvV͗L
     ɂȂłB

     o  uDHCP \Lɂv - ̃IvV́Albg[N
        DHCP T[ogpĂȂ薳ɂ܂B

     o  1܂͕ WINS T[oZbgAbvĂȂAuWINS
        T[ov̓͗ɂ͉͂ȂĂB

     o  uIP tH[fBOLɂv - Windows NT }VŃ[
        eBOŝłȂA{ɁA -{- mɉ̂m
        Ȃꍇɂ́ALɂȂłB

  7. uDNSvNbNALinux zXg̎gpĂ DNS T[õAh
     X͂܂(̃AhX́AʏA/etc/resolv.conf ɂ܂)B
     ͂IuOKvNbN܂B

  8. uڍׁvNbNAuWindows O DNS gpv
     uLMHOSTS ̎QƂsvƂIvVɃ`FbNĂȂ
     Ƃm߂܂B悭Ȃ΁ÃIvV͖Ȃ܂
     ɂĂ܂BLMHOSTS t@CgpꍇÃt@C
     C:\winnt\system32\drivers\etc ɒu܂B

  9. ׂẴ_CAO{bNXɁuOKvƓāAVXeċN
     B

  10.
     Linux }V ping łălbg[NڑeXg܂But@
     Cw肵ĎsvŁAȉ̂悤ɓ͂܂ - ping 192.168.0.1
     (܂ LAN ̐ڑeXgĂ邾Ȃ̂ŁALAN ̊O ping ͑
     Ă܂)B ping ɁuvȂꍇɂ̓lbg[N̐ݒmF
     ĂB

  4.3.  Windows for Workgroup 3.11 ł̐ݒ

  y: Microsoft Windows for Workgroup 3.11 ́A{ł͔Ă
  ܂BāAUI pɐK̖|݂͑Ȃ̂łA OS
   UI \Lɍ킹āAua ()vƂ`ɂĂ܂Bz

  1. 炩߃lbg[NJ[hA_v^hCoCXg[Ă
     ܂BCXg[̎菇ɂẮAlbg[NJ[h̐
     QƂĂB

  2. TCP/IP 32b pbP[WCXg[ĂȂꍇɂ́ACXg[
     ܂B

  3. uC(Main)vuWindows ̐ݒ(Windows Setup)vulbg[N
     ̐ݒ(Network Setup)vƐiŁuhCo(Drivers)vNbN
     B

  4. ulbg[NhCo(Network Drivers)vŁuMicrosoft TCP/IP-32
     3.11bvIAuݒ(Setup)vNbN܂B

  5. uIP AhX(IP Address)v 192.168.0.x(1 < x < 255)ɐݒ肵A
     uTulbg}XN(Subnet Mask)v 255.255.255.0 ɁAuftHg
     Q[gEFC(Default Gateway)v 192.168.0.1 ɐݒ肵܂B

  6. (eIvV̋@\𐳊mɗĂȂ)ȉ̃IvV͗L
     ɂȂłB

     o  uDHCP \Lɂ(Automatic DHCP Configuration)v - 
        ̃IvV́Albg[N DHCP T[ogpĂȂ薳
        ɂ܂B

     o  P܂͕ WINS T[oZbgAbvĂȂAuWINS
        T[o(WINS Server)v̓̓tB[hɂ͉͂ȂĂ
        B

  7. uDNSvNbNALinux zXg̎gpĂ DNS T[õAh
     X͂܂(̃AhX́AʏA/etc/resolv.conf ɂ܂)B
     ͂IAuOKvNbN܂B

  8. uڍ(Advanced)vNbNāAc:\windows ɂuWindows O
      DNS gp(Enable DNS for Windows Name Resolution)v
     uLMHOSTS ̎QƂs(Enable LMHOSTS lookup)vɃ`FbN
     B

  9. ׂẴ_CAO{bNXɁuOKvƓāAVXeċN
     B

  10.
     Linux }V ping łălbg[NڑeXg܂But@
     Cw肵Ďs(File/Run)vŁAȉ̂悤ɓ͂܂ - ping
     192.168.0.1
     (܂ LAN ̐ڑeXgĂ邾Ȃ̂ŁALAN ̊O ping ͑
     Ă܂)B ping ɁuvȂꍇɂ̓lbg[N̐ݒmF
     ĂB

  4.4.  UNIX nVXeł̐ݒ

  1. 炩߃lbg[NJ[hCXg[AK؂ȃA_v^hC
     ogݍŃJ[lRpCĂ܂BCXg[
     菇ɂẮAlbg[NJ[h̐QƂĂB

  2. net-tools pbP[Ŵ悤 TCP/IP lbg[N@\CXg[
     Ă܂B

  3. uIPADDRv 192.168.0.xi1 < x < 255jɐݒ肵̂AuNETMASKv
      255.255.255.0 ɁAuGATEWAYv 192.168.0.1 ɁAuBROADCASTv 
     192.168.0.255 ɐݒ肵܂B

     Ƃ΁ARedhat Linux ̏ꍇA/etc/sysconfig/network-
     scripts/ifcfg-eth0 t@CҏW邩A܂́uRg[pl
     vgp邱ƂɂďL̕ύXs܂B̑ UNIX VX
     e(SunOSABSDiASlackware LinuxASolarisASuSeADebian Ȃ)ł
     ύX菇قȂ܂BڍׂɂẮAX UNIX VXẽhL
     gQƂĂB

  4. hCl[T[rX(DNS)ƃhCT[`TtBbNX
     /etc/resolv.conf ɒǉ܂BUNIX ̃o[Wɂ
     ́A/etc/nsswitch.conf t@CҏW DNS T[rXLɂ
     Kv܂B

  5. /etc/networks t@CXVĐݒe𔽉f܂B

  6. K؂ȃT[rXĎn邩A܂̓VXeċN܂B

  7. Q[gEFC}Vւ̐ڑeXgׂɁAɋL ping R}h
     𔭍s܂ - ping 192.168.0.1
     (܂ LAN ̐ڑeXgĂ邾Ȃ̂ŁALAN ̊O ping ͑
     Ă܂)B ping ɁuvȂꍇɂ̓lbg[N̐ݒmF
     ĂB

  4.5.  NCSA Telnet pbP[Wgp DOS ̐ݒ

  1. 炩߃lbg[NJ[hCXg[Ă܂BCXg[
     ̎菇ɂẮAlbg[NJ[h̐QƂĂB

  2. K؂ȃpPbghCoǂݍ݂܂BƂ΁AI/O |[g
     300AIRQ  10 ɐݒ肳Ă NE2000 Ethernet J[hgp
     ɂ́Anwpd 0x60 10 0x300 ƂR}hs܂B

  3. VfBNg쐬Apkunzip tel2308b.zip Ɠ͂ NCSA
     Telnet pbP[WWJ܂B

  4. eLXgGfB^ config.tel t@CJ܂B

  5. config.tel t@C myip=192.168.0.x(1 < x < 255),
     netmask=255.255.255.0 ƁAeXݒ肵܂B

  6. ł́Ahardware=packetAinterrupt=10Aioaddr=60 Ɛݒ肵܂B

  7. ȂƂP̃}V(܂ALinux zXg)Q[gEFCƂĎw
     肵ĂKv܂B

       name=default
       host=yourlinuxhostname y: Linux zXg̖Ow肵܂Bz
       hostip=192.168.0.1
       gateway=1

  8. ŁAhCl[T[rXw肵܂B

       name=dns.domain.com ; hostip=123.123.123.123; nameserver=1

   - DNS ́̕ALinux zXggpĂ DNS ̃AhXɒu
  ĂB

  9. config.tel t@Cۑ܂B

  10.
     Linux }V telnet (telnet 192.168.0.1)Albg[Nڑ
     eXg܂BLOGIN vvg\Ȃꍇɂ́Albg[N
     ̐ݒmFĂB

  4.6.  MacTCP ̓삷 MacOS x[XVXeł̐ݒ

  1. 炩 Ethernet A_v^̃hCoCXg[Ă܂B
     CXg[̎菇ɂẮAlbg[NJ[h̐QƂ
     B

  2. uMacTCP Rg[plvJ܂BK؂ȃlbg[NhC
     o(EtherTalk ł͂Ȃ Ethernet)IAuڍ(More...)vNb
     N܂B

  3. uAhX̎擾:(Obtain Address:)vŁu蓮(Manually)vN
     bN܂B

  4. uIP AhX:(IP Address:)ṽ|bvAbvj[uN
     XC(class C)vI܂B̃_CAO{bNX̂ق́̕A
     ̂܂܂ɂĂ܂B

  5. uhCl[T[o:(Domain Name Server Information:)vɓK
     ؂ȃAhX͂܂B

  6. uQ[gEFCAhX:(Gateway Address:)v 192.168.0.1 Ɠ͂
     ܂B

  7. uOKvNbNĐݒlۑ܂BuMacTCP Rg[pl
     ṽCEBhEɂuIP AhX:(IP Address:)v{bNX
     Mac }V IP AhX(192.168.0.x,1 < x < 255)͂܂B

  8. uMacTCP Rg[plv܂BċN𑣂_CAO{b
     NXꂽAVXeċN܂B

  9. ̎_ŁALinux }V telnet ălbg[NڑeXg
     Ƃł܂B MacTCP Watcher Ƃt[EFAvOgp
     Ăꍇɂ́AuPingv{^NbNāA|bvAbv_
     CAO{bNX Linux }ṼAhX(192.168.0.1)͂܂(
     ܂ LAN ̐ڑeXgĂ邾Ȃ̂ŁALAN ̊O ping ͑ł
     ܂)Bping łĂuvȂꍇɂ́Albg[N̐ݒ
     mFĂB

  10.
     VXetH_ Hosts t@C쐬΁ALAN ̃}VzX
     gŎQƂł悤ɂȂ܂B̃t@ĆAłɃVXetH
     _ɗpӂĂ܂B(RgAEgꂽ)TvGg
     ܂AX̃j[Yɍ킹ďCł悤ɂȂĂ܂B

  4.7.  Open Transport ̓삷 MacOS x[XVXeł̐ݒ

  1. 炩 Ethernet A_v^̃hCoCXg[Ă
     BCXg[̎菇ɂẮAlbg[NJ[h̐Q
     ĂB

  2. uTCP/IP Rg[plvJāAuҏW(Edit)vj[
     up҃[h(User Mode...)vI܂Bp҃[hȂ
     uڂw(Advanced)vɐݒ肳Ă邱ƂmFA
     uOKv{^NbN܂B

  3. ut@C(File)vj[uݒ(Configurations...)vI
     Buȗݒ(Default)vIAu(Duplicate...)v{^
     NbN܂Buݒ̕(Duplicate Configuration)v_CAO
     uIP Masqv(́AʂȐݒł邱Ƃ悤ȖO)
     ܂BƁAuftHgRs[(Default copy)vƂ悤ȃb
     Z[W\܂BuOKv{^NbNāAuς(Make
     Active)v{^NbN܂B

  4. uoR:(Connect via:)v|bvAbvuEthernetvI܂B

  5. uݒ:(Configure:)v|bvAbvK؂ȍڂI܂Bǂ̃I
     vVIł悢Ȃꍇɂ́AƓuȗ
     (Default)vIAIĂB́u蓮(Manually)v
     Iт܂B

  6. uIP AhX:(IP Address:)v{bNX Mac  IP Ah
     X(192.168.0.xA1< x < 255)͂܂B

  7. uTulbg}XN:(Subnet mask:)v{bNX 255.255.255.0 Ɠ
     ܂B

  8. u[^AhX:(Router address:)v{bNX 192.168.0.1 Ɠ͂
     ܂B

  9. ul[T[oAhX:(Name server addr.:)v{bNXɃhCl[
     T[o IP AhX͂܂B

  10.
     upX̎w:(Implicit Search Path:)vŁũhC
     (Starting domain name)v{bNXɃC^[lbghC̖O(
     Ƃ΁Amicrosoft.com)͂܂B

  11.
     ȉ̑́AKvɉčs܂BsȒlw肷ƁA삪s
     ɂȂ邱Ƃ܂B悭Ȃꍇɂ́AuNA
     `FbNA܂͖Î܂܂ɂĂ܂B
     tB[hɒl͂Ăꍇɂ́Aׂč폜ĂB
     ̒mATCP/IP _CAOɂ́AIς݂̃JX^ Hosts
     t@C̎gp𖳌悤ȋ@\͂Ȃ悤łB΁A
     B

     lbg[N 802.3 t[^CvKvƂꍇɂ́A
     u802.3vɃ`FbN܂B

  12.
     uIvV(Options...)v{^NbNāATCP/IP ANeBu
     ɂ܂B킽́uKvȂƂɂ[h(Load only when needed)v
     ƂIvVgpĂ܂B}Vu[g TCP/IP A
     vP[V̎sƏIxJԂ悤ȎgꍇA
     uKvȂƂɂ[h(Load only when needed)vIvVgp
     ΁A}ṼǗɑ΂eh~܂͌ył܂B
     IvVɃ`FbNȂꍇATCP/IP vgRX^bN
     ́AK[hāAłgpłԂɂȂ܂B̃Iv
     VɃ`FbNꂽꍇATCP/IP X^bN͕KvȂƂɎI
     [hAsvɂȂƃA[h܂B̂悤ȃ[hƃA
     [ȟJԂ́A̒fЉ܂˂ꂪ܂B

  13.
     ̎_ŁALinux }V ping łălbg[NڑeXg
     邱Ƃł܂BMacTCP Watcher Ƃt[EFAvOgp
     Ăꍇɂ́AuPingv{^NbNāA|bvAbv_
     CAO{bNX Linux }ṼAhX(192.168.0.1)͂܂(
     ܂ LAN ̐ڑeXgĂ邾Ȃ̂ŁALAN ̊O ping ͑ł
     ܂)Bping łĂuvȂꍇɂ́Albg[N̐ݒ
     mFĂB

  14.
     VXetH_ Hosts t@C쐬΁ALAN ̃}VzX
     gŎQƂł悤ɂȂ܂B̃t@ĆAłɃVXetH
     _ɗpӂĂ܂B(RgAEgꂽ)TvGg
     ܂AX̃j[Yɍ킹ďCł悤ɂȂĂ܂B̃t@
     CVXetH_ɂȂꍇɂ́AMacTCP ̓삵ĂVXe
     Rs[邱Ƃł܂Aō쐬邱Ƃł܂(
     t@ĆARFC952 ɋLqĂ Unix  /etc/hosts t@C
     tH[}bgɏ̂ł)Bt@C쐬AuTCP/IP R
     g[plvJAuHosts t@C̑I...(Select Hosts
     File...)v{^NbN Hosts t@CJ܂B

  15.
     N[Y{^NbN邩Aut@Cvj[́uv
     ́uIvIĂuۑv{^NbNĕύXe
     ܂B

  16.
     ύXe͂ɔf܂AVXeu[gĂ܂
     B

  4.8.  DNS gp Novell lbg[Nł̐ݒ

  1. 炩 Ethernet A_v^ɓK؂ȃhCoCXg[Ă
     ܂BCXg[̎菇ɂẮAlbg[NJ[h̐Q
     ƂĂB

  2. The Novell LanWorkPlace page
     <ftp://ftp.novell.com/pub/updates/unixconn/lwp5>  tcpip16.exe
     _E[h܂By: L URI ͖łB܂A
     tcpip16.exe ͌܂łBɁA
     <ftp://ftp.novell.com/pub/allupdates/tcp312.exe> Ƃ̂͌
     ܂BAAꂪ̕ŋLKvȂ̂Ȃ̂͂킩
     Bz

  3.

     c:\nwclient\startnet.bat

  SET NWLANGUAGE=ENGLISH
  LH LSL.COM
  LH KTC2000.COM
  LH IPXODI.COM
  LH tcpip
  LH VLM.EXE
  F:

  4.

     c:\nwclient\net.cfg

  Link Driver KTC2000
          Protocol IPX 0 ETHERNET_802.3
          Frame ETHERNET_802.3
          Frame Ethernet_II
          FRAME Ethernet_802.2

  NetWare DOS Requester
             FIRST NETWORK DRIVE = F
             USE DEFAULTS = OFF
             VLM = CONN.VLM
             VLM = IPXNCP.VLM
             VLM = TRAN.VLM
             VLM = SECURITY.VLM
             VLM = NDS.VLM
             VLM = BIND.VLM
             VLM = NWP.VLM
             VLM = FIO.VLM
             VLM = GENERAL.VLM
             VLM = REDIR.VLM
             VLM = PRINT.VLM
             VLM = NETX.VLM

  Link Support
          Buffers 8 1500
          MemPool 4096

  Protocol TCPIP
          PATH SCRIPT     C:\NET\SCRIPT
          PATH PROFILE    C:\NET\PROFILE
          PATH LWP_CFG    C:\NET\HSTACC
          PATH TCP_CFG    C:\NET\TCP
          ip_address      192.168.0.xxx
          ip_router       192.168.0.1

  Ĺuip_addressvtB[h IP AhXύX(192.168.0.xA1 < x < 255)A c:\bin\resolv.cfg ܂ -

  SEARCH DNS HOSTS SEQUENTIAL
  NAMESERVER xxx.xxx.xxx.xxx
  NAMESERVER yyy.yyy.yyy.yyy

  5. ɁAĹuNAMESERVERvGgҏWāA[J DNS T[o
      IP AhXɏ܂B

  6. Q[gEFC}Vւ̐ڑeXgׂɁAɋL ping R}h
     𔭍s܂ - ping 192.168.0.1
     (܂ LAN ̐ڑeXgĂ邾Ȃ̂ŁALAN ̊O ping ͑
     Ă܂)B ping ɁuvȂꍇɂ̓lbg[N̐ݒmF
     ĂB

  4.9.  OS/2 Warp ł̐ݒ

  1. 炩 Ethernet A_v^ɓK؂ȃhCoCXg[Ă
     ܂BCXg[̎菇ɂẮAlbg[NJ[h̐Q
     ƂĂB

  2. ܂ TCP/IP vgRCXg[ĂȂꍇɂ́ACXg[
     ܂B

  3. uvO/TCP/IP (LAN) / TCP/IPv ̐ݒJ܂B

  4. ulbg[Nv TCP/IP AhX(192.168.0.x)ǉAlbg}X
     N(255.255.255.0)ݒ肵܂B

  5. u[eBOvŁuǉvNbN܂Bu^CvvuftH
     g(default)vɐݒ肵Au[^̃AhX(Router Address)vtB[
     h Linux }V IP AhX(192.168.0.1)^Cv܂B

  6. uHostsv̗ɂ́ALinux zXgŎgpĂ DNS (l[T[o)
     AhXƓAhX͂܂B

  7. uTCP/IP Rg[plv܂B̂ƂɌ鎿ɂ́A
     ׂ yes ƓĂ܂B

  8. VXeu[g܂B

  9. Linux }V ping Albg[N̐ݒeXg܂BuOS/2 R
     }hvvgEBhEv ping 192.168.0.1 Ɠ͂܂B ping
     pPbgM΁Aׂ OK łB

  4.10.  IBM AS/400 ŉғ OS/400 ł̐ݒ

  ̃hLgł́AAS/400 ŉғ OS/400(o[W V4R1M0)ł
  TCP/IP ̐ݒ@ɂĂ͌y܂B

  1) AS/400 ŒʐMݒƂsɂ́A[Uvt@C *IOSYSCFG
  (I/O System Configuration) ƂʂȌ`ĂȂ΂Ȃ
  ܂B[Uvt@C̐ݒéADSPUSRPRF R}hɂ
  `FbNł܂B

  2) GO CFGTCP R}h^CvāAuTCP/IP ̐ݒvj[Ăяo
  ܂B

  3) uIvV2(Option 2)v́uTCP/IP [g̐ݒ(Work with TCP/IP
  Routes)vI܂B

  4) uOptvtB[h 1 Ɠ͂ă[gǉ܂B * u[g
  (Route Destination)vɂ́A*DFTROUTE ƃ^Cv܂B * uTulbg
  }XN(Subnet Mask)vɂ́A*NONE ƃ^Cv܂B * uT[rX̃^C
  v(Type of Service)vɂ́A*NORMAL ƃ^Cv܂B * uzbv(Nex
  Hop)vɂ́AQ[gEFC(Linux }V)̃AhX^Cv܂B

  4.11.  ̑̃VXeł̐ݒ

  ̃vbgtH[łA̓悤ȗŐݒ肪s͂łB
  L̊eZNVǂݕԂĐݒ̗cĂBŌy
  ȂVXeł̐ݒ@Ă݂悤Ǝv́AڍׂȐݒ菇
   ambrose@writeme.com y dranch@trinnet.net ܂ł肭B

  5.  IP }XJ[h̃eXg

  ēƂƏIA悢 IP }XJ[h̖{iIȃeXg
  鎞܂B܂ł Linux {bNXċN
  /etc/rc.d/rc.firewall Ɏs邱ƂmF܂傤B̊mF
  I玟͓ LAN ̐ڑƁALinux zXgC^[lbgւ̐
  ̂ǂ삵Ă邱ƂmFĂB

  }XJ[h̐ݒ肪SĐsĂ邱ƂmF邽߂ɁAȉ
  10 XebṽeXgsĂB

  5.1.  [J PC ̐ڑeXg

  o

  o  Xebv 1 - [J PC ̐ڑeXg

     }XJ[hĂlbg[N̓̃Rs[^ŁA
     [J IP AhX ping łĂ (܂ ping
     192.168.0.10 )B̃eXg TCP/IP [J PC Ő삵
     Ă邱ƂmF܂Bŋ߂̂قƂǂ̃Iy[eBOVXe
     ͍ŏping R}h܂B[J IP AhXւ ping
     ɓ삵ȂꍇA HOWTO őOq ``NCAg̐ݒ''
     ŐʂɃNCAg PC  TCP/IP ݒ肳Ă
     m߂ĂBo͌ʂ͈ȉ̂悤ɂȂ͂ł(ping 
     ~ɂ Control-C Ă)B

     ___________________________________________________________________
     masq-client# ping 192.168.0.10
     PING 192.168.0.10 (192.168.0.10): 56 data bytes
     64 bytes from 192.168.0.10: icmp_seq=0 ttl=255 time=0.8 ms
     64 bytes from 192.168.0.10: icmp_seq=1 ttl=255 time=0.4 ms
     64 bytes from 192.168.0.10: icmp_seq=2 ttl=255 time=0.4 ms
     64 bytes from 192.168.0.10: icmp_seq=3 ttl=255 time=0.5 ms

     --- 192.168.0.10 ping statistics ---
     4 packets transmitted, 4 packets received, 0% packet loss
     round-trip min/avg/max = 0.4/0.5/0.8 ms
     ___________________________________________________________________

  5.2.  Linux ̓ڑ̃eXg

  o

  o  Xebv 2 - Linux ̓ڑ̃eXg

     }XJ[hT[oŁAlbg[NC^[tF[XJ[h̓ IP
     AhX ping łĂ (܂ ping 192.168.0.1)Bo͌
     ʂ͈ȉ̂悤ɂȂ͂ł(ping 𒆎~ɂ Control-C 
     )B

     ___________________________________________________________________
     masq-client# ping 192.168.0.1
     PING 192.168.0.1 (192.168.0.1): 56 data bytes
     64 bytes from 192.168.0.1: icmp_seq=0 ttl=255 time=0.8 ms
     64 bytes from 192.168.0.1: icmp_seq=1 ttl=255 time=0.4 ms
     64 bytes from 192.168.0.1: icmp_seq=2 ttl=255 time=0.4 ms
     64 bytes from 192.168.0.1: icmp_seq=3 ttl=255 time=0.5 ms

     --- 192.168.0.1 ping statistics ---
     4 packets transmitted, 4 packets received, 0% packet loss
     round-trip min/avg/max = 0.4/0.5/0.8 ms
     ___________________________________________________________________

  5.3.  Linux ̊Oڑ̃eXg

  o

  o  Xebv 3 - Linux ̊Oڑ̃eXg

     ɁA}XJ[hET[õC^[lbgɐڑꂽlbg[N
     C^[tF[XJ[h̊O IPAhX ping łĂB
     ̃AhX PPPAC[Tlbg ISP ɐڑꂽAhXłB
      IP AhX킩Ȃ΁AC^[lbgEAhX𒲂ׂ邽
     ߂Ƀ}XJ[hET[oLinuxR}h "/sbin/ifconfig" s
     ĂBo͌ʂ͈ȉ̂悤ɂȂ͂ł(eth0  IP AhX
     𒲂ׂĂꍇ)B

     ___________________________________________________________________
     eth0      Link encap:Ethernet  HWaddr 00:08:C7:A4:CC:5B
               inet addr:12.13.14.15  Bcast:64.220.150.255  Mask:255.255.255.0
               UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
               RX packets:6108459 errors:0 dropped:0 overruns:0 frame:0
               TX packets:5422798 errors:8 dropped:0 overruns:0 carrier:8
               collisions:4675 txqueuelen:100
               Interrupt:11 Base address:0xfcf0

     ___________________________________________________________________

  ̒ʂA̗ɂĊO IP AhX "12.13.14.15" łB
  "ifconfig" R}hs邱Ƃ IP AhX킩̂ŁÅO
   IP AhX ping ł܂B̓}XJ[hET[om
  lbg[NɐڑĂ邱Ƃm߂邱ƂɂȂ܂Bo͌ʂ͈ȉ
  ̂悤ɂȂ͂ł (ping 𒆎~ɂ Control-C Ă
  )B

  ______________________________________________________________________
  masq-server# ping 12.13.14.15
  PING 12.13.14.15 (12.13.14.15): 56 data bytes
  64 bytes from 12.13.14.15: icmp_seq=0 ttl=255 time=0.8 ms
  64 bytes from 12.13.14.15: icmp_seq=1 ttl=255 time=0.4 ms
  64 bytes from 12.13.14.15: icmp_seq=2 ttl=255 time=0.4 ms
  64 bytes from 12.13.14.15: icmp_seq=3 ttl=255 time=0.5 ms

  --- 12.13.14.15 ping statistics ---
  4 packets transmitted, 4 packets received, 0% packet loss
  round-trip min/avg/max = 0.4/0.5/0.8 ms
  ______________________________________________________________________

  ̃eXĝǂ炩삵ȂȂAɖ߂ălbg[N
  P[uڑĊmFA "dmesg" R}hsƂɃ}XJ[
  hET[o2 NIC \邩mFKv܂B̏o͌
  ʂ̗ "dmesg" R}h̏o͂̍Ō̂قȉ̂悤ɂȂł傤
  -

  ______________________________________________________________________
  .
  .
  PPP: version 2.3.7 (demand dialling)
  TCP compression code copyright 1989 Regents of the University of California
  PPP line discipline registered.
  3c59x.c:v0.99H 11/17/98 Donald Becker
  http://cesdis.gsfc.nasa.gov/linux/drivers/
  vortex.html
  eth0: 3Com 3c905 Boomerang 100baseTx at 0xfe80,  00:60:08:a7:4e:0e, IRQ 9
    8K word-wide RAM 3:5 Rx:Tx split, autoselect/MII interface.
    MII transceiver found at address 24, status 786f.
    Enabling bus-master transmits and whole-frame receives.
  eth1: 3Com 3c905 Boomerang 100baseTx at 0xfd80,  00:60:97:92:69:f8, IRQ 9
    8K word-wide RAM 3:5 Rx:Tx split, autoselect/MII interface.
    MII transceiver found at address 24, status 7849.
    Enabling bus-master transmits and whole-frame receives.
  Partition check:
   sda: sda1 sda2 < sda5 sda6 sda7 sda8 >
   sdb:
  .
  .
  ______________________________________________________________________

  ܂A g Linux fBXgr[Vł NIC ̐ݒ肪A
  HOWTO ̑ÔقŐĂʂɐݒ肳Ă邩mF邱
  YȂłB

  5.4.  [J PC  Linux ւ̐ڑeXg

  o

  o  Xebv 4 - [J PC  Linux ւ̐ڑeXg

     }XJ[hĂlbg[ÑRs[^A}XJ
     [hĂ Linux {bNX̓lbg[ÑC[TlbgEJ[
     h IP AhX ping ł܂(܂ ping 192.168.0.1)B
     ́Albg[Nyу[eBOƂ؂܂Bo
     ʂ͈ȉ̂悤ɂȂ͂ł(ping 𒆎~ɂ Control-C 
     Ă)B

     ___________________________________________________________________
     masq-client# ping 192.168.0.1
     PING 192.168.0.1 (192.168.0.1): 56 data bytes
     64 bytes from 192.168.0.1: icmp_seq=0 ttl=255 time=0.8 ms
     64 bytes from 192.168.0.1: icmp_seq=1 ttl=255 time=0.4 ms
     64 bytes from 192.168.0.1: icmp_seq=2 ttl=255 time=0.4 ms
     64 bytes from 192.168.0.1: icmp_seq=3 ttl=255 time=0.5 ms

     --- 192.168.0.1 ping statistics ---
     4 packets transmitted, 4 packets received, 0% packet loss
     round-trip min/avg/max = 0.4/0.5/0.8 ms
     ___________________________________________________________________

  ܂Ȃ̂ȂA}XJ[hET[oyуNCAgER
  s[^̃C[TlbgEJ[h "link" v_Ă邱Ƃm
  ߂ĂBʓIɂ͊eC[TlbgEJ[ȟ㕔ɂ LED ƃnu
  XCb`gpĂꍇ͂ LED _܂B_Ă
  Ȃ΁A}XJ[hĂlbg[N̓̃Rs[^ ``
  NCAg̐ݒ'' ̏͂Ő悤ɐݒ肳Ă邱Ƃm
  ߂ĂB}XJ[hĂNCAgɖ肪΁A
  lbg[NEP[u̔zĊmFA}XJ[hĂNCA
  gERs[^ NIC  Linux {bNX̓ NIC ̗ LINK 
  Cg_Ă邱ƂmFĂB

  5.5.  }XJ[h ICMP ]̃eXg

  o

  o  Xebv 5 - }XJ[h ICMP ]̃eXg

     }XJ[hĂlbg[ÑRs[^ALX
     ebv 3 œꂽ}XJ[hET[o̊O IP AhX ping 
     łĂB̃AhX PPPAC[Tlbg ISP ɐڑ
     AhXłB ping ́A}XJ[h삷邱ƂeXg
     ܂( ICMP ̓}XJ[hĂ܂)B

     ܂ȂꍇA܂}XJ[hĂNCAg PC
     ̃ftHgEQ[gEFC}XJ[hET[o̓ NIC  IP A
     hX𐳂wĂ邩m߂ĂB܂
     /etc/rc.d/rc.firewall ̃XNvgG[ɑ邱ƂĊmF
     ĂBeXĝ /etc/rc.d/rc.firewall ̃XNvgēx
     点Ă݂āAꂪ邩ǂĂB܂قƂǂ̃J[l
     ̓ftHgŗLɂȂĂ܂AJ[lERtBM[V
     ̒ "ICMP Masquerading"  /etc/rc.d/rc.firewall XNvg
      "IP Forwarding" LɂĂ邱Ƃm߂ĂB

     ł܂܂삵ȂȂALinux }XJ[hET[oŎ
     ̃R}h𑖂点Ă̏o͌ʂĂ -

     o

     o  "ifconfig" - C^[lbgɐڑĂC^[tF[X
        ippp0  eth0 Ȃǁj삵ĂāAC^[lbg
        ڑ IP AhXĂ邱ƂmF܂B̏o͌ʂ
        ͏LXebv3̒ŎĂ܂B

     o  "netstat -rn" - ftHgEQ[gEFC (Gateway ̗̒ɂ
        IP AhX) ݒ肳Ă邱ƂmFĂB
        ̏o͌ʂ͈̈ȉ̂悤ɂȂ܂B

        ________________________________________________________________
        masq-server# netstat -rn
        Kernel IP routing table
        Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
        192.168.0.1     0.0.0.0         255.255.255.255 UH        0 16384      0 eth1
        12.13.14.15     0.0.0.0         255.255.255.255 UH        0 16384      0 eth0
        12.13.14.0      0.0.0.0         255.255.255.0   U         0 0          0 eth0
        192.168.0.0     0.0.0.0         255.255.255.0   U         0 0          0 eth1
        127.0.0.0       0.0.0.0         255.0.0.0       U         0 16384      0 lo
        0.0.0.0         12.13.14.1      0.0.0.0         UG        0 16384      0 eth0

        ________________________________________________________________

     0.0.0.0 Ŏn܂ĂŌ̍sɒڂĂB Gateway
     tB[h IP AhX܂ˁB̃tB[h̒ɐݒ肵
     IP AhXȂ΂Ȃ܂B

     o  "cat /proc/sys/net/ipv4/ip_forward"  - ̌ʂ "1" ɂȂĂ
        邱ƂmFĂBȂĂ Linux ̃tH[fB
        O͗LƂȂĂ܂B

     o  2.2.x [UȂ "/sbin/ipchains -n -L" ƂR}hA
        2.0.x [UȂ "/sbin/ipfwadm -F -l" ƂR}hs
        ݂ĂBɃtH[fBȌ͂𒲂ׂāAȂ}XJ
        [hLɂĂ邩mFĂBP rc.firewall
        [Zbgg[U[̏ꍇA IPCHAINS ̏o͌ʂ̈
        ȉ̂悤ɂȂł傤B

        ________________________________________________________________
        .
        .
        Chain forward (policy REJECT):
        target     prot opt     source                destination           ports
        MASQ       all  ------  192.168.0.0/24       0.0.0.0/0             n/a
        ACCEPT     all  ----l-  0.0.0.0/0            0.0.0.0/0             n/a
        .
        .

        ________________________________________________________________

  5.6.  }XJ[hꂽ ICMP ̊O]̃eXg

  o  Xebv 6 - }XJ[hꂽ ICMP ̊O]̃eXg

     }XJ[hĂlbg[ÑRs[^AC^[
     lbg̊ǑŒ TCP/IP AhXɑ΂ ping ł܂(܂
     ping 152.19.254.81  http://metalab.unc.edu - MetaLabs Linux
     Archive  home ł)Bꂪ삷ꍇAICMP }XJ[fBO
     C^[lbgœ삵Ă邱ƂӖ܂B܂
     ꍇAēxC^[lbgڑ`FbNĂBł
     ܂삵ĂȂꍇAP rc.firewall [Zbggp
     邩A܂ Linux J[l ICMP Masqurading LɂăRpC
     Ă邱Ƃm߂ĂB܂[Zbg̒ enable IP
     MASQ OC^[tF[XwĂ邱Ƃm߂ĂB

  5.7.  DNS gȂ}XJ[h@\̃eXg

  o

  o  Xebv 7 - DNS gȂ}XJ[h@\̃eXg

     ĉu IP AhXւ TELNET sĂ݂Ă(Ȃ킿
     telnet 152.2.254.81) (metalab.unc.edu - ̃T[o[͂Z
     ̂ŃOCvvg܂ŎԂ邩܂)B 
     ΂炭ăOCEvvg܂B ꂽȂATCP ̃}
     XJ[h͂܂삵Ă܂BȂ΁A198.182.196.55
     (www.linux.org) ̂悤 TELNET gȑ̂̃zXg
     TELNET Ă݂ĂB ꂪȂȂꍇÂƂ
     simple rc.firewall [ZbggpĂ邱Ƃm߂Ă
     B̏o͌ʂ͈̈ȉ̂悤ɂȂł傤(TELNET 甲
     ɂ Control-D Ă)B

     ___________________________________________________________________
     masq-client# telnet 152.2.254.81
     Trying 152.2.254.81...
     Connected to 152.2.254.81.
     Escape character is '^]'.

     SunOS 5.7

     ******************** Welcome to MetaLab.unc.edu *******************

      To login to MetaLab as a user, connect to login.metalab.unc.edu.
                This machine allows no public telnet logins.

     login: Connection closed by foreign host.
     ___________________________________________________________________

  5.8.  DNS g}XJ[h@\̃eXg

  o  Xebv 8 - DNS g MASQ @\̃eXg

     ł́Au HOSTNAME ւ TELNET ݂Ă (Ⴆ΁A
     "telnet metalab.unc.edu" (152.2.254.81))Bꂪ삷ȂADNS
     ܂삵Ă邱ƂӖ܂BXebv 6 삵̂
     ꂪ삵ȂꍇA}XJ[hĂNCAgER
     s[^ DNS T[oݒ肪 ``NCAg̐ݒ'' ̏͂Ő
     ɐݒ肳Ă邱Ƃm߂ĂB

  5.9.  DNS g}XJ[h@\̒ǉeXg

  o

  o  Xebv 9 - DNS g}XJ[h@\̒ǉeXg

     Ō̃eXgƂāA}XJ[hĂNCAgE}V 1
     炢 'C^[lbg' WWW TCguEYĂ݂Ă
     BāAɃANZXł邩ǂĂBႦ
     ΁ALinux Documentation Project site փANZXĂ݂ĂB
     ꂪłȂAׂĂ܂삵Ă!ƍl܂B
     ̃TCgł͖肪̂ɁA̃TCgɖ肪ꍇA
     ̃XebvɂĂB

     A Linux Documentation Project ̃z[y[WȂ炨߂
     Ƃ! ܂܂!  A WWW TCg
     A PING, TELNET, SSH A֘A IP }XJ[hEW[
     [hꂽ FTP, Real Audio, IRC DCCs, Quake I/II/III, CuSeeme,
     VDOLive ȂǁA̕WIȃlbg[Nڑ͑SĂ܂삷͂
     łBAFTP, IRC, RealAudio, Quake I/II/III 삵ȂA
     邢͓삪sSȂ΁A "lsmod" sāAɕKvȃ}X
     J[hEW[[hĂ邱Ƃm߂ĂB
     AftHgł͑gݍ܂ȂT[rXɕKvȃ|[g̃W[
     [hĂ邩mFĂBKvȃW[
     Ȃ΁AȂ /etc/rc.d/rc.firewall XNvg̃
     W[[hĂ邱Ƃm߂Ă (܂AIP }XJ
     [hEW[gݍނ߂ # ̕폜܂)B

  5.10.  ̑̋@\A\Ɋւ鎖

  o  Xebv 10 - ̑̋@\A\Ɋւ鎖

     AȂ̃VXeSẴeXgɍîɁA WWW u
     EWO FTP ܂͑̃^CṽgtBbNsł΁A7 
      FAQ ̒ɂ ``MTU '' ǂނƂ߂܂B FAQ ̒
     ɂ́A܂܂ő̃[U[̖ɗ悤ɁAȂ̖ɗ
     ڂƂ邱Ƃł傤B

  6.  IP }XJ[hɊ֘Ȃ̍ڂƃ\tgEGAT|[g

  6.1.  IP }XJ[hɊ֌W

  TCP/IP gAvP[VvgR̂̈ꕔɂ́A݂
  Linux  IP }XJ[fBOŃT|[gĂȂ̂܂B
  ̂A͈Öق̂ɓ̃|[gԍgĂA邢
  ̃f[^Xg[ɁA TCP/IP AhX|[gԍÍ
  dł肷邩łB҂̃vgR𓮂߂ɂ͓ʂȃv
  LV IP MASQ W[}XJ[fBÕR[hɎdޕKv
  ܂B

  6.2.  OĂT[rX

  ftHgł͂̗ÔāALinux IP }XJ[fBO
  ͊OĂT[rX舵Ƃł܂B

  AxŃZLeBmۂKvȂȂAP IP 
  |[gtH[hȂ胊_CNg΂ނł傤B͂
  ܂Ał肵Ă̂ IPPORTFW g肩ł傤B
  ׂ́A ``tH[_ (|[g]c[)'' ̏͂QƂĂB

  AOĂڑɉ炩̔F؂ݒ肵ȂATCP-
  wrapper  Xinetd ݒ肵ē IP AhX݂̂̐ڑ
  ł܂BTIS Firewall Toolkit ̓c[肷̂ɂ悢ꏊ
  ł傤B

  ڍׂȃZLeBɂẮATrinityOS
  <http://www.ecst.csuchico.edu/~dranch/LINUX/index-
  linux.html#TrinityOS>  IP }XJ[h̏񌹂猩邱Ƃł
  ܂B

  6.3.  T|[gĂNCAg\tgEGAƂ̑̐ݒ

       **Linux Masquerade Application list <http://www.tsmser-
       vices.com/masq> ɂ́AAvP[VLinux  IP }XJ
       [fBOʂē߂̑̏񂪌fڂĂ
  B̃TCg͍ŋ߂ɂȂāASteve Srevemeyer ɂăf[
  ^x[XobNGhœ삷悤ɏ߂܂Bf
  炵񌹂łI

  ʓIɁAWI TCP y UDP gAvP[VłΓ삵
  ܂BAqgAhoCXȂAڍׂɂĂ IP }XJ
  [h̏ <http://ipmasq.cjb.net/> QƂĂB

  6.3.1.  IP }XJ[hœ삷lbg[NNCAg

  ʓIȃNCAg -

     Archie
        IP }XJ[hT|[gς݂̑SẴvbgtH[œ삷
        At@CTNCAg (AASĂ archie NCAg
        삷킯ł͂Ȃ)B

     FTP
        FTP ڑɂẮAip_masq_ftp.o J[lW[g
        ŁASẴT|[gς݃vbgtH[œ삷B

        y: NAT ̈ꕔ (marked forward p) ł́A
        ip_masq_ftp 삵ȂƂmFĂ܂B ftp NCA
        gpbVu (PASV) [hŋN΁A ip_masq_ftp.o Ȃ
        T ftp T[oւ̐ڑ\łB PASV [h̏ڍׂɂ
        ẮAႦ <http://www.rtpro.yamaha.co.jp/RT/FAQ/TCPIP/ftp-
        passive-mode.html> ӂ肪QlɂȂ邩Ǝv܂Bz

     Gopher NCAg
        SẴT|[gς݃vbgtH[œ삷B

     HTTP
        SẴT|[gς݃vbgtH[œ삷AWebT[tBB

     IRC
        X̃T|[gς݃vbgtH[œ삷BȂA DCC 
        ip_masq_irc.o W[𓱓Γ삷B

        y: DCC ɂẮA ``Linux 2.2.x J[l'' ̖󒍂QƂ
        ĂBz

     NNTP (USENET)
        SẴT|[gς݃vbgtH[œ삷A USENET j[XN
        CAgB

     PING
        J[lIvV ICMP }XJ[hLɂ邱ƂŁASĂ
        vbgtH[œ삷B

     POP3
        ׂẴvbgtH[œ삷Adq[NCAg

     SSH
        SẴT|[gς݃vbgtH[œ삷AS TELNET/FTP
        NCAgB

     SMTP
        SẴT|[gς݃vbgtH[œ삷A sendmail, qmail,
        PostFix ̃[T[oB

     TELNET
        SẴT|[gς݃vbgtH[œ삷A[gZbV
        B

     TRACEROUTE
        UNIX  Windows vbgtH[Œ񋟂Ă邪A̈
        ͓ȂȂB

     VRML
        Windows (邢͂ȊÕT|[gς݃vbgtH[) ɂē
        삷Auo[`EAeBy: zzvZpɂ
        Web T[tBB

     WAIS NCAg
        SẴT|[gς݃vbgtH[œ삷B

  }`fBA y ʐMNCAg -

     SĂ H.323 vO
        - MS Netmeeting, Intel Internet Phone Beta yт̑ H.323 A
        vP[V - ɂẮA IP }XJ[hoR
        œ߂̕@̂ƂQ݂܂ -

        2.2.x J[l Microsoft Netmeeting v3.x𓮂߂̈肵
        삷x[^ŃW[ IP }XJ[h̏񌹂܂
        http://www.coritel.it/projects/sofia/nat.html
        <http://www.coritel.it/projects/sofia/nat.html> ɂ܂B
        ͂܂ʂȃo[WƂāANetmeeting 2.x  2.0.x J[l
        ߂̃W[ MASQ WWW TCgɂ܂
        Netmeeting v3.x ̓T|[gĂ܂B

        p\tgɂʂ̉@ƂẮA Equivalence  PhonePatch
        <http://www.equival.com.au/phonepatch/index.html> ɂ H.323
        Q[gEFC܂B

     Alpha Worlds
        Windows œ삷 NCAgET[o 3D `bgvO
        

     CU-SeeMe
        SẴT|[gς݃vbgtH[œ삵܂A
        ip_masq_cuseeme gݍނƂKvłBڍׂɂĂ ``'' 
        ͂QƂĂB

     ICQ
        񋟂ꂽׂẴvbgtH[œB Linux J[l
        IPPORTFW T|[gLɂăRpCA ICQ g  SOCKS
        vLV̓œ삷悤ɐݒ肵Ȃ΂Ȃ܂Bݒ̑S
        ڍׂɂĂ ``'' ̏͂QƂĂB

     Internet Phone 3.2
        Windows œ삷 sAEc[EsẢɂʐM\Ƃ
        ̂łBȂ̑瑊ĂяoΒʘbł܂A̕
        ȂĂяoɂ͓̃|[gɑ΂]ݒ肵Ȃ΂
        ܂BڍׂɂĂ ``tH[_ (|[g]c[)'' ̏
        QƂĂB

     Internet Wave Player
        Windows œ삷Albg[NEXg[EI[fBIEvO
        

     Powwow
        Windows œ삷AsAEc[EsA^Cv̕Ɖ𕹗pł
        uzCg{[hvʐMvOłBȂ̑瑊Ă
        oΒʘbł܂A̕ȂĂяoɂ͓̃|[g
        ɑ΂]ݒ肵Ȃ΂Ȃ܂BڍׂɂĂ ``tH
        [_ (|[g]c[)'' ̏͂QƂĂB

     Real Audio Player
        Windows œ삷Albg[NEXg[~OEI[fBIEv
        OłB ip_masq_raudio UDP W[g΁Aiʂ̍
        \łB

     True Speech Player 1.1b
        Windows œ삷Xg[~OEI[fBIEvOłB

     VDOLive
        Windows œ삵܂B ip_masq_vdolive W[gΉ\
        B

        y:  ip_masq_vdolive patch ƂȂĂ܂Aۂ̓
        W[łBz

     Worlds Chat 0.9a
        Windows œ삷ANCAgET[o 3D `bgvO
        łB

  lbg[NΉQ[̗ - LooseUDP pb`ɂĂ̏ڍׂ ``'' ̏
  QƂĂB

     Battle.net
        Q[}Vɑ΂āA TCP |[g 116  118AX UDP |[g
        6112  IPPORTFW ɂėLɂ邱Ƃœ삵܂Bڍׂ ``tH
        [_ (|[g]c[)'' ̏͂QƂĂB FSGS 
        Bnetd T[o͂܂ NAT ł܂悤ɏĂ܂
        ̂ŁA IPPORTFW KvƂȂ邱ƂɒӂĂB

        y: FSGS (Free Standard Game Server) ́AuU[hА
        Q[\tglbg[Nΐ펞Ɏgp battle.net Â
        T[o\tgEFAłBڍׂ́A Net-Games ...are you ready to
        play? <http://www.fsgs.com/> y B-Ring <http://b-
        ring.acc.ne.jp/> QƂĂBȂA҂mF
        ́A B-Ring web TCg̃gbvy[WɃANZXɂ́A
        ipchains  tcp |[g 11000 Ԃ REJECT ɐݒ肵Ȃ΂Ȃ
        łB bnetd ́A Starcraft Battle.net server ̃G~[
        ^ŁA GPL ɏ]\[XRɓł邾łȂA Linux,
        Irix ̃oCizzĂ܂Bڍׂ́A
        <http://www.bnetd.org/> QƂĂBz

     BattleZone 1.4
        LooseUDP pb`y NAT ł܂ .DLLs from Activision
        KvłB

     Dark Reign 1.4
        LooseUDP pb`Kp邩A܂̓Q[}Vɑ΂TCP |[
        g 116118 AX UDP |[g 6112 ɑ΂ IPPORTFW Lɂ
        邱ƂKvłBڍׂɂĂ ``tH[_ (|[g]c[
        )'' QƂĂB

     Diablo
        LooseUDP pb`܂ Q[}Vɑ΂ TCP |[g 116118A
        X UDP |[g 6112 ɑ΂ IPPORTFW Lɂ邱ƂKv
        BVo[Wł TCP |[g 6112  UDP |[g 6112 
        gĂ܂BڍׂɂẮA ``tH[_ (|[g]c[
        )'' ̏͂QƂĂB

     Heavy Gear 2
        LooseUDP pb`܂ Q[}Vɑ΂ TCP |[g 116118A
        X UDP |[g 6112 ɑ΂ IPPORTFW Lɂ邱ƂKv
        BڍׂɂĂ ``tH[_ (|[g]c[)'' QƂ
        B

     Quake I/II/III
        ̂܂܂ł삵܂AMASQ ꂽ linux {bNX
        lbg[Nɕ Quake I/II/III vC[ꍇ́A
        ip_masq_quake gƂKvƂȂ܂B܂ÃW[
        ftHgł Quake I  QuakeWorld T|[g悤ɂ
        ȂĂ܂BAQuake II ȍ~A邢̓ftHgł͂
        T[õ|[gԍgKvȂA``''  ``'' [
        Zbg̃W[̑gݍ݂̏͂QƂĂB

     StarCraft
        LooseUDP pb` ̃Q[}Vɑ΂ TCP  UDP |[g
        6112  IPPORTFW ĂKv܂BڍׂɂẮA ``tH
        [_ (|[g]c[)'' QƂĂB

     WorldCraft
        LooseUDP pb`gΓ삵܂B

  ̑̃NCAg -

     Linux net-acct pbP[W
        Linuxœ삷lbg[NǗAJEgEpbP[W

     NCSA Telnet 2.3.08
        DOSœ삷 telnet, ftp, ping Ȃǂ܂ރ\tgEGAZbg

     PC-anywhere for Windows
        MS-Windows œ삷ATCP/IP vgRʂāAunɂ
        PC 𑀍삷邽߂̃vOBNCAgł͂ȂzXgƂ
        삳ꍇ́Aʂȃ|[gEtH[fBOݒ肪ȂΓ
        삵܂BڍׂɂẮA ``tH[_ (|[g]c[)''
        ̏͂QƂĂB

     Socket Watch
        NTP(lbg[NoR̎vgR)Ă

  6.3.2.  IP }XJ[hŊSɂ̓T|[gĂȂ -

     Intel Streaming Media Viewer Beta 1
        T[oɐڑłȂ

     Netscape CoolTalk
        ʘbɐڑłȂ

     WebPhone
        ̂Ƃ듮삵ĂȂ(̎w@ɕsK؂ȑOpĂ
        )

  6.4.  苭͂ IP t@CAEI[ (IPFWADM) [Zbg

  ̏͂ł́AJ[l 2.0.x ̃t@CAEH[Ec[ł IPFWADM 
  gۂ́AڍׂȃKCh܂B IPCHAINS ̃[Zbgɂ
  ͌q܂B
  ̗́AŒIɃAhX^悤 PPP ڑ̔wɂt@
  CAEI[ƃ}XJ[hł (IɃAhX^ PPP ̎gp
  @ɂẮA܂܂Ă͂܂ɂĂ܂)BMłC^
  tF[X 192.168.0.1 łA PPP C^[tF[X̃AhX́u
  zv邽߂ɕύXĂ܂Bo肻ꂼ̃C^tF[X
  ꂼʂɃXgĂ܂A̓[eBO}XJ[h킩
  ₷ȊOIP Xv[tBOy: UzAsȃ[eB
  Oo₷邽߂̂̂ł܂BmɋĂȂ
  ͋֎~ł (ۂɂ͋ۂ܂)BAȂ IP }XJ[h BOX
  A rc.firewall XNvgꂽƂł܂ƂɓȂȂ
  A /var/log/messages 邢 /var/adm/messages ɂ SYSLOG
  t@Cɉt@CAEI[֌W̃G[ȂmFāAݒ肪
  ĂȂm߂ĂB

  PPPP[ufȂǂgAIPFWADM ɂƋł IP }XJ
  [h̎pIȗɂĂ TrinityOS - Section 10
  <http://www.ecst.csuchico.edu/~dranch/LINUX/index-
  linux.html#TrinityOS>  GreatCircle's Firewall WWW page QƂĂ
  B

   -  A TCP/IP AhX PPP, ADSL, P[ufȂǂoR
   ISP 瓮IɊ蓖Ăꍇɂ́A̋łȃ[ZbgN
  ɐݒ肷邱Ƃ͂ł܂B̂悤ȏꍇɂ́A IP AhX蓖
  Ăxɂ̃t@CAEI[E[Zbgēxǂݍ܂邩A
  邢 /ec/rc.d/rc.firewall [ZbgƃCeWFgɍ
  Kv܂B PPP[Ũ[ZbgKpꍇɂ́Aȍ~
   "Dynamic PPP IP fetch" Əꂽ̃Rg𒍈Ӑ[K؂ɊO
  ĂB܂Ałȃ[ZbgyѓIɊ蓖Ă IP Ah
  XɂĂ̂Əڂ́ATrinityOS - 10
  <http://www.ecst.csuchico.edu/~dranch/LINUX/index-
  linux.html#TrinityOS> ɂ܂B

  ܂AGUI x[XŃt@CAEI[ݒ𐶐悤ȃc[
  ݂܂Bڍׂ́A ``悭鎿 (FAQ)'' ̏͂QƂĂB

  ŌɁAÓIɊ蓖Ă IP AhXgĂȂAȉ̗
   "ppp_ip="your.static.PPP.address"" ƂȂĂ镔Ȃ IP A
  hXɏĂB

  y: ʓIȃvoC_oR PPP ڑ̏ꍇAvoC_ IP
  AhXIɊ蓖Ă܂̂ŁAwǂ̌l[U͂̍s IP A
  hXKv͂܂Bz

  ----------------------------------------------------------------

  #!/bin/sh
  #
  # /etc/rc.d/rc.firewall: IPFWADM g⋭łȃt@CAEI[E[Zbg
  #

  PATH=/sbin:/bin:/usr/sbin:/usr/bin

  # eXgp - ΂炭ҋ@Ă炷ׂẴt@CAEI[[NAB
  # 10ɂׂĂ̐ݒUKvȂAȉ̃RgĂB
  # (sleep 600; \
  # ipfwadm -I -f; \
  # ipfwadm -I -p accept; \
  # ipfwadm -O -f; \
  # ipfwadm -O -p accept; \
  # ipfwadm -F -f; \
  # ipfwadm -F -p accept; \
  # ) &

  # KvȂׂĂ IP }XJ[hW[[h
  #
  #    -  Kv IP }XJ[hW[[h܂BׂĂIP }XJ[h
  #           W[ȉɋLqĂ܂A[hȂ悤ɃRgƂȂ
  #           ܂B

  # W[ŏɃ[h鎞ɂ܂Kv
  #
  /sbin/depmod -a

  # PORT gFTP t@C]ɂK؂ IP }XJ[h񋟂܂
  #
  /sbin/modprobe ip_masq_ftp

  # UDP vgRoRARealAudio ̃}XJ[h񋟂܂B̃W[ȂĂ
  #       RealAudio  TCP [hœ삵܂A͒ቺ܂B
  #
  #/sbin/modprobe ip_masq_raudio

  # IRC DCC t@C]̃}XJ[h񋟂܂
  #
  #/sbin/modprobe ip_masq_irc

  # ȉ̎wɂ Quake  QuakeWorld ftHgŒ񋟂܂B
  # ̃W[ Linux  }XJ[hT[õ[U
  # ݂ꍇ̂߂̂̂łB
  # AQuake I, II, 邢 III gȂ΁AQԖڂ̗
  # gĂB
  #
  #    - AQUAKE W[̃[hɃG[oꍇ́AÂoÔJ[lĂ܂B
  #   -----  ̏ꍇ͂VJ[lɒuĂB
  #
  #Quake I / QuakeWorld (ports 26000 and 27000)
  #/sbin/modprobe ip_masq_quake
  #
  #Quake I/II/III / QuakeWorld (ports 26000, 27000, 27910, 27960)
  #/sbin/modprobe ip_masq_quake 26000,27000,27910,27960

  # CuSeeme rfIc\tgEGAɑ΂}XJ[h
  #
  #/sbin/modprobe ip_masq_cuseeme

  # VDO-Live rfIc\tgEGAɑ΂}XJ[h
  #
  #/sbin/modprobe ip_masq_vdolive

  #ɏdv - IP tH[fBO̓ftHgł͖ɂȂĂ̂ŁALɂ܂B
  #
  #           Redhat [Ȕꍇ́A/etc/sysconfig/network ̃IvVws
  #
  #                       FORWARD_IPV4=false
  #                             
  #                       FORWARD_IPV4=true
  #           ɕύXĂB
  #
  echo "1" > /proc/sys/net/ipv4/ip_forward

  #ɏdv - 2.2.x J[lł IP ftOe[ṼT|[g̓ftHgł͖łB
  #
  #           RpC̎wɂ̂łA2.2.12 J[lȍ~͕ύXĂ܂B
  #
  echo "1" > /proc/sys/net/ipv4/ip_always_defrag

  # IɊ蓖Ă IP AhXgp郆[U -
  #
  #   IP AhX SLIP, PPP, DHCP Ȃǂ瓮IɎ擾ꍇ́ÃIvVLɂĂB
  #   ̃IvV́AIP }XJ[hœI IP AhX̑ADiald⓯lȃvO
  #   gpeՂɂ̂łB
  #
  #echo "1" > /proc/sys/net/ipv4/ip_dynaddr

  # Ȃ̐ÓI IP AhXȉɎw肵܂
  #
  #   IɊ蓖Ă IP AhXgpȂAV IP AhX蓖Ă邽тɓKp
  #   悤ɁA[ZbgȂ΂Ȃ܂B̂߂ɂ́AAȉ̂悤Ȉs̃XNvg
  #   LɂKv܂BiXNvg̈dpƓdp̈Ⴂ͈Ӗ܂̂ŒӁj
  #
  #
  #   DHCP 𗘗pꍇ -
  #   ---------------------
  #   TCP/IP AhX DHCP 擾ꍇ́A ppp ZNV̉ɂA
  #   "#" ŃRgAEgꂽLɂA"ppp0" Ƃ镔A
  #   C^[lbgڑp̃C^tF[X̖OɒuȂ
  #   Ȃ܂ (Ⴆ΁A eth0  eth1 ) B
  #   DHCP ͊蓖Ă IP AhX𐏎ύX邱ƂɒӂĂB
  #   ̕ύX𐳂fɂ́A DHCP [XXVxɁA
  #   DHCP NCAgēxsăt@CAEH[[Zbg𔽉f
  #   Ȃ΂Ȃ܂B
  #
  #      #1 -   o[W "pump" ̂悤 (Vo[Wł
  #                 _͏CĂ܂) DHCP NCAgɂẮA
  #                 IP AhX[XXVɃXNvgs邱Ƃ
  #                 łȂ̂܂B
  #                 ̏ꍇ́A"dhcpcd"  "dhclient" ɒuȂ
  #                 Ȃ܂B
  #
  #      #2 -  ŋ߂̃o[W "dhcpcd" ł́AR}h@ς
  #                ܂B
  #
  #               o[Wł̎w@́Â悤Ȃ̂ł -
  #                         dhcpcd -c /etc/rc.d/rc.firewall eth0
  #
  #               Vo[Wł͎̂悤Ɏw肵܂ -
  #                         dhcpcd eth0 /etc/rc.d/rc.firewall
  #
  #      #3 -  Pump gꍇA /etc/pump.conf t@CɎ̋Lq
  #                ǉĂ -
  #
  #                   script /etc/rc.d/rc.firewall
  #
  #
  #   PPP 𗘗pꍇ -
  #   --------------------
  #   CÂł͂Ȃ܂񂪁APPP ڑmxɁA
  #   /etc/ppp/ip-up XNvg삵܂B
  #   𗘗pāAV IP AhX̎擾Ƌłȃt@CAEH[E
  #   [Zbg̍Đݒs܂B
  #
  #   A/etc/ppp/ip-up łɑ݂ĂȂAҏW"/etc/rc.d/rc.firewall"
  #   ƂLqŌ̂ɒǉ悤ɂĂB
  #
  #   A/etc/ppp/ip-up XNvg݂ȂȂA/etc/rc.d/rc.firewall XNvg
  #   s邽߂̎̂悤ȃN쐬Kv܂B
  #
  #       ln -s /etc/rc.d/rc.firewall /etc/ppp/ip-up
  #
  #   * āAȉ̃RgAEgꂽVFR}hKvɉėLɂĂ *
  #
  #
  #
  # PPP y DHCP 𗘗pꍇ -
  # --------------------------------
  # ̍s "#" 폜āA̎̍s̐擪 "#" ĂB
  #
  #ppp_ip="`/sbin/ifconfig ppp0 | grep 'inet addr' | awk '{print $2}' | sed -e
  #
  ppp_ip="your.static.PPP.address"

  # }XJ[h̃^CAEg
  #
  #   2 = TCP ZbV
  #  10 b = TCP/IP  "FIN" pPbgMꂽƂ̃gtBbN
  #  60 b = UDP gtBbN (}XJ[hꂽł ICQ [ÚA
  #           ICQ NCAg̐ݒŁAt@CAEH[^CAEgl
  #           30bɎw肵Ȃ΂Ȃ܂)
  #
  /sbin/ipfwadm -M -s 7200 10 60

  #############################################################################
  # pPbgɂāÃ[jA|V[
  # y: rejectzɐݒBۂ́A₵ăOɋL^
  # ŏI[pӂ̂ŁÃ|V[͓ɂ͖֌WɂȂB
  # y: [ reject ɂƁA[ɍvpPbgjāA
  # "destination-unreachable" (ړInɓBȂ) Ƃ ICMP pPbg
  # 葤 (MAhX̃}V) ɔM܂B
  # deny ɂƁA"destination-unreachable" pPbgoɁAM
  # pPbgPɔj܂B
  #
  /sbin/ipfwadm -I -f
  /sbin/ipfwadm -I -p reject

  # [J}V烍[JC^tF[XɓpPbǵAǂ
  # ̂LƂB
  #
  /sbin/ipfwadm -I -a accept -V 192.168.0.1 -S 192.168.0.0/24 -D 0.0.0.0/0

  # [gC^tF[Xė IP Xv[tBOy: IP Uz
  # pPbgqpPbǵA{Ȃ烍[J}Vłׂ̂Ȃ̂ŁA
  # ₷B
  #
  /sbin/ipfwadm -I -a reject -V $ppp_ip -S 192.168.0.0/24 -D 0.0.0.0/0 -o

  # [gC^[tF[XAAhX PPP AhX̃pPbǵA
  # ǂ̔MAhX̂̂LƂB
  # y: ȉ̃R}h̑OɁA
  # /sbin/ipfwadm -I -a deny -V $ppp_ip -S 0.0.0.0/0 -y -D $ppp_ip/32 -o
  # 邩A͈ȉ̃R}h
  # /sbin/ipfwadm -I -a accept -V $ppp_ip -S 0.0.0.0/0 -k -D $ppp_ip/32
  # ƂȂĂD܂Ǝv܂Bz
  #
  /sbin/ipfwadm -I -a accept -V $ppp_ip -S 0.0.0.0/0 -D $ppp_ip/32

  # [vobNC^tF[XLƂ
  #
  /sbin/ipfwadm -I -a accept -V 127.0.0.1 -S 0.0.0.0/0 -D 0.0.0.0/0

  # ŏI[B̑̓pPbg͋₳AOɋL^B|V[ɂ
  # OL^̂߂̃IvVȂ߁Aꂪ̖ɉʂƂ
  # ȂB
  #
  /sbin/ipfwadm -I -a reject -S 0.0.0.0/0 -D 0.0.0.0/0 -o

  #############################################################################
  # opPbgɂāÃ[jA|V[
  # y: rejectzɐݒBۂ́A₵ăOɋL^ŏI[
  # pӂ̂ŁÃ|V[͓ɂ͖֌WɂȂB
  #
  /sbin/ipfwadm -O -f
  /sbin/ipfwadm -O -p reject

  # [JC^tF[Xo͂A[Jlbg֌pPbg
  # ǂ̂̂LƂB
  #
  /sbin/ipfwadm -O -a accept -V 192.168.0.1 -S 0.0.0.0/0 -D 192.168.0.0/24

  # [gC^tF[XŃ[Jlbg֑opPbǵA
  # U[eBOȂ̂ŁA₷B
  #
  /sbin/ipfwadm -O -a reject -V $ppp_ip -S 0.0.0.0/0 -D 192.168.0.0/24 -o

  # [gC^tF[XŃ[Jlbg瑗opPbǵA
  # 蓾Ȃ}XJ[fBOȂ̂ŁA₷B
  #
  /sbin/ipfwadm -O -a reject -V $ppp_ip -S 192.168.0.0/24 -D 0.0.0.0/0 -o

  # [gC^tF[XŃ[Jlbg瑗opPbǵA
  # 蓾Ȃ}XJ[fBOȂ̂ŁA₷B
  #
  /sbin/ipfwadm -O -a reject -V $ppp_ip -S 0.0.0.0/0 -D 192.168.0.0/24 -o

  # y: L[2̂̂ƑSł̂ŁA炩ɊԈႢ
  # v܂Bz

  # [gC^tF[X̂ȊȎopPbg͗L
  #
  /sbin/ipfwadm -O -a accept -V $ppp_ip -S $ppp_ip/32 -D 0.0.0.0/0

  # [vobNC^tF[XLɂ
  #
  /sbin/ipfwadm -O -a accept -V 127.0.0.1 -S 0.0.0.0/0 -D 0.0.0.0/0

  # ŏI[B̑̑opPbg͋₳AOɋL^B
  # |V[ɂ̓OL^̂߂̃IvV͂Ȃ߁Aꂪ̖
  # ɉʂƂɂȂB
  #
  /sbin/ipfwadm -O -a reject -S 0.0.0.0/0 -D 0.0.0.0/0 -o

  #############################################################################
  # ]pPbgɂāÃ[jA|V[
  # ےy: denyzɐݒBۂ́Aے肵ăOɋL^ŏI[
  # pӂ̂ŁÃ|V[͓ɂ͖֌WɂȂB
  #
  /sbin/ipfwadm -F -f
  /sbin/ipfwadm -F -p deny

  # [JC^tF[X̃[Jlbg炻̑̈ւ̃pPbg
  # }XJ[hB
  #
  #
  /sbin/ipfwadm -F -a masquerade -W ppp0 -S 192.168.0.0/24 -D 0.0.0.0/0
  #
  # ŏI[B̑̓]pPbg͋₳AOɋL^B
  # |V[ɂ̓OL^̂߂̃IvV͂Ȃ߁Aꂪ̖
  # ɉʂƂɂȂB
  #
  /sbin/ipfwadm -F -a reject -S 0.0.0.0/0 -D 0.0.0.0/0 -o

  #t@CIB

  IPFWADM ł́A -I, -O 邢 -F [ɂāÃTCgւ̃g
  tBbNj~邱Ƃł܂B̃[͍ŏŌւƏɓKp
  Ă܂B܂A IPFWADM  "-a"IvV́Ã[Qɑ
  ĐV[uǉv̂ƂƂɒӂĂB
  ɗӂƁAŜ̃[w肷OɁǍʂ̐KvƂȂ
  ܂BƂ΁Â悤Ȃ̂ł -

  -I ()[ -

  -I (input) [g -

  y: SẴC^[tF[XɓpPbgʉ߂郋[łB
  ʂ̃C^[tF[X̎ẃA -V IvV -W IvVŎw
  ܂Bz

  ͂炭gtBbNubŃׂAł葁Č
  ǂ@łA}XJ[hꂽ}Vɑ΂Ă̂ݑj~łAt@CA
  EH[}Vgւ̃gtBbN͑j~ł܂BȂg
  킹ƂƂł傤B

  āA 204.50.10.13 ƂAhXւ̃gtBbNj~ꍇ -

  /etc/rc.d/rc.firewall [Zbg̒

  /etc/rc.d/rc.firewall ̃[Zbg̒ -

  ... -I [̂͂܂ ...

  # [JC^tF[XŁA 204.50.10.13 Ƃ}Vւ̃pPbg
  # ₵ăOB

  #
  /sbin/ipfwadm -I -a reject -V 192.168.0.1 -S 192.168.0.0/24 -D 204.50.10.13/32
  -o

  # [JC^tF[XŁA郍[J}V甭
  #  pPbǵAǂ֌̂LƂB

  #
  /sbin/ipfwadm -I -a accept -V 192.168.0.1 -S 192.168.0.0/24 -D 0.0.0.0/0

  ... -I [̏I ...

  -o (o)[ -

  -O (output) [g -

  y: SẴC^[tF[X瑗opPbgʉ߂郋[
  Bʂ̃C^[tF[X̎ẃA -V IvV -W IvV
  w肵܂Bz

  ̓gtBbNubNɂ͒x@łB̂Ȃ΁ApPbg
  ͔jȑOɃ}XJ[hʂĂ܂łBȂ
  ̃[łA֎~ĂTCg̃t@CAEH[}Vɑ΂
  ANZXj~邱Ƃł܂B

  ... -O [̎n܂ ...

  # 204.50.10.13 ɌꂽpPbgۂăO̎悷
  #
  /sbin/ipfwadm -O -a reject -V $ppp_ip -S $ppp_ip/32 -D 204.50.10.13/32 -o

  # LȊÕ[gC^tF[Xł̂pPbg̑o
  # LɂB
  #
  /sbin/ipfwadm -O -a accept -V $ppp_ip -S $ppp_ip/32 -D 0.0.0.0/0

  ... -O [̏I ...

  -F (])[̎gp -

  -F (forward) [g -

  y: SẴC^[tF[Xœ]pPbgʉ߂郋[
  Bʂ̃C^[tF[X̎ẃA -V IvV -W IvV
  w肵܂Bz

  炭AgtBbNubNɂ́A -I (input) [x
  @łA}XJ[hꂽ}V (Ƃ΁A[JGAlbg[
  Ñ}V) ɑ΂gtBbN͑j~ł܂Bt@CAEH[}
  V͋֎~TCg瓞B\̂܂܂łB

  ... -F [̊Jn ...

  # PPP C^tF[Xł 204.50.10.13 ɌpPbgۂăO̎悷
  #
  /sbin/ipfwadm -F -a reject -W ppp0 -S 192.168.0.0/24 -D 204.50.10.13/32 -o

  # [JC^[tF[X̃[Jlbg̃}XJ[hs
  #
  /sbin/ipfwadm -F -a masquerade -W ppp0 -S 192.168.0.0/24 -D 0.0.0.0/0

  ... -F [̏I ...

  192.168.0.0/24 ̃}V 204.50.11.0 ɌẴANZXʂ
  [͕svłBȂȂA͑S̓Iȃ}XJ[fBÕ[
  ɂĂ܂ȂĂ邩łB

   - Oo̕@ȊOɂAeC^tF[XLq@͂܂B
  Ⴆ΁A "-V 192.168.255.1" ƂLq̑ɁA"-W eth0"Ƃ
  A "-V $ppp_ip" ƂLq̑ "-W ppp0" Ƃ܂B "-V"
  g@ IPCHAINS ֈڍsꍇɂ͎g܂BA IPFWADM
  ̃[UǂI邩͌l̎RłAďqׂ܂ł
  ȂƂłB

  6.5.  IPCHAINS ɂ邳ɋł IP t@CAEI[E[Zbg

  ̏͂ł́A 2.2.x nJ[l̃t@CAEH[c[ł IPCHAINS
  ̏ڍׂȃKChL܂B IPFWADM ɂĂ͑OoQƂĂB

  ̗́AŒI IP AhX PPP ڑ̔wɂt@CA
  EH[ƃ}XJ[hł (IɃAhX^ PPP ̖߂ɂ
  Ă͊܂܂Ă͂܂Lɂ͂Ă܂)BMłC^tF[
  X 192.168.0.1 łA PPP C^[tF[X̃AhX́uzv
  邽߂ɏĂ܂Bo肻ꂼ̃C^tF[X͕ʁX
  񋓂Ă܂A [eBO}XJ[h킩₷
  ȊO IP Xv[tBOsȃ[eBOo₷邽߂̂
  ̂ł܂BmɋĂȂ̂͋֎~ł(ۂɂ͋₳
  ܂)BAȂ IP }XJ[h BOX A rc.firewall XN
  vgꂽƂł܂ƂɓȂȂƂA /var/log/messages
  邢 /var/adm/messages ɂ SYSLOG t@Cɉt@CAEI[
  ֌W̃G[ȂmFāAݒ肪ԈĂȂm߂Ă
  B

  PPPP[ufȂǂgAIPCHAINS ɂƋł IP }XJ
  [h̎pIȗɂĂ TrinityOS - Section 10
  <http://www.ecst.csuchico.edu/~dranch/LINUX/index-
  linux.html#TrinityOS>  GreatCircle's Firewall WWW page QƂĂ
  B

   #1 - 2.2.16ȑO Linux J[lɂ́A TCP ڑŃ[gD
  댯AX 2.2.11 ȑÔ̂ɂ IPCHAINS ̃tO
  e[VɊւoO܂B̂߁Ał IPCHAINS [Zb
  gғۂɂ́AUɑ΂ĖhłBCꂽo[W
  J[lgĂB

   #2 -  ATCP/IPAhX PPP, ADSL, P[ufȂǂoR
   ISP 瓮IɊ蓖Ăꍇɂ́A̋łȃ[ZbgN
  ɐݒ肷邱Ƃ͂ł܂B̂悤ȏꍇɂ́AIP AhX
  Ăxɂ̃t@CAEH[E[Zbgēxǂݍ܂邩A
  邢 /ec/rc.d/rc.firewall [ZbgƃCeWFgɍ
  Kv܂B PPP [Ũ[ZbgKpꍇɂ́A
  q "Dynamic PPP IP fetch" Əꂽ̃Rg𒍈Ӑ[K؂
  OĂB܂Ałȃ[ZbgyѓIɊ蓖Ă IP A
  hXɂĂ̂Əڂ́A TrinityOS - Section 10
  <http://www.ecst.csuchico.edu/~dranch/LINUX/index-
  linux.html#TrinityOS> ɂ܂B

  ܂AGUI x[XŃt@CAEH[̐ݒ𐶐悤ȃc[
  ݂܂Bڍׂ ``悭鎿 (FAQ)'' ̏͂QƂĂB

  ŌɁAÓIɊ蓖Ă IP AhXgĂȂAȉ̗
   "ppp_ip="your.static.PPP.address"" ƂȂĂ镔Ȃ IP A
  hXɏĂB
  ----------------------------------------------------------------

  #!/bin/sh
  #
  # /etc/rc.d/rc.firewall - ⋭ł IPCHAINS t@CAEI[E[Zbg
  #

  PATH=/sbin:/bin:/usr/sbin:/usr/bin

  # KvȂׂĂ IP }XJ[hW[[h
  #
  #    - Kv IP }XJ[hW[[h܂BׂĂ IP }XJ[hW[
  #          ȉɋLqĂ܂A[hȂ悤ɃRgƂȂĂ܂B

  # W[ŏɃ[h鎞ɂ܂Kv
  #
  /sbin/depmod -a

  # PORT gFTP t@C]ɂK؂ IP }XJ[h񋟂܂
  #
  /sbin/modprobe ip_masq_ftp

  # UDP vgRoRARealAudio ̃}XJ[h񋟂܂B̃W[ȂĂ
  #       RealAudio  TCP [hœ삵܂A͒ቺ܂B
  #
  /sbin/modprobe ip_masq_raudio

  # IRC DCC t@C]̃}XJ[h񋟂܂
  #
  #/sbin/modprobe ip_masq_irc

  # ȉ̎wɂ Quake  QuakeWorld ftHgŒ񋟂܂B̃W[ Linux
  #    }XJ[hE{bNX̕[U݂ꍇ̂߂̂̂łB
  #   AQuake I, II, 邢 III gȂ΁AQԖڂ̗gĂB
  #
  #    - AQUAKE W[̃[hɃG[oꍇ́AÂoO
  #   ------ J[lĂ܂B
  #          ̏ꍇ͂VJ[lɒuĂB
  #
  #Quake I / QuakeWorld (ports 26000 and 27000)
  #/sbin/modprobe ip_masq_quake
  #
  #Quake I/II/III / QuakeWorld (ports 26000, 27000, 27910, 27960)
  #/sbin/modprobe ip_masq_quake 26000,27000,27910,27960

  # CuSeeme rfIc\tgEGAɑ΂}XJ[h
  #
  #/sbin/modprobe ip_masq_cuseeme

  # VDO-Live rfIc\tgEGAɑ΂}XJ[h
  #
  #/sbin/modprobe ip_masq_vdolive

  #ɏdv - IP tH[fBO̓ftHgł͖ɂȂĂ̂ŁALɂ܂B
  #
  #           Redhat [Ȕꍇ́A/etc/sysconfig/network ̃IvVws
  #
  #                       FORWARD_IPV4=false
  #                             
  #                       FORWARD_IPV4=true
  #           ɕύXĂB
  #
  echo "1" > /proc/sys/net/ipv4/ip_forward

  #ɏdv - 2.2.x J[lł IP ftOe[ṼT|[g̓ftHgł͖łB
  #
  #           RpC̎wɂ̂łA2.2.12 J[lȍ~͕ύXĂ܂B
  #           ܂AfBXgr[VɂĂ /proc e[u
  #           ̃IvVOĂ邱Ƃ܂̂ŁȀꍇ
  #           /proc fBNgɑ݂Ȃ΋CɂȂĂ\܂B
  #
  echo "1" > /proc/sys/net/ipv4/ip_always_defrag

  # IɊ蓖Ă IP AhXgp郆[U -
  #
  #   IP AhX SLIP, PPP, DHCP Ȃǂ瓮IɎ擾ꍇ́ÃIvVLɂĂB
  #   ̃IvV́AIP }XJ[hœI IP AhX̑ADiald ⓯lȃvO
  #   gpeՂɂ̂łB
  #echo "1" > /proc/sys/net/ipv4/ip_dynaddr

  # C^[lbgKvƂA̃vOɑ΂ LooseUDP pb`Lɂ
  #
  #  IP }XJ[hoRăC^[lbgQ[𓮂ƂĂāAǂĂꂪȂƂ
  #  ̂ȂÃIvVLɂĂ݂Ă(ȉ "#" 폜܂)BUDP |[gXL
  #  ΂Ǝ㐫̉\̂ŁÃIvV̓ftHgŋ֎~Ă܂B
  #
  #echo "1" > /proc/sys/net/ipv4/ip_masq_udp_dloose

  # Ȃ̐ÓI IP AhXȉɎw肵܂
  #
  #   IɊ蓖Ă IP AhXgpȂAV IP AhX蓖Ă邽тɓKp
  #   悤ɁA[ZbgȂ΂Ȃ܂B̂߂ɂ́AAȉ̂悤Ȉs̃XNvg
  #   LɂKv܂BiXNvg̈dpƓdp̈Ⴂ͈Ӗ܂̂ŒӁj
  #
  #
  #   DHCP 𗘗pꍇ -
  #   -----------
  #   TCP/IP AhX DHCP 擾ꍇ́Appp ZNV̉ɂ"#"ŃRgAEgꂽ
  #   LɂA"ppp0" Ƃ镔AC^[lbgڑp̃C^tF[X̖OɒuȂ
  #   Ȃ܂(Ƃ΁Aeth0  eth1 ȂǂɁjB
  #   DHCP ͊蓖Ă IP AhX𐏎ύX邱ƂɒӂĂB̕ύX𐳂fɂ
  #   DHCP [XXV邽тɁADHCP NCAgēxsăt@CAEI[[Zbg𔽉f
  #   Ȃ΂Ȃ܂B
  #
  #      1 -    DHCP NCAg͌Âo[W "pump" ŁiVo[W
  #               ł͖_͏CĂ܂jA̓[XXVɃXNvgs邱Ƃ
  #               łȂ̂łB̏ꍇ́A"dhcpcd"  "dhclient" ɒuȂ
  #               Ȃ܂B
  #
  #      2 -   "dhcpcd" ͍ŋ߂̃o[Wł́AR}h@ςĂ܂B
  #
  #               o[Wł̎w@́Â悤Ȃ̂ł -
  #                         dhcpcd -c /etc/rc.d/rc.firewall eth0
  #
  #               Vo[Wł͎̂悤Ɏw肵܂ -
  #                         dhcpcd eth0 /etc/rc.d/rc.firewall
  #
  #
  #      3 -   Pump gꍇA/etc/pump.conf t@CɎ̋LqǉĂB
  #
  #                   script /etc/rc.d/rc.firewall
  #
  #   PPP 𗘗pꍇ -
  #   ----------
  #   CÂł͂Ȃ܂񂪁APPP ڑs邽тɁA/etc/ppp/ip-up XNvg
  #   ɓ삵܂B̂Ƃ𗘗pāAV IP AhX̎擾Ƌłȃt@CAEI[E[
  #   Zbg̍Đݒs܂B
  #
  #   A/etc/ppp/ip-up łɑ݂ĂȂAҏW"/etc/rc.d/rc.firewall"
  #   ƂLqŌ̂ɒǉ悤ɂĂB
  #
  #   A/etc/ppp/ip-up XNvg݂ȂȂA/etc/rc.d/rc.firewall XNvg
  #   s邽߂̎̂悤ȃN쐬Kv܂B
  #
  #       ln -s /etc/rc.d/rc.firewall /etc/ppp/ip-up
  #
  #   * āAȉ̃RgAEgꂽVFR}hKvɉėLɂĂ *
  #
  # PPP y DHCP 𗘗pꍇ -
  # -------------------
  # ̍s "#" 폜āA̎̍s̐擪 "#" ĂB
  #extip="`/sbin/ifconfig ppp0 | grep 'inet addr' | awk '{print $2}' | sed -e

  # ÓI IP AhX PPP gꍇ -
  #
  extip="your.static.PPP.address"

  # PPP  DHCP gꍇ́AK̕ɐOC^tF[X̖Ow肵܂
  extint="ppp0"

  #  IP AhX̊蓖Ăw肵܂
  intint="eth0"
  intnet="192.168.0.0/24"

  # }XJ[h̃^CAEg
  #
  #   2 = TCP ZbV
  #  10 b = TCP/IP  "FIN" pPbgMꂽƂ̃gtBbN
  #  60 b = UDP gtBbN (}XJ[hꂽł ICQ p҂ ICQ ̂̐ݒ̒
  #          30b̃t@CAEI[^CAEgw肵Ȃ΂Ȃ܂)
  #
  #
  ipchains -M -S 7200 10 60

  #############################################################################
  # pPbgɂāÃ[jA|V[
  # y: rejectzɐݒBۂ́A₵ăOɋL^
  # ŏI[pӂ̂ŁÃ|V[͓ɂ͖֌WɂȂB
  # y: [ REJECT ɂƁA[ɍvpPbgjāA
  # "destination-unreachable" (ړInɓBȂ) Ƃ ICMP pPbg
  # 葤 (MAhX̃}V) ɔM܂B
  # DENY ɂƁA"destination-unreachable" pPbgoɁAM
  # pPbgPɔj܂B
  #
  ipchains -F input
  ipchains -P input REJECT

  # [J}V烍[JC^tF[XɓpPbǵAǂ
  # ̂LƂB
  #
  ipchains -A input -i $intint -s $intnet -d 0.0.0.0/0 -j ACCEPT

  # [gC^tF[Xė IP Xv[tBOy: IP Uz
  # pPbgqpPbǵA{Ȃ烍[J}Vłׂ̂Ȃ̂ŁA
  # ₷B
  #
  ipchains -A input -i $extint -s $intnet -d 0.0.0.0/0 -l -j REJECT

  # [gC^[tF[XɓėAAhX PPP AhX
  # pPbǵAǂ̔MAhX̂̂LƂB
  # y: ȉ̃R}h̑OɁA
  # ipchains -A input -i $extint -S 0/0 -d $extip/32 -p tcp -y -j DENY -l
  # 邩A͈ȉ̃R}h
  # ipchains -A input -i $extint -S 0/0 -d $extip/32 -p tcp ! -y -j ACCEPT
  # ƂȂĂD܂Ǝv܂Bz
  #
  ipchains -A input -i $extint -s 0.0.0.0/0 -d $extip/32 -j ACCEPT

  # [vobNC^tF[XLƂ
  #
  ipchains -A input -i lo -s 0.0.0.0/0 -d 0.0.0.0/0 -j ACCEPT

  # ŏI[B̑̓pPbg͋₳AOɋL^B|V[ɂ
  # OL^̂߂̃IvVȂ߁Aꂪ̖ɉʂƂ
  # ȂB
  #
  ipchains -A input -s 0.0.0.0/0 -d 0.0.0.0/0 -l -j REJECT

  #############################################################################
  # opPbgɂāÃ[jA|V[
  # y: rejectzɐݒBۂ́A₵ăOɋL^ŏI[
  # pӂ̂ŁÃ|V[͓ɂ͖֌WɂȂB
  #
  ipchains -F output
  ipchains -P output REJECT

  # [JC^tF[Xo͂A[Jlbg֌pPbg
  # ǂ̂̂LƂB
  #
  ipchains -A output -i $intint -s 0.0.0.0/0 -d $intnet -j ACCEPT

  # [gC^tF[XŃ[Jlbg֑opPbǵA
  # U[eBOȂ̂ŁA₷B
  #
  ipchains -A output -i $extint -s 0.0.0.0/0 -d $intnet -l -j REJECT

  # [gC^tF[XŃ[Jlbg瑗opPbǵA
  # 蓾Ȃ}XJ[fBOȂ̂ŁA₷B
  #
  ipchains -A output -i $extint -s $intnet -d 0.0.0.0/0 -l -j REJECT

  # [gC^tF[X̂ȊȎopPbg͗L
  #
  ipchains -A output -i $extint -s $extip/32 -d 0.0.0.0/0 -j ACCEPT

  # [vobNC^tF[XLƂB
  #
  ipchains -A output -i lo -s 0.0.0.0/0 -d 0.0.0.0/0 -j ACCEPT

  # ŏI[B̑̑opPbg͋₳AOɋL^B
  # |V[ɂ̓OL^̂߂̃IvV͂Ȃ߁Aꂪ̖
  # ɉʂƂɂȂB
  #
  ipchains -A output -s 0.0.0.0/0 -d 0.0.0.0/0 -l -j REJECT

  #############################################################################
  # ]pPbgɂāÃ[jA|V[
  # ےy: denyzɐݒBۂ́Aے肵ăOɋL^ŏI[
  # pӂ̂ŁÃ|V[͓ɂ͖֌WɂȂB
  #
  ipchains -F forward
  ipchains -P forward DENY

  # [JC^tF[Xł̃[Jlbg炻̑̈ւ̃pPbg}XJ[h
  #
  ipchains -A forward -i $extint -s $intnet -d 0.0.0.0/0 -j MASQ
  #
  # ŏI[B̑̓]pPbg͋₳AOɋL^B
  # |V[ɂ̓OL^̂߂̃IvV͂Ȃ߁Aꂪ̖
  # ɉʂƂɂȂB
  #
  ipchains -A forward -s 0.0.0.0/0 -d 0.0.0.0/0 -l -j REJECT

  # t@C̏I

  IPCHAINS ł "input", "output", "forward" ̊e[ɂāA
  TCgւ̃gtBbNj~邱Ƃł܂B̃[͏ォ牺
  ƏɓKpĂA "-A"IvV IPCHAINS ɑ΂ĐV[
  ̃[Qɑ΂āuǉv̂ƂƂɒӂĂ
  BɗӂƁAŜ̃[w肷Oɑ̌ʂ̐Kv
  ȂĂ܂BƂ΁Â悤Ȃ̂ł -

  "input" [g -

  y: SẴC^[tF[XɓpPbgʉ߂郋[łB
  ʂ̃C^[tF[X̎ẃA -i IvVɑăC^[tF[X
  w肵܂Bz

  ͂炭gtBbNubŃׂAł葁Č
  ǂ@łA}XJ[hꂽ}Vɑ΂Ă̂ݑj~łAt@CA
  EH[}Vgւ̃gtBbN͑j~ł܂BȂg
  킹ƂƂł傤B

  āA 204.50.10.13 ƂAhXւ̃gtBbNj~ꍇ -

  /etc/rc.d/rc.firewall [Zbg̒

  ...  [̂͂܂ ...

  # [JC^tF[X 204.50.10.13 Ƃ}Vւ̃pPbgۂ
  #
  ipchains -A input -s 192.168.0.0/24 -d 204.50.10.13/32 -l -j REJECT

  # [JC^tF[X̂ǂ̃[J}V̂ǂ֌pPbgLƂ
  #
  ipchains -A input -s 192.168.0.0/24 -d 0.0.0.0/0 -l -j ACCEPT

  ...  [̏I ...

  "output" [g -

  y: SẴC^[tF[X瑗opPbgʉ߂郋[
  Bʂ̃C^[tF[X̎ẃA -i IvVɑăC^[
  tF[Xw肵܂Bz

  ̓gtBbNubNɂ͒x@łB̂Ȃ΁ApPbg
  ͔jȑOɃ}XJ[hʂȂ΂ȂȂłB
  Ȃ炱̃[łA֎~ĂTCg̃t@CAEH[}V
  ɑ΂ANZXj~邱Ƃł܂B

  ... o̓[̎n܂ ...

  # 204.50.10.13 ɌꂽpPbgۂăO̎悷
  #
  ipchains -A output -s $ppp_ip/32 -d 204.50.10.13/32 -l -j REJECT

  # ̑̃[gC^tF[Xւ̑o͗Lɂ
  #
  ipchains -A output -s $ppp_ip/32 -d 0.0.0.0/0 -l -j ACCEPT

  ... o̓[̏I ...

  "forward" [g -

  y: SẴC^[tF[Xœ]pPbgʉ߂郋[
  Bʂ̃C^[tF[X̎ẃA -i IvVɑăC^[
  tF[Xw肵܂Bz

  炭AgtBbNubNɂ "input" [x@
  A}XJ[hꂽ}V (Ⴆ΃[JGAlbg[Ñ}V
  ) ɑ΂gtBbN͑j~ł܂Bt@CAEH[}V͋
  ~TCg瓞B\̂܂܂łB

  ... ][̊Jn ...

  # PPP C^tF[Xł 204.50.10.13 ɌpPbgۂăO̎悷
  #
  ipchains -A forward -i ppp0 -s 192.168.0.0/24 -d 204.50.10.13/32 -l -j REJECT

  # [JC^[tF[X̃[Jlbg̃}XJ[hs
  #
  ipchains -A forward -i ppp0 -s 192.168.0.0/24 -d 0.0.0.0/0 -j MASQ

  ... ][̏I ...

  192.168.0.0/24 ̃}V 204.50.11.0 ɌẴANZXʂ
  [͕svłBȂȂA͑S̓Iȃ}XJ[fBÕ[
  ɂĂ܂ȂĂ邩łB

   - IPFWADM ƈāAIPCHAINS ̓C^tF[Xw肷@
  ܂B IPCHAINS  "-i eth0" ̂悤Ɏw肵܂A
  IPFWADM ł "-W"ŃC^tF[Xw肵A܂ "-V" ŃC^tF[
  XIPAhXw肵܂B

  6.6.  ̓lbg[Nւ IP }XJ[h

  ̓lbg[Nꍇ̃}XJ[h͂ȂPłB܂m
  F邱Ƃ́ASĂ (ƊO) lbg[N삵Ă
  邱ƂłBꂩA̓C^tF[XɂăC^[lbg
  ̓C^tF[Xɑ΂ă}XJ[hăgtBbN
  ɐݒ肵܂B

  āAC^tF[XɂāA}XJ[h܂B̗
  ́ASłR̃C^tF[Xg܂ - eth0 ̓C^[lbgւ̐
  sOC^tF[XA eth1  192.168.0.0 ̃lbg[NA
   eth2  192.168.1.0 ̃lbg[NłB rc.firewall [Zbg
  ́Ã}XJ[hĂšɁÂ悤ȓeǉ
   -

  o  IPCHAINS p\ 2.2.x nJ[l̏ꍇ

       # ̃C^tF[X̊Ԃł݂̑̒ʐM
       /sbin/ipchains -A forward -i eth1 -d 192.168.0.0/24
       /sbin/ipchains -A forward -i eth2 -d 192.168.1.0/24

       # C^[lbgɑ΂}XJ[hꂽʐM
       /sbin/ipchains -A forward -j MASQ -i eth0 -s 192.168.0.0/24 -d 0.0.0.0/0
       /sbin/ipchains -A forward -j MASQ -i eth0 -s 192.168.1.0/24 -d 0.0.0.0/0

  o  IPFWADM p\ 2.0.x nJ[l̏ꍇ

       # ̃C^tF[X̊Ԃł݂̑̒ʐM
       /sbin/ipfwadm -F -a accept -V 192.168.0.1 -D 192.168.1.0/24
       /sbin/ipfwadm -F -a accept -V 192.168.1.1 -D 192.168.0.0/24

       # C^[lbgɑ΂}XJ[hꂽʐM
       /sbin/ipfwadm -F -a masq -W eth0 -S 192.168.0.0/24 -D 0.0.0.0/0
       /sbin/ipfwadm -F -a masq -W eth0 -S 192.168.1.0/24 -D 0.0.0.0/0

  eth0 w肳̂́A̗ł͊ԈႢł͂ȂƂɒӂĂ
  BLinux J[l͂ǂ̃C^tF[XogtBbNɑ΂Ďg
  ̂mKv邩łB̗ eth0 ̓C^[lbgɑ
  ڑ̂߂̂̂ŁAꂼ̓C^tF[XɂĎw肳
  ܂B

  6.7.  If}hE_CAAbvڑł IP }XJ[h

  1. C^[lbgɑ΂_CAAbvɎIɃlbg[N̐ݒ
     sƎvȂA Diald f}hE_CAAbvET[rX
     vOAVo[W PPPd pbP[Wɖ𗧂
     傤BDiald ͂kȐݒ肪ł̂ł߂łB

  2. Diald ݒ肷ɂ Setting Up Diald for Linux Page
     <http://home.pacific.net.sg/~harish/diald.config.html>  TrinityOS
     - Section 23 <http://www.ecst.csuchico.edu/~dranch/LINUX/index-
     linux.html#TrinityOS> QƂĂ݂ĂB

  3. Diald  IP }XJ[hK؂ɐݒ肳΁A}XJ[hꂽ}
     V Web QƂ telnet, ftp ƂZbVJnꂽ
     _ŁALinux {bNX͓IɃC^[lbgւ̐ڑs悤
     Ȃ܂B

  4. ŏ̐ڑ́A^CAEgł傤B̓AiOf
     gĂꍇAȂƂłBNCAg̃vO
     (Web uEUȂ) ɂƂĂ݂΁A PPPڑƃf̃Nm
     邽߂ɎԂ邱ƂɂȂ܂BA͈ʓIȂƂ
     ͂܂BÂ悤ȎNA (Web y[W̎QƂ
     ǂ) C^[lbgɑ΂gtBbNNGXgēx
     ɍēxJԂĂ܂삷ł傤B܂AJ[lI
     vV echo "1" > /proc/sys/net/ipv4/ip_dynaddr ̎śAڑ
     ̂̏ݒx邽߂̂̂łB

  6.8.  IPPORTFW, IPMASQADM, IPAUTOFW, REDIR, UDPRED, yт̑̃|[g
  ]c[

  IPPORTFW, IPAUTOFW, REDIR, UDPRED ̃vO Linux  IP }XJ
  [hŎgpėpI TCP  UDP |[g̓]̂߂Ɏgc[
  łB̃c[͈ʓI FTP  Quake pɍ쐬ꂽ IP }XJ
  [hp̃W[̑ɎgƂł܂B|[gtH[
  _ɂāAC^[lbg IP }XJ[hT[ǒœ삷v
  Cx[gAhXɔzuꂽ}VɌđf[^ڑ_C
  Ng邱Ƃł܂B]@\́A TELNET, WWW, SMTP, FTP (q
  ʂȃpb`Kvł), ICQ Ȃ̂̂܂ł܂B

   - IP }XJ[h𔺂ȂPȃ|[g]߂łALinux 
  IP ]c[gɂ́AJ[l IPFWADM  IPCHAINS ꂩɂ
  [ZbgKvłB

  ł͂ȂقȂI̂ł傤?  IPAUTOFW, REDIR 
  UDPRED (ւ URL  ``2.0.x J[l̕Kv'' ̏͂ɋLڂ
  ܂) Ȃǂ́AIP }XJ[hg[UɂƂāA̋@\
  񋟂ŏ̃c[ނłB̌A Linux  IP }XJ[h@\
  nɂāÃc[ IPPORTFW ƂAƍxȉ
  @ɂƂđ悤ɂȂ܂BVc[̓oɂ
  āAIPAUTOFW  REDIR ƂÂc[̃[U͑傢ɗ_邱
  ƂɂȂ܂BƂ̂Ãc[ Linux J[lɑ΂āA
  g݂̑K؂ɒʒm邱ƂȂĂ̂ŁÂׂ悤ȏ
  ł Linux T[oNbVĂ܂悤ȂƂ炠
  B MFW ƂŐV̕@܂B MFW ̍ł傫ȗ_́AIPCHAINS
  c[Ƃ̍łB̕@ł́AIPCHAINS [Zbg͓
  pPbgɑ΂ĈtAK؂ȓ]s߂̃[񋟂邽߂
  g܂B̂ƂAɂĂ͂ HOWTO ł͏qׂĂ܂B

   #2 - 2.2.x nJ[lɂ PORTFW ł́Albg[Ñ}V
  AC^[lbgɂlbg[NÕ}Vɑ΂ANZX
  ɓ|[g]ꂽ IP AhXgƂł܂Albg[N
  ̑̃}Vɑ΂Ă͎g܂BAꂪȂ̏ꍇɊY
  ȂAlbg[ÑT[oւ̃_CNgs߂ REDIR
  |[g]c[Ă݂ĂBɏqׂ ``'' c[Zbgg
  ̂ǂlƎv܂BȂ/O̓]Ȃ̂̋ZpI
  ɂẮA2.2.x nJ[l PORTFW Ɋւ͂̍Ōɂ Juan
  ɂ钍߂B

   #3 - ̃}XJ[hꂽ FTP T[oɑ΂gtBbN̓]
   PORTFW FTP ƂĒmĂ܂A 2.0.x n 2.2.x n̂
  ̃J[lł񋟂悤ɂȂ܂Bł͎嗬 Linux J[
  lł̓T|[gĂ܂񂪁AJ[lɃpb`Kp邩AO
  FTP vLVT[oɂĉ\ƂȂ܂BJ[lW[R[h͂
  ŁAPASSIVE ڑ ACTIVE FTP ZbVɂڑ̂ق
  ǍDȌʂƂȂꍇ悤łB[ƂɁAt̐U镑œ
  P[X悤łBȂ̏ꍇ̌ʂǂɋĂ
  B̌ɂāAȍ~2.0.x n y 2.2.x nꂼ̏͂ɕʂ
  pb`p@ڍׂɏqׂĂ܂B

  2.0.x nJ[l IPPORTFW łA 2.2.x nJ[l IPPORTFW T|[
  ĝ IPMASQADM gꍇłAlbg[NZLeBɊւl
  ͂̃|[gtH[_gݍ݂̑OɕKvłBȂȂA
  c[͊{Iɂ͓]ꂽ TCP/UDP |[gɂāAt@CAEH[
  ɃZLeB̌邽߂̂̂łB́AȂ
  Linux }Vy: t@CAEI[gzɑ΂ĔQyڂƂ͂
  ܂񂪁AgtBbN]̓}Vɑ΂ĉe
  ܂BƂ͂AȂɐSzȂłB Steven Clarke
  (IPPORTFW ̍) ӂ𑣂߂ɏqׂȂ΂ȂȂAȉ̂
  ȏꍇł -

          u|[g]́AIPFWADM  IPCHAINS [̓̂݌Ăяo悤ɍĂA
          IP }XJ[h́AIP tH[fBÖ̊gƌȂB
          ȂA IPPORTFW  IPFWADM [Zbg̓yёo}XJ[h[ɓK
          pPbgɂāA舵悤ɂȂĂBv

  ŏqׂĂ̂́Ałȃt@CAEI[[Zbg̕KvȂ̂
  Błȃ[ZbgɂĂ `` IPFWADM ̃[Zbg''  ``
   IPCHAINS ̃[Zbg'' QƂĂ݂ĂB

  łA IPPORTFW ɂ]T|[g 2.2.x ܂ 2.0.x ñJ[l
  ɃCXg[邽߂ɂ́AIPPORTFW 𗘗pł悤 Linux J[l
  ăRpCȂ΂Ȃ܂B

  o  2.2.x nJ[lǵ̕Ał IPPORTFW J[lIvV
     A IPMASQADMʂĎg߂̎菇Ŏw肵Ă͂łB

  o  2.0.x nJ[lǵ̕APȃJ[lIvṼpb`
     KpKv܂B

  6.8.1.  2.2.x nJ[lł́AIPPORTFW T|[g IPMASQADM

  ܂ŏɁAŐV 2.2.x J[ly: |󎞓_ł 2.2.19 łz
   /usr/src/linuxfBNgɓWJ܂B܂̎菇ĂȂ
  ́A ``J[l̃RpC'' ̏͂̏ڍׂQƂĂB
  āA"ipmasqadm.c" vO ``2.2.x J[l̕Kv'' ɏqׂĂ
  @Ń_E[hē肵A /usr/src/ fBNgɒu܂B

  āA 2.2.x nJ[l ``J[l̃RpC'' ̏͂Ɏ
  Ă悤ɃRpC܂BJ[l̃IvVݒ肷
  ɁAIPPORTFW IvVɂ YES w肵ĂBJ[lRpC
  łAċNmFAĂт̏͂ɖ߂Đ̑ǂł
  B

  ł́A IPMASQADM c[̃RpCƃCXg[s܂ -

               cd /usr/src
               tar xzvf ipmasqadm-x.tgz
               cd ipmasqadm-x
               make
               make install

  āAƂĂŁAȂ̃C^[lbg TCP/IP AhXɑ΂
  SĂ WWW C^[lbggtBbN (|[g80) Ã}XJ
  [hꂽ}V IP AhXA 192.168.0.10 Ɍꍇグ
  ܂B

  PORTFW FTP - ɂĂ͐ɐ悤ɁA FTP T[oɑ΂lb
  g[Ñ}XJ[hꂽ}Vւ̓] 2̕@܂B
  ŏ̕@͂܂x[^xłAɂ}XJ[hꂽ FTP
  T[oցA FTP ڑ|[g] 2.2.x J[lp IP_MASQ_FTP 
  W[gƂłB̕@́A FTP vLVvO (
  ``2.2.x J[l̕Kv'' ̏͂ URL LڂĂ܂) łB FTP
  J[lW[ɂẮA IP_MASQ_FTP W[A[h
  ă[h邱ƂȂɁA PORTFW  FTP |[g𓮓Iɒǉ邱Ƃ
  ł܂A͂̎_ő݂Ă鑼 FTP ]𖳌ɂĂ
  ܂B̐VR[h̏ڍׂɂẮA IP }XJ[h web TC
  g <http://ipmasq.cjb.net/> B܂A 2.0.x nJ[l
  ͂ɁA|[g]ꂽ FTP ڑɊւƎ኱̏񂪂܂B

   - |[g]|[g 80 ŗLɂȂAȍ~ IP }XJ
  [hT[oł̃|[ggƂ͂łȂȂ܂B܂A}XJ
  [hT[ołł Web T[o𓮂Ăꍇ́A|[g]
  āAׂẴC^[lbg Web ANZX IP }XJ[h
  T[õy[Wł͂ȂA Web T[oɑ΂ĐUĂ܂
  ̂łB

  ɂA|[g]Lɂɂ́A /etc/rc.d/rc.firewall 
  [ZbgȂ΂܂Bȉ̂悤ȍsǉ܂
  A"$extip" ͂̕Ȃ̃C^[lbgɌJ IP AhXw
  肷悤ɏĂB

   - APPP, ADSL, P[ufȂǂɂ ISP 瓮I TCP/IP
  AhX蓖ĂĂꍇ́A /etc/rc.d/rc.firewall [Zb
  gƃCeWFgɍ쐬Kv܂B̂߂̏́A
  Oo `` IPCHAINS ̃[Zbg'' ̏͂ TrinityOS - Section 10
  <http://www.ecst.csuchico.edu/~dranch/LINUX/index-
  linux.html#TrinityOS> ɋłȃ[Zbg𓮓I IP AhXō
  ڍׂqׂĂ܂Bł̓qg - PPP ꍇ
  /etc/PPP/ip-up łB

               /etc/rc.d/rc.firewall
               --

               #echo "IPPORTFW ɂ郊_CNVO LAN ɓKp.."
               #
               /usr/sbin/ipmasqadm portfw -f
               /usr/sbin/ipmasqadm portfw -a -P tcp -L $extip 80 -R 192.168.0.10 80

               --

  ꂾłI /etc/rc.d/rc.firewall [ZbgēxsăeXg
  Ă݂ĂB

  A"ipchains: setsockopt failed: Protocol not available" ƂG
  [bZ[W󂯎Ă܂AȂ͂܂VJ[l𓮍
  łĂ܂BVJ[l𐳂gݍ񂾂ƂmFA LILO 
  ēxsAċNĂ݂ĂBAVJ[lĂ
  mȂ΁A "ls /proc/net/ip_masq" R}hsāA "portfw"
  t@C݂Ă邩mFĂBꂪȂAJ[l̍\
  złȂɂG[oĂ͂ł̂ŁAx蒼Ă
  B

  Ȃ PORTFW OƓ̃C^tF[X̑oŃgtBbN_C
  NgłȂ̂̂߂ɁA Juanjo y: IP_MASQ_FTP 
  W[̍ҁz̃[ł܂Bނ͂Ƃ܂
  ĂĂ܂ -

  ______________________________________________________________________
  From Juanjo Ciarlante
  --

  >̂悤ȏꍇ -
  >
  >ipmasqadm portfw -a -P tcp  -L 1.2.3.4 80 -R 192.168.2.3 80
  >
  >O̐ڑ͖ȂǁA瓯 1.2.3.4 ɑ΂
  >ڑv͎s܂B
  >[Jlbg 192.168.2.0  www.periapt.com ւ̃ANZXA
  >vLVȂŋ悤ȃ`FCpӂ邱Ƃ͂ł܂?

  ۂ̂ƂłȂˁB

  TAl ipmasqadm [Öׂɐݒ肵A**
  |[g_CN^̂߂ɐݒ肵Ă񂾁B
  _CNV̑O ipmasqadm ̃tbN邩ÃtbN͊O
  ̐ڑ̔𑨂B
  __ łȂꍇ́AȂőfʂĂ܂(܂AK
  [̓Kps)B

  ہA"TOI"́A^̃NCAg (sA)  IP pPbg
  B悪A (肪ƂɃ}XJ[hɂ) ړĨT[oƂ
  lbg[Nɑ݂Ă邱ƂɋNB

  s"[Jȃ}XJ[h"Ƃ͎̂̂悤ȏꍇ -
     NCAg: 192.168.2.100
     }XJ[h: 192.168.2.1
     T[o:       192.168.2.10

  1)NCAgT[oւ̃pPbg
   a) NCAg:   192.168.2.100:1025  -> 192.168.2.1:80   [SYN]
   b) (}XJ[h): 192.168.2.100:1025  -> 192.168.2.10:80  [SYN]
                     (āA 192.168.2.1:61000  192.168.2.100:1025 
                      ֘AÂċL)
   c) T[o:         }XJ[hꂽpPbg󂯂 (1b)

  2)T[oNCAgւ̃pPbg
   a) T[o:        192.168.2.10:80     -> 192.168.2.100:1025  [SYN,ACK]
   b) NCAg:  192.168.2.100:1025  -> 192.168.2.10:80     [RST]

  A (1a)  (2a) ׂĂB
  Ă̒ʂAlbg[Nɑ݂̓mƁAT[o
  }XJ[hʂ炸ɒڃNCAgɌĉ񂾁B
  (T[o}XJ[hɃpPbgɖ߂悤ȂƂ͂Ȃ)
  ANCAg͐ڑZbgĂ܂B

  ꂪɗƂꂵB

  낵

  Juanjo
  ______________________________________________________________________

  6.8.2.  2.0.x nJ[lł IPPORTFW

  ŏɁA/usr/src/linux fBNgɍŐV 2.0.x nJ[l邱
  mFĂB܂ꍇ̏ڍׂɂẮA ``J[l̃R
  pC'' ̏͂QƂĂBāA "ipportfw.c" vO
  "subs-patch-x.gz" J[lpb` ``2.0.x J[l̕Kv'' ̏͂
  QƂē肵A /usr/src/ fBNgɒu܂B
   - "subs-patch-x.gz"  "x" ̓TCgœłŐṼo[W
  ɓǂݑւĂB

  ɁAT[oւ FTP gtBbÑ|[g]lĂȂA
  ``2.0.x J[l̕Kv'' ̏͂ɂAV IP_MASQ_FTP W[
  ̃pb`肵ĂB2.2.x nJ[lƂ͈Ⴄpb`ŁA
  I FTP |[g蓖Ă@\Ȃǂ͒񋟂ĂȂƂɂӂ
  B

  ꂩAIPPORTFW pb`(subs-patch-x.gz) Linux fBNgɃR
  s[܂B

               cp /usr/src/subs-patch-1.37.gz /usr/src/linux

  ÂāAIPPORTFW J[lIvV邽߂Ƀpb`Kp܂B

               cd /usr/src/linux
               zcat subs-patch-1.3x.gz | patch -p1

  낵B ``J[l̃RpC'' ̏͂ɎĂ悤ɁAJ[l
  RpC܂傤BJ[l̍\ɗLɂȂ IPPORTFW Iv
  Vł YES ɐݒ肵ĂBRpCAċN
  ȂȀ͂̐𑱂܂B

  VRpCꂽJ[lgāAۂ"IPPORTFW" vO
  CXg[܂B

               cd /usr/src
               gcc ipportfw.c -o ipportfw
               mv ipportfw /usr/local/sbin

  āA̗ł͂Ȃ̃C^[lbg TCP/IP AhXɑ΂S
   WWW C^[lbggtBbN (|[g80) ̃}XJ[h
  }V IP AhXA 192.168.0.10 Ɍꍇグ܂B

   -  |[g 80 Ń|[g]LɂƁA Linux IP }XJ[h
  T[o͂̃|[g͎gȂȂ܂B܂A\߃}XJ[h
  T[o WWW T[o삵ĂƂāÃT[oœ̃}XJ
  [hꂽRs[^ւ̃|[g 80 ł̓]sȂ΁ASẴC
  ^[lbg̃[U̓}XJ[hT[õy[Wł͂ȂA--
  WWW T[õy[W邱ƂɂȂ܂B邽߂̗B̕
  @́AƂ 8080 ̂悤ȕʂȃ|[gœ]邱ƂłBœ
  ͂ł܂Ã}XJ[hꂽ WWW T[oɑ΂ANZX
  ΂āASẴC^[lbg̃[U :8080 Ƃ URL ɒǉ
  Ȃ΂Ȃ܂B

  ɂA|[g]Lɂɂ́A/etc/rc.d/rc.firewall [
  ZbgҏWȂ΂Ȃ܂BāÂ悤ȍsǉ
  "$extip" ƂȂ̃C^[lbg IP AhXɒu
  Ȃ΂Ȃ܂B

   -   A PPP  ADSL  P[ufȂǂ̂悤Ȍ` ISP 
  I IP AhX蓖Ă󂯂ĂȂ΁A /etc/rc.d/rc.firewall
  [Zbg͂ƒmIɓ삷悤쐬Ȃ΂Ȃ܂B̂
  ߂ɂ́Ao `` IPCHAINS ̃[Zbg'' ̏͂A TrinityOS -
  Section 10 <http://www.ecst.csuchico.edu/~dranch/LINUX/index-
  linux.html#TrinityOS> QƂāAłȃ[ƓI IP AhX
  ĂɊւQƂĂBł͂Ƃqg -
  PPP [Uł /etc/ppp/ip-up łB

               /etc/rc.d/rc.firewall
               --

               #echo "IPPORTFW ɂ郊_CNVO LAN ɂėL .."
               #
               /usr/local/sbin/ipportfw -C
               /usr/local/sbin/ipportfw -A -t$extip/80 -R 192.168.0.10/80

           # |[g 20 ɑ΂|[g]͓쒆̐ڑɑ΂Ă͕svłB
           # ɂ FTP T[o̓|[g 20 Ԃł̐ڑJnāÂł
           # }XJ[hꂽRs[^舵Ƃł܂B
               --

  ꂾłI /etc/rc.d/rc.firewall [ZbgēxăeXg
  ܂傤I

  A"ipfwadm: setsockopt failed: Protocol not available" ƂG
  [bZ[WoĂ܂ꍇ́AȂ͂܂VJ[l𓮍삳
  ĂȂƂɂȂ܂BVJ[lt@CK؂ȏꏊɈړ
  āALILO R}hĎsAVXeċNĂB

  FTP T[oɑ΂|[g] -

  lbg[Nɑ݂ FTP T[oւ̃|[g]lĂ
  AԂ͂蕡GɂȂ܂BƂ̂AWI IP_MASQ_FTP J[l
  W[͂̂悤ȓ̂߂ɂ͍ĂȂɂւ炸Al
  ̃[U͖ȂĂƂ񍐂邩łB̒m邩
  Apb`ĂȂԂł 30 z]Ԃvꍇɂ
  ́A肪ȂƌĂ郆[Uł]͎sƎv܂Bǂ
  A ip_masq_ftp W[ĝ悤ȃ|[g]̕@
  ݂āAȂ̊œǂm߂Č邱ƂE߂܂B
  ꂪȂȂ΁Aǂꂽ ip_masq_ftp W[܂
  B

  Fred Viles ̓|[g]삷悤ɉǂ IP_MASQ_FTP W[
  AKvƂ郆[Û߂ɍ쐬Ă܂B̃W[g
  邩ǂ𒲂ׂȂÃA[JCu_E[hĂ݂Ă
  BFred ̍쐬ł͏ڍׂɏqׂĂ܂B܂Ãpb`
  ܂ŎIȂ̂Ȃ̂ł̂ňĂBɁA2.0 n
  J[l 2.2 nJ[l܂ł̂̃pb`݂Ă܂
  B

  āA2.0 nJ[lp̃pb`𓮂߂ɂ́A̎Kvł -

  o  ̏͂̍ŏɐ悤ɁAIPPORTFW J[lpb`Kp܂B

  o  "msqsrv-patch-36" pb` ``2.0.x J[l̕Kv'' ̏͂ɂ
     Fred Viles  FTP T[oĂāA/usr/src/linux ɒu܂B

  o  "cat msqsrv-patch-36 | patch -p1" sāAVR[hJ[l
     ɓKp܂B

  o  ÂāAIWi "ip_masq_ftp.c" J[lW[V
     ̂ɒu܂B

     o  mv /usr/src/linux/net/ipv4/ip_masq_ftp.c
        /usr/src/linux/net/ipv4/ip_masq_ftp.c.orig

     o  mv /usr/src/linux/ip_masq_ftp.c
        /usr/src/linux/net/ipv4/ip_masq_ftp.c

  o  ŌɁAVR[h܂񂾃J[lrhăCXg[
     B

  ̍ƂIĂA/etc/rc.d/rc.firewall [ZbgҏWāA
  ̂悤ȍsǉ܂A"$extip"͊̕O IP AhXƂȂ悤
  ӂĂB

  ̗ł́Â悤ɃC^[lbg炠Ȃ TCP/IP AhXɑ
   FTP (|[gԍ 21) ̐ڑv́Aɂ IP AhX
  192.168.0.10 ɂ}XJ[hꂽRs[^ɓ]܂B

   - U|[g 21 Ń|[g]LɂƁÃ|[g IP }X
  J[hT[o͎gȂȂ܂B܂A FTP T[o炩
  }XJ[hT[oœ삵ĂƂA|[g]ׂ͂ẴC^[
  lbg̐ڑɑ΂ẮA}XJ[hT[oł͂Ȃ FTP T[
  oւ̐ڑ񋟂邱ƂɂȂ܂B

          /etc/rc.d/rc.firewall
          --

          #echo "IPPORTFW ɂ郊_CNVO LAN ɂėL .."
          #
          /usr/local/sbin/ipportfw -C
          /usr/local/sbin/ipportfw -A -t$extip/21 -R 192.168.0.10/21

          # - Ȃ̃[Jȃ|[gԍgĂă|[g]
          #       FTP T[o(Ƃ 21,2121,2112Ȃ)ɑ΂čsȂ
          #      ip_masq_ftp W[𕡐̃|[gɑ΂ăX悤ɐݒ
          #      Ȃ΂Ȃ܂B̂߂ɂ́AƂ΁A
          #      /etc/rc.d/rc.firewall ̓e
          #
          # /sbin/modprobe ip_masq_ftp ports=21,2121,2112
          #
          # ̂悤ɂAꂪLƂȂ悤 /etc/rc.d/rc.firewall XNvg
          # ēxsȂ΂Ȃ܂B

          # |[g 20 ɑ΂|[g]͓쒆̐ڑɑ΂Ă͂炭svłB
          # ɂ FTP T[o̓|[g 20 Ԃł̐ڑJnāÂł
          # }XJ[hꂽRs[^舵Ƃł܂B
          --

  ꂾł! /etc/rc.d/rc.firewall [ZbgēxăeXg
  ܂傤!

  A"ipfwadm: setsockopt failed: Protocol not available" ƂG
  [bZ[WoĂ܂ꍇ́AȂ͂܂VJ[l𓮍삳
  ĂȂƂɂȂ܂BVJ[lt@CK؂ȏꏊɈړ
  āALILO R}hĎsAVXeċNĂBV
  J[l𓮂ĂȂ̂ɁÃG[oꍇ́A "ls
  /proc/net" s "ip_portfw" t@C݂邩ǂmFĂ
  Bꂪ݂Ȃꍇ́AJ[l̍\ɃG[oĂ͂
  łBx蒼܂傤B

  6.9.  CU-SeeMe  Linux  IP }XJ[h

  Linux ł IP }XJ[hł "ip_masq_cuseeme" J[lW[
  gƂɂ CuSeeme T|[gĂ܂B̃J[lW[
  ́A /etc/rc.d/rc.firewall XNvgœǂ݂܂Ȃ΂Ȃ܂B
  "ip_masq_cuseeme" W[ǂݍ܂ƁA[g̃tN^y
  : CU-SeeMẽT[ôƁz⃆[UƂ̊ԂŐڑsƂł܂B

   - CuSeeme gpꍇ́AIPAUTOFW  IPPORTFW c[g
  傤B

   CuSeeMe ɑ΂Ămȏ񂪕KvȂ΁A Michael Owings's
  CuSeeMe page <http://www.swampgas.com/vc/ipmcus.htm> ɂ Mini-HOWTO
   IP }XJ[h̏ Ƀ~[ꂽeĂB

  6.10.  ~rXЂ ICQ

  Linux ̃}XJ[hT[o̔w ICQ 𓮂悤ɂ邽߂̕@
  ܂B̕@́AICQ ̃}XJ[hW[gƂŁA
   IPPORTFW gƂłB

  ICQ }XJ[hW[ɂ͂̗_܂B̃W[
  ͕ ICQ [Uɑ΂ĂPȐݒœ삵܂B܂ ICQ NCA
  gvOɑ΂ĂȂʂȕύXKv܂Bŋ߂
   ̃W[̃o[W 2.2 nJ[lւ̃Abvf[gł̓t@C
  ]⃊A^C`bgT|[g悤ɂȂ܂B
  A2.0 nJ[lł̓t@C]⃊A^C`bg͊Sɂ̓T
  |[gĂ܂BƂA2.2 nJ[l̏ IP }XJ[h
  s ICQ 𓮂悤ɂق낤Ƃ͎v܂B

  IPPORTFW ݒ肷ꍇALinux  ICQ NCAgɑ΂ ICQ b
  Z[WOA URLA`bgAt@C]ȂǂȂǂύXȂ΂Ȃ
  B

  A Andrew Deryabin  djsf@usa.net 2.2 nJ[l ICQ IP }X
  J[hW[Ɋ֐SȂA ``2.2.x J[l̕Kv'' ̏
  ɏڂ܂B

  }XJ[hT[o̓ ICQ 𓮂߂ɌÓTIȕ@肽
  ́Â悤ȕ@ōs܂ -

  o  ܂ŏɁAIPPPORTFW LɂԂŃJ[l𓮍삳܂B ``
     tH[_ (|[g]c[)'' ̏͂QƂĂB

     o  āA/etc/rc.d/rc.firewall t@CɎ̂悤ȋLqǉ
        B̗ł́A10.1.2.3 ͊O IP AhXŁÃR
        s[^ IP AhX 192.168.0.10 łƉ肵Ă܂B

        ĹAIPFWADM ɂ 2.0 nJ[l̂߂̗łB

          œ̗Ă܂BǂȂ삵܂B

          Ⴛ 1
          --
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2000 -R 192.168.0.10/2000
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2001 -R 192.168.0.10/2001
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2002 -R 192.168.0.10/2002
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2003 -R 192.168.0.10/2003
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2004 -R 192.168.0.10/2004
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2005 -R 192.168.0.10/2005
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2006 -R 192.168.0.10/2006
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2007 -R 192.168.0.10/2007
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2008 -R 192.168.0.10/2008
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2009 -R 192.168.0.10/2009
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2010 -R 192.168.0.10/2010
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2011 -R 192.168.0.10/2011
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2012 -R 192.168.0.10/2012
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2013 -R 192.168.0.10/2013
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2014 -R 192.168.0.10/2014
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2015 -R 192.168.0.10/2015
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2016 -R 192.168.0.10/2016
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2017 -R 192.168.0.10/2017
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2018 -R 192.168.0.10/2018
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2019 -R 192.168.0.10/2019
          /usr/local/sbin/ipportfw -A -t10.1.2.3/2020 -R 192.168.0.10/2020
          --

          Ⴛ 2
          --
          port=2000
          while [ $port -le 2020 ]
            do
                /usr/local/sbin/ipportfw -A t10.1.2.3/$port -R 192.168.0.10/$port
                port=$((port+1))
            done
          --

     IPCHAINS g 2.2 nJ[l̂߂̗Ɏ܂ -

       œ̗Ă܂BǂȂ삵܂ -

       Ⴛ 1
       --
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2000 -R 192.168.0.10 2000
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2001 -R 192.168.0.10 2001
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2002 -R 192.168.0.10 2002
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2003 -R 192.168.0.10 2003
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2004 -R 192.168.0.10 2004
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2005 -R 192.168.0.10 2005
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2006 -R 192.168.0.10 2006
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2007 -R 192.168.0.10 2007
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2008 -R 192.168.0.10 2008
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2009 -R 192.168.0.10 2009
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2010 -R 192.168.0.10 2010
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2011 -R 192.168.0.10 2011
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2012 -R 192.168.0.10 2012
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2013 -R 192.168.0.10 2013
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2014 -R 192.168.0.10 2014
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2015 -R 192.168.0.10 2015
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2016 -R 192.168.0.10 2016
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2017 -R 192.168.0.10 2017
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2018 -R 192.168.0.10 2018
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2019 -R 192.168.0.10 2019
       /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 2020 -R 192.168.0.10 2020
       --

       Ⴛ 2
       --
       port=2000
       while [ $port -le 2020 ]
         do
             /usr/local/sbin/ipmasqadm portfw -a -P tcp -L 10.1.2.3 $port -R
     192.168.0.10 $port
             port=$((port+1))
         done
       --

     o

        V rc.firewall łA"/etc/rc.d/rc.firewall" ƃ^
        CvĐݒ肪ȂƂmF邽߂Ƀ[Zbg̍ēǂݍ
        ݂s܂BG[oꍇAIPPORTFW T|[ĝ
        J[l𓮍삳ĂȂA rc.firewall t@CɂȂɂ^C
        v~X邱Ƃł傤B

     o

        ICQ  [vt@X] - [ڑ] ݒ "LANg"  "t@C
        AEH[܂̓vLVoRĎg" ݒ肵ĂB
        A "t@CAEH[ݒ" NbNāA"SOCKS vLV
        gȂ" ݒ肵܂BȑO "t@CAEH[^CAEg" 
        "30" ɂ邱Ƃ𐄏Ă܂A̗p҂͂ɂ
        ICQ ̐M邱ƂɋCÂĂ_ɒӂĂB ICQ
        ͋K̃^CAEgݒ ( ICQ IvVLɂȂ)
        łM̂ŁA}XJ[hT[oł̃^CAEg160
        bɂ܂B̃^CAEgݒύX@ɂĂ ``'' 
        ``'' [ZbgQƂĂBꂩA "" Nb
        N "ȉ TCP Ď|[gg" ̍ڂł́A "2000" 
        "2020" ܂łw肵ĂB""NbNďI
        łB

        ICQ NCAg͕ύXLɂ邽߂ ICQ ̍ċN𑣂Ă
        ܂B́Ȁꍇ͕ύX𐳂fē߂
        Windows9x ̂ċNȂ΂Ȃ܂łAl͂
        ȂƂKv͂ȂƂĂ܂B߂Ȃ痼
        ݂ĂB

  o  l̓|[gԍ 4000  ICQ ̓Ă}VɃ|[g]
     邾̏ԂxXgAƂbĂ܂Bނ͂ꂾ ICQ 
     ̂̐ݒl牽ύX邱ƂȂS̋@\(`bgAt@C
     ]Ȃ)܂삵ƕ񍐂Ă܂B炭͂
     񂠂̂ł傤AʂȐݒ̕@̂܂B

  6.11.  Q[}[ - LooseUDP pb`

  LooseUDP pb` NAT Ƃ̐eaAʏ UDP pQ[
  Linux IP }XJ[hT[o̔wŖȂ삳邽߂̂̂łB
  ̂ƂALooseUDP ̓o[W 2.0.36 ȏ̃J[lɑ΂Ă̓pb
  `ƂĒ񋟂A2.2.3 ȏ̃J[lɂ͑gݍ܂Ă܂A
  2.2.16 ȏ̃J[lł̓ftHgŋ֎~ԂɂȂĂ܂B

  LooseUDP 2.0.x nJ[lœ삳ɂ͎̎菇ɏ]܂ -

  o  ŐV 2.0.x J[lpӂA/usr/src/linux fBNgɓWJ
     ܂B

  o  o[W 2.0.x ł͕K{ -  IPPORTFW pb`A HOW-TO 
     ``2.0.x J[l̕Kv'' ̏͂A܂ ``tH[_ (|[g]
     c[)'' ̏͂QlɂĂB

  o  ``2.0.x J[l̕Kv'' ̏͂ LooseUDP pb`_E[h
     ܂B

     LooseUDP pb` /usr/src/linux fBNgɒuÂ悤Ƀ^C
     v܂B

       kꂽpb`t@C̏ꍇ - zcat loose-udp-2.0.36.patch.gz |
       patch -p1

       kĂȂpb`t@C̏ꍇ -  cat loose-udp-2.0.36.patch |
       patch -p1

  g patch vÕo[Wɂ܂Â悤ȃeLX
  g邱ƂɂȂł傤 -

  patching file `CREDITS'
  patching file `Documentation/Configure.help'
  patching file `include/net/ip_masq.h'
  patching file `net/ipv4/Config.in'
  patching file `net/ipv4/ip_masq.c'

  A"Hunk FAILED" pb`ߒ̊eXłꂼx\Ă
  ȂA͌xł͂܂BÂpb`t@CĂ̂
  v܂ȀԂłΓ삵܂BSsɏIĂ܂
  ́AIPPORTFW pb`J[lɓKpĂ邩ǂA܂mF
  ݂ĂB

  ̃pb`gݍ܂ƁA ``J[l̃RpC'' ̏͂ɎĂ
  ʂ "IP: loose UDP port managing (EXPERIMENTAL)
  (CONFIG_IP_MASQ_LOOSE_UDP) [Y/n/?]" IvVɑ΂ "Y" Ɠč\
  ĂB

  2.2 nJ[l LooseUDP 悤ɂ邽߂ɂ́Â悤Ȏ菇
  {܂ -

  o  /etc/rc.d/rc.firewall XNvg̍Ō̂ɂ LooseUDP ̍
     ڂT܂B echo "0" > /proc/sys/net/ipv4/ip_masq_udp_dloose 
     sɂ "0"  "1" ɕύXāA rc.firewall [ZbgĎ
     s܂B̎́A``''  ``'' ɂ܂B

  V LooseUDP LƂȂJ[l𓮂ƁAwǂ NAT Ƃ̐ea
  ̂Q[Ȃ悤ɂȂ܂B̃y[WŁA
  BattleZone ȂǂƂQ[ NAT eapb`񋟂
  web y[W܂Bڍׂ``'' ̏͂QƂĂB

  7.  悭鎿 (FAQ)

  ɍڂɑvAdranch@trinnet.net ɑ
  BƁAK؂ȉ񓚂A₷Ē΍KłBX
  肢܂B

  7.1.  IP }XJ[hT|[gĂ Linux fBXgr[V
  ǂłH

  Linux fBXgr[V IP }XJ[hT|[gĂȂĂ
  Sz͂܂B HOWTO ̑O̕ɏĂƂɃJ[l
  ăRpCsłB

   - ̕\ɒǉłambrose@writeme.com ܂
  dranch@trinnet.net Ƀ[𑗂ĂB

  o  Caldera       < v1.2   : NO  - ?

  o  Caldera         v1.3   : YES - 2.0.35 based

  o  Caldera         v2.2   : YES - 2.2.5 based

  o  Caldera eServer v2.3   : YES - ? based

  o  Debian          v1.3   : NO  - ?

  o  Debian          v2.0   : NO  - ?

  o  Debian          v2.1   : YES - 2.2.1 based

  o  Debian          v2.2   : YES - 2.2.15 based

  o  DLX Linux       v?     :  ?  - ?

  o  DOS Linux       v?     :  ?  - ?

  o  FloppyFW        v1.0.2 :  ?  - ?

  o  Hal91 Linux     v?     :  ?  - ?

  o  Linux Mandrake  v5.3   : YES - ?

  o  Linux Mandrake  v6.0   : YES - 2.2.5 based

  o  Linux PPC       vR4    :  NO - ?

  o  Linux Pro       v?     :  ?  - ?

  o  LinuxWare       v?     :  ?  - ?

  o  Mandrake        v6.0   : YES - ?

  o  Mandrake        v6.1   : YES - ?

  o  Mandrake        v7.0   : YES - 2.2.14

  o  Mandrake        v7.1   : YES - 2.2.15

  o  Mandrake        v7.2   : YES - 2.2.17

  o  MkLinux         v?     :  ?  - ?

  o  MuLinux         v3rl   : YES - ?

  o  Redhat        < v4.x   : NO  - ?

  o  Redhat          v5.0   : YES - ?

  o  Redhat          v5.1   : YES - 2.0.34 based

  o  Redhat          v5.2   : YES - 2.0.36 based

  o  Redhat          v6.0   : YES - 2.2.5 based

  o  Redhat          v6.1   : YES - 2.2.12 based

  o  Redhat          v6.2   : YES - 2.2.14 based

  o  Redhat          v7.0   : YES - 2.2.16 based

  o  Slackware       v3.0   :  ?  - ?

  o  Slackware       v3.1   :  ?  - ?

  o  Slackware       v3.2   :  ?  - ?

  o  Slackware       v3.3   :  ?  - 2.0.34 based

  o  Slackware       v3.4   :  ?  - ?

  o  Slackware       v3.5   :  ?  - ?

  o  Slackware       v3.6   :  ?  - ?

  o  Slackware       v3.9   :  ?  - 2.0.37pre10 based

  o  Slackware       v4.0   :  ?  - ?

  o  Slackware       v7.0   : YES - 2.2.13 based

  o  Slackware       v7.1   : YES - 2.2.16 based

  o  Stampede Linux  v?     :  ?  - ?

  o  SuSE            v5.2   : YES - 2.0.32 base

  o  SuSE            v5.3   : YES - ?

  o  SuSE            v6.0   : YES - 2.0.36 based

  o  SuSE            v6.1   : YES - 2.2.5 based

  o  SuSE            v6.3   : YES - 2.2.13 based

  o  Tomsrbt Linux   v?     :  ?  - ?

  o  TurboLinux Lite v4.0   : YES - ?

  o  TurboLinux v6.0        : YES - 2.2.12 based

  o  TriLinux        v?     :  ?  - ?

  o  Yggdrasil Linux v?     :  ?  - ?

  7.2.  IP }XJ[hg߂́An[hEFAɍŒKvȏ 
  ĂBłǂȐ\o܂?

  16MB  RAM  486/66 ̃{bNX́A 1.54Mb/s T1 ̃lbg[N
   100% ȏ̓܂!  XɃ}XJ[h 8MB  RAM 
  386SX-16s ̃}VłƂĂǍDɓ삷邱ƂmĂ܂B
  ALinux IP }XJ[h 500 z}XJ[hGg[ŃXb
  VOn߂Ă܂ƂɒӂĂBy: XbVO: OS
   SWAP Xy[X̊Ԃ̃f[^̓ǂݏɖwǂ̎ԂāA
  vOsłȂȂ󋵂܂Bz

  m Linux IP }XJ[hꎞIɉ󂷂ƂłB̃Av
  P[V́A GameSpy łBȂƂƁA GameSpy ͎gĂ郊X
  gtbV邽߂ɔɒZԂ 10,000 ̃C^[lbgڑ
  s܂B̃ZbṼ^CAEg}XJ[hEe[u͈t
  ɂȂĂ܂܂Bڍׂ FAQ  ``'' ̂ƂĂB

  ȊOɂA

  Linus ǗĂ Linux J[lł TCP  UDP eXɑ΂ 4096
  ̓ڑ̐܂B̐́AJ[l\[X̒̒l
  Ƃ邾ŊȒPɕς邱Ƃł܂B 2.2.x J[l̏ꍇ
   /usr/src/linux/include/net/ip_masq.h A 2.0.x J[l̏ꍇ
  /usr/src/linux/net/ipv4/ip_masq.h ҏW܂BǂȂɖZT[o[
  łt@C̒̐lő 32000 ₹Αvł傤B
  ̐ύXꍇ́A PORT_MASQ_BEGIN & PORT_MASQ_END ̒l 32K
   64K ̓K؂Ȕ͈͓ɕύXKv܂Bɗ܂
  -

  PORT_MASQ_BEGIN=32000
  PORT_MASQ_END=64000

  7.3.  rc.firewall R}hsuR}h܂v
  (command not found) ƂG[܂BȂł傤?

  ǂ̂悤 rc.firewall ܂?  TELNET EChEɃJbgA
  hy[Xg܂?   Windows/DOS }V FTP ܂
  ?  ̂ƂĂ݂Ă..  Linux {bNXɃOCA "vim
  -b /etc/rc.d/rc.firewall" sĂ݂ĂBāA\ꂽs
  ׂ ^M ŏIĂ邩ǂĂBȂ ^M S
  폜āAxĂ݂ĂB

  7.4.  ݒSă`FbN܂A IP }XJ[h𓮍삳
  Ƃł܂Bǂ悢ł傤?

  o  ܂ĂBłR[q[ł\[_łňꑧ
     ĂBCAȉɋLĂ邱Ƃ
     ݂ĂB Linux IP }XJ[h͓͂Ȃ̂łAȂ
     ɂƂď߂Ă̊TO܂B

  o  x ``IP }XJ[h̃eXg'' ̏͂̒ɂSẴXebv
     Ă݂ĂBĂ鏉߂Ẵ}XJ[hE[U
     99% ͂Ă܂B

  o  IP Masquerade Mailing List Archives
     <http://www.indyramp.com/lists/masq/> `FbNĂ݂ĂB
     炭AȂ̎͋ʂ̂̂ŁAPȃA[JCuTŌ
     邱Ƃłł傤B

  o  TrinityOS <http://www.ecst.csuchico.edu/~dranch/LINUX/index-
     linux.html#TrinityOS> ̕`FbNĂ݂ĂB́A
     J[l 2.0.x  2.2.x ̗ł IP }XJ[h
     PPPdADialDADHCPADNSAsendmail ȂǁÃgsbNXJo[
     Ă܂B

  o  ROUTED ܂ GATED 𑖂点ĂȂƂm߂ĂBm
     ɂ "ps aux | grep -e routed -e gated" 𑖂点Ă݂ĂB

  o  IP }XJ[hE[OXg֎𓊍eĂ (ڂ
     ̏͂̎̍ڂQ)Bł̓[OXg̃A[JCu
     ȂꍇɂĂB̒ ``IP }
     XJ[h̃eXg'' ̏͂̒ŗvĂSĂ̏܂߂Ă
     B

  o  ֘A Linux NNTP j[XO[v֎𓊍eĂB

  o  ambrose@writeme.com   dranch@trinnet.net Ƀ[𑗂Ă
     B IP }XJ[hE[OXgԎ
     @̂قł傤B

  o  Ȃ̐ݒx`FbNĂB:-)

  7.5.  IP }XJ[hE[OXg IP }XJ[hEJ [
  OXgɎQÃA[JCuɂ͂ǂΗǂł
  ?

  2  Linux IP }XJ[hE[OXgɎQɂ 2 
  @܂B 1 ̕@ masq-request@indyramp.com Ƀ[𑗂
  ƂłB Linux IP }XJ[hEJ҃[OXgɎQ邽
  ɂ masq-dev-request@indyramp.com Ƀ[𑗂܂Bڍׂ͉̋Lq
  QƂĂB

  o  [ł̐\ - [bZ[W̌܂͖{̂ǂ炩̒
      "subscribe" ƂPĂB IP }XJ[hE
     [OXg邢 IP }XJ[hEJ҃[OXg
     _CWFXgł݂̂̐\݂̂ȂA[bZ[W̌
     邢͖{̒ "subscribe digest" ƂPĂ (
     ̏T̃[OXg̃[̑SĂ傫 1 ̃[ɂȂ
     đ܂)B

     T[oȂ̃NGXg󂯎΁A[OXgɓo^A
     pX[hĂ܂B̃pX[hۑĂĂ
     BŃXgo^AIvVύX邽߂ɕK
     vłB

   2 ̕@́A WWW uEUg܂B IP }XJ[hE[O
  XgɎQꍇ http://www.indyramp.com/masq-list/ ɂtH[
  ANZXA IP }XJ[hEJ҃[OXgɎQ
   http://www.indyramp.com/masq-dev-list/ ɂtH[ɃANZX
  āA\݂܂B

  \񂷂Ɨ\񂳂ꂽ[OXg烁[܂B\񂵂[U
  \񂵂ĂȂ[U 2 ̃[OXg̃A[JCuɂ̓ANZ
  X邱Ƃł܂B\̂߂̏ڂ́AL 2  WWW URL 
  QƂĂB

  ŌɂȂ܂Aŏɗ\񂵂AJEg/AhX炵 IP }XJ
  [hE[OXgɓełȂƂɒӂĂB

  [OXg邢̓[OXgEA[JCuɊւĉ炩̖
  肪 Robert Novak ɘAĂB

  7.6.  IP }XJ[h́AvLV NAT T[rXƂǂႤ̂ł傤
  ?

  vLV: vLVT[ô͎̂ŗp\ł:  Win95, NT, Linux,
  SolarisȂǁB

                   -  + 1 IP AhX: 
                          + \̂߂ɃLbVOEIvVB
                            (www )

                  Z -  - vLVT[oɌqNCAg
                            AvP[V̓vLVET[rX (SOCKS) 
                            T|[gAvLVT[og悤ɐݒ
                            Ȃ΂ȂȂB
                          - WWW ̃JE^Ɠv񂪋Ă܂܂B

          vLVT[o IP }XJ[hƓlɁA 1 ̃O[o IP
          AhX̂ݎgpAvCx[g LAN ̃NCAg (WWW uEU
          ) ւ̖|@Ƃē삵܂B
          ̃vLVT[óA1 ̃C^[tF[XɌqvCx[g
          lbg[N TELNET, FTP, WWW ̂悤Ȑڑv󂯎܂B
          āA[J{bNX̒Nڑv𔭂Ă邩
          悤ɁAԂɂ̃NGXgOɑM܂B
          ũC^[lbgT[ovꂽ𑗂ԂĂƁA
          x͓NCAgɍēx TCP/IP AhX|󂵁AgtBbN
          ܂B
          ̂߁A̓vLVT[oy: 㗝T[ozƌĂ΂܂B

                   -
                  AvP[VAlbg[Ñ}V
                  gꍇ́A Netscape ̗DG TELNET 
                  FTP NCAĝ悤ɁAvLVT[õT|[g
                  ĂȂ΂Ȃ܂B
                  vLVT[õT|[gĂȂNCAg
                  vO͓삵܂B

          vLVT[ô̗_ƂāAvLVT[o̒ɂ
          LbVÔł̂邱Ƃł (Squid for WWW) B
          Ⴆ 50 ̃vLVꂽ PC āA炪
          Netscape NƑzĂB
          炪ftHg̃z[y[W URL ̂܂܃CXg[
          ȂA Netscape WWW y[WeX̌X̃Rs[^
          ʁX 50  WAN Nđ邱ƂɂȂ܂B
          LbVvLVT[oł́A 1 񂾂vLVT[o
          ɂă_E[hAvLVꂽ}V̓vLV
          LbV WWW y[W󂯎܂B
          ̓C^[lbgڑ̑ш敝ߖ񂷂邾łȂA
          vLVꂽ}VɂƂĔɑxɂȂ܂B

  }XJ[h-  IP }XJ[h ́ALinux y Zytel Prestige128, Cisco 770,
    y         NetGear ISDN routers A ISDN [^ŗp\łB
   1ΑIP
    NAT            -  + 1 IPAhXKvB()B
                          + ʂȃAvP[VɂT|[gvȂB
                          + t@CAEH[E\tgEFAgp̂ŁA
                            lbg[NSɂȂB

                  Z -  - Linux {bNXAʂ ISDN [^KvƂB
                            (̐i͓ڂĂ邩m܂..)
                          -  LAN ŏ̃gtBbN𔭐邩A
                            ̃|[gEtH[fBOE\tgEFA
                            CXg[ĂȂ΁AO痈
                            gtBbN͓ LAN ɃANZXłȂB
                             NAT T[o͂̋@\Ă܂B
                          - ȃvgRɂ̓t@CAEH[E
                            _CN^ɂČX̐ݒ肪KvB
                            Linux ́A̋@\ ( FTPAIRC ) ̑SʓI
                            T|[gĂ邪Ã[^̓T|[g
                            ȂB  (NetGear ̓T|[gĂ܂)

          IP }XJ[h 1Α IP  NAT ́AT[o IP AhX|
          sA}VɑĂ}XJ[hT[oڑv
          Ă邩̂悤ɁAũT[o (Ⴆ WWW T[o) 
          oƂӖŁAvLVT[oɎĂ܂B

          IP }XJ[hƃvLVT[o̎ȈႢ́A}XJ[hT[o
          NCAg}V̐ݒύXSKvƂȂƂƂłB
          NCAg̃ftHgQ[gEFCƂ Linux {bNXg悤
          ݒ肳΁AȂ܂B
           RealAudio, FTP gɂ́A̓ʂ Linux W[
          CXg[Kv܂B

          XɁA̐lX TELNET, FTP ׂ̈ IP }XJ[h 
          gp܂B
          ɉāAX www ̃gtBbN̐\グׂɁA
          Linux {bNX̒ɃLb𗘂vLVݒ肵܂B

  NAT -   NAT T[o Windows 95/NT, Linux, Solaris ⍂ ISDN[^
          p\łB(Ascend А̂̂)

                   -  + ݒ肪LxɂłB
                          + ʂȃAvP[V\tgvȂB

                  Z -  - ISP Tulbg IP AhXႤKvB
                            ()

          lbg[NAhXϊ (Network Address Translation) ́A
          pubNAhXƂĎgpłL IP AhXv[
          Ă锠̖OłB
          lbg[NC^[lbgɍsꍇAڑv
          oĂNCAg̃vCx[gAhXA󂢂ĂL
          pubN IP AhXɏāAڑvC^[lbg
          s܂B
          ̌̉gtBbN͑SāANAT ̃pubN IP AhX
          vCx[gEAhXɏ܂B
          gpĂpubN IP AhX\ߌ߂ꂽ莞
          gpȂƁApubN IP AhX̓pubN NAT v[
          ߂܂B

          NAT Ɋւ傫Ȗ́AxRɎgpubN IP AhX
          SĎgĂ܂ƁǍɃC^[lbgT[rXv
          ǂ̃vCx[g[UApubN NAT AhXɋ󂫂o閘
          s^ɂC^[lbg𗘗płȂƂłB

  FXȌ`Ԃ NAT ɊւAɕ̍LDꂽLq̂ŌĂ
   -

  o  <http://www.suse.de/~mha/linux-ip-nat/diplom/nat.html>

  ́A NAT ɊւĊwK悢TCgłBURL ̑͌ÂłA
  ܂Lł -

  o  <http://www.linas.org/linux/load.html>

  ́A Linux ⑼̃vbgtH[pɁA NAT ɂ@m
  邽߂̗ǂ URL ł -

  o  <http://www.uq.net.au/~zzdmacka/the-nat-page/>

  7.7.  GUI  t@CA[EH[쐬Ǘc[͂܂?

  ͂! [UEC^[tF[X╡GȂǂɂčA啔
  IPFWADM c[płAƂĂǂ̂܂BɃAt@
  xbgɗp\ȃc[̃Xg܂B̂̂mĂ邩A
  ǂꂪǂƂAƂAgȂƂ̍lA David Ƀ[
  ĂB

  o  John Hardin  IPFWADM Dot file generator - IPCHAINS o[W
     삵܂B

     y: L web site łA ipchains o[W݂͑܂B
     쐬[t@C ipfwadm2ipchains ŕϊė~AƂ
     ܂Bz

  o  Sonny Parlin  fBuilder <http://www.innertek.com> - FWCONFIG 
     A̐V@͊S WWW x[XŁA璷IvV
     A IPCHAINS  Netfilter ̗ɑΉĂ܂B

  o  William Stearns  Mason <http://www.pobox.com/~wstearns/mason/> -
     [Zbg𒼐ڍ^CṽVXe

  7.8.  IP }XJ[h͓IɊ蓖Ăꂽ IP AhXœ삵܂?

  ͂APPP  DHCP/BOOTp T[oɂāA ISP 犄蓖Ăꂽ
  I IP AhXœ삵܂BLȃC^[lbg IP AhX
  A삷锤łBܘ_AÓI IP ł삵܂B IPFWADM/IPCHAINS
  g[ZbggƂĂ邩A|[g]gƂ
  ȂÃ[Zbg IP AhXύXxɍĎs
  Ȃ΂Ȃ܂Bt@CAEH[E[ZbgƓI IP Ah
  XɊւ⑫ TrinityOS - Section 10
  <http://www.ecst.csuchico.edu/~dranch/LINUX/index-
  linux.html#TrinityOS> ɂ܂̂ŌĂB

  7.9.  P[uEf(oƃfE^[̗)A DSL, q
  NgpăC^[lbgɐڑA IP }XJ[h gƂ
  ł܂?

  ͂A Linux ̃lbg[NC^[tFCXT|[gĂ
  A͓삵܂BI IP AhXgĂȂA FAQ ړ
  Lu IP }XJ[h͓IɊ蓖Ăꂽ IP AhXœ삵܂
  ?vQƂĂB

  7.10.  Diald ܂ PPPd ̃_CAIf}h@\ IP }XJ[h
   ꏏɎgł傤?

  ł! IP }XJ[h Diald ܂ PPP ɂĊSɓߓI
  łBB̖_́AI IP AhXut@CAEH[E
  [Zbgvgp邩ǂłBڂ FAQ ڂ̏Lu IP }
  XJ[h͓IɊ蓖Ăꂽ IP AhXœ삵܂?vQƂ
  ĂB

  7.11.  IP }XJ[hł́AǂȃAvP[VT|[gĂ
  ?

  삷AvP[ṼXgXV邱Ƃ͔ɍłB
  ȂA (Netscape, MSIE, ) WWW uEUA (WS_FTP ) FTP,
  TELNET, SSH, RealAudio, POP3 ([M - Pine, Eudora, Outlook),
  SMTP ([M) Aʏ̃C^[lbgAvP[V̖wǂ̓T
  |[gĂ܂B}XJ[h݊̃NCAg̑SȃXg
   HOWTO  ``NCAg'' ̏͂ɂ܂B

  蕡GȃvgRA̓rfIc\tgEFÂ悤ȓʂȐڑ
  @gĂAvP[V́Ap̕⏕c[gKv
  B

  ڍׂɂ́ALinux IP masquerading Applications
  <http://www.tsmservices.com/masq> ĂB

  7.12.  ǂ IP }XJ[h Redhat, Debian, Slackware 
  ғ邱Ƃł܂?

   HOWTO ̒ŐĂ IP }XJ[h̃ZbgAbv菇́A
  莝 Linux fBXgr[V̎ނ킸Kpł܂BfB
  Xgr[V̒ɂ́AZbgAbveՂɂ GUI ͓
  ̐ݒt@CĂ̂邩m܂BB͂ł邾
  ʓI HOWTO ׂɍőPsĂ܂B

  7.13.  ΂ΎgpĂȂ TELNET ڑ؂悤Ɍ܂B 
  ł傤?

  IP }XJ[h TCP ZbVA TCP FIN y UDP gtBbÑ^C
  AEgE^C}ftHg15ɐݒ肵܂Bwǂ̃[Uɂ͎̐
   ( HOWTO /etc/rc.d/rc.firewall ruleset ̒ŊɎ܂)
  gƂ߂܂B

  Linux 2.0.x  IPFWADM gꍇ -

  # IP }XJ[h̃^CAEg
  #
  #  TCPZbṼ^CAEg 2 
  #  TCP/IP  u FIN vpPbgMꂽ̃^CAEg 10 b
  #  UDP gtBbÑ^CAEg 60 b (}XJ[hENCAg
  #  ICQ [ÚA ICQ ̐ݒ̒Ńt@CAEH[̃^CAEgl
  #  30 b܂ŋ悤ɂKv܂B)
  #
  /sbin/ipfwadm -M -s 7200 10 60

  Linux 2.2.x  IPCHAINS gꍇ -

  # IP }XJ[h̃^CAEg
  #
  #  TCPZbṼ^CAEg 2 
  #  TCP/IP  u FIN vpPbgMꂽ̃^CAEg 10 b
  #  UDP gtBbÑ^CAEg 60 b (}XJ[hENCAg
  #  ICQ [ÚA ICQ ̐ݒ̒Ńt@CAEH[̃^CAEgl
  #  30 b܂ŋ悤ɂKv܂B)
  #
  /ipchains -M -S 7200 10 60

  7.14.  C^[lbgڑ悤ƂĂAŏ͐ڑł܂B 
  xĂ݂ƁAȂ삵܂BȂł傤?

  ̗ŔAȂI IP AhXgĂāAŏɃC^[lbg
  ڑ悤Ƃɂ IP }XJ[h܂ IP AhXm
  łB̉􂪂܂B /etc/rc.d/rc.firewall [Zbg
  ɉLĂ -

  # I IP [U -
  #
  #    SLIP  PPP, DHCP  IP AhX𓮓IɎ󂯎ĂȂA
  #    ȉ̃IvVLɂĂB
  #     IP }XJ[h Diald ₱ƓlȃvOƈꏏ
  #    g鎞ɁAI IP AhX̃nbLOՂ܂B
  #
  echo "1" > /proc/sys/net/ipv4/ip_dynaddr

  7.15.  ( MTU ) - IP }XJ[h͂܂삵Ă悤Ɍ܂B
  A̃TCgł͓삵܂B ́Aʏ WWW  FTP 
  N܂B

  ̌ 2 l܂B1 ڂ͔ɈʓIłA2 ڂ͔
  ɊłB

  o  2.0.38  2.2.9 ȍ~ LinuxJ[lŁA}XJ[hER[h̒
     c_̂oO܂B

     [U̒ɂ́A IP }XJ[h DF Ȃ킿ufЉȂ (Don't
     Fragment)vrbgZbgĂpPbgɊւĖĂ
     mȂAƂwEl܂B{IɁA}XJ[
     hE{bNXC^[lbg 1500  MTU Őڑꍇɂ́A
     ̃pPbgɂ DF tB[hZbgł傤B Linux
     {bNX MTU  1500 ֕ύX邱Ƃł̖悤Ɍ
     ܂AoO͂܂킯ł͂܂BNĂƍl
     邱Ƃ́A}XJ[hER[h ICMP 3 Sub 4 R[htĕԂ
      ICMP pPbgK؂ɏāAgtBbN𔭍s}XJ
     [hENCAgɕԂĂȂƂƂłB̂߂ɁAp
     Pbg͗Ƃ܂B

     Ã[U̖͂肪N鉓ũTCg (T^Iɂ SSL ڑ
     ̃TCg) ̊Ǘ҂̂ƎwE܂Bނ炪ZLeBΎa
     ŁA (Type4 - KvƂtOg - ܂) Sނ ICMP b
     Z[WĂ̂ŁA TCP/IP vgR̊{
     Ăƌ̂łB

     o̎咣eXꗝ܂BāAeX̃O[v͍܂œc
     Ă܂BAȂlbg[ÑvO}ŁA̖
     ͐łȂAĂ݂ĂBڂ MTU Thread
     from the Linux-Kernel `FbNĂB

     łSz͂܂BSł悢Ώ@́AC^[lbgN
     MTU  1500 ɕύX邱ƂłBA[U̒ɂ TELNET Q[
     ̉ԂɕqȃvOɈƌĂSOl
     Ae͂ق̏łByTCgł͖wǂ HTTP  FTP g
     tBbNɂȂ܂!

     [ -- DSL ܂̓P[uEf̂߂ PPPoE ڑsĂ
     AMTU  1500 ɕύXȂƂɌ߂ꍇ́Aȉ̕ʂ̉@
     ĂB -- ]

     ׂɁAŏɃC^[lbgNp MTU ǂȂ
     邩ĂBׂ̈ɂ "/bin/ifconfig" s܂BC
     ^[lbgڑɑ郉CāA MTU {܂B 1500
     ɃZbgĂKv܂BʏAC[TlbgEN̓f
     tHgłɂȂ܂AVAڑ PPP N̓ftHg
     576 ɂȂł傤B

  7.15.1.  PPP N MTU ̕ύX -

  o  PPP N MTU ̖ɂ́A/etc/ppp/options t@C
     ҏWA̕ɕʁX 2 s "mtu 1500"  "mru 1500" ܂BV
     ύXۑAPPP ċNĂBɏ肩
     PPP N MTU  MRU ɂȂĂ邱ƂmFĂB

  o  DSL P[ufɃubWڑ⃋[^ڑꂽW̃C[T
     lbgEN MTU 邽߂ɂ́AgĂ Linux
     fBXgr[Vł̐lbg[NXNvgҏW
     Ȃ΂Ȃ܂B TrinityOS - Section 16 ɂlbg[N
     Kׂ̈̕ĂB

  7.15.2.  Â UNIX ̃VAC^[tF[X -

  o  ŌɁA͋ʂ̖ł͂܂񂪁AꂩL@
     ͂܂lɂ͂܂B PPP [ȔꍇAǂ̃|[g PPPd R[h
     ڑĂ邩mF܂B /dev/cua* |[gł? 
      /dev/ttyS* |[gł?   /dev/ttyS* |[głȂ΂Ȃ
     ܂B cua X^C͉ߋ̂̂ŁAɊȕ@ł̂
     ̂󂵂܂B

  7.15.3.  PPPoE [U -

  PPPoE (ő MTU Ƃ 1490 v܂) gp郆[UA MTU
   1500 ɂȂƂɌ߂[Üׂ̉@܂BSẴ}XJ
  [hENCAg PC  MTU ̒lOC^[lbgN MTU 
  lɐݒ肷΁A܂삷ł傤B PPPoE ISP ̒ɂ͐
  ڑ邽߂ 1460  MTU v鏊邩m܂̂ŁA
  ĂB

  ǂĂ邩́Aȉ̊eIy[eBOEVXep̒P
  Xebvɏ]ĂB

  ̗́A DSL yуP[uf[ǗׂAT^I PPPoE ڑ
  p MTU  1490 ̗܂B 128Kb/s ȏ̐ڑ̏ꍇ͑SāA\
  Ȍ傫Ȓlgp邱Ƃ𐄏܂B

  菬 MTU gpB̎ۂ̗ŔA\͂]ɂĂł
  葁Ԃ𓾂ƂłB̃gsbNɂĂ̏ڍׂ͈ȉ
  Ă -

  http://www.ecst.csuchico.edu/~dranch/PPP/ppp-performance.html#mtu

  *** ܂ƂAȂƂA͑ OS ł̂ ***
  mĂȂA David Ranch [𑗂ĂB낵!

  7.15.4.  Linux:

  ______________________________________________________________________
  1. MTU ̐ݒ Linux fBXgr[VɂقȂ܂B

     Redhatł - /sbin/ifup XNvg̗̒lX "ifconfig" ̍s
                  ҏWKv܂B

     Slackwareł - /etc/rc.d/rc1.inet ̗̒lX "ifconfig" ̍s
                     ҏWKv܂B

  2. ɁAǂ̃fBXgr[VłǂႪ܂B
     /etc/rc.d/rc.local t@CҏWAt@C̍ŌɈȉ̍s
     t܂ -

                   echo "Changing the MTU of ETH0"
                   /sbin/ifconfig eth0 mtu 1490

       "eth0" ̓C^[lbgɐڑꂽ}V̏㗬̃C^[tF[X
       u܂B

  3. "TCP MEChE" (TCP Receive Windows) ̂悤ȍxȃIvVA
      Linux fBXgr[Ṽlbg[LOEXNvg
     ҏW@̏ڂ́A
  ______________________________________________________________________

  ______________________________________________________________________
     16͂ĂB
  ______________________________________________________________________

  7.15.5.  MS Windows 95 -

  ______________________________________________________________________

  1. WXgɂǂȕύX邱ƂɊ댯łBŜ߂ɕKobN
     AbvERs[čsĂB
     ȐӔCōsĂB

  2. [X^[g]  [t@Cw肵Ďs(R)]  "RegEdit" Ɠ͂܂B

  y: ̍ڂ͓{ Windows 95 ̕\eQƂĂ܂Bz

  3. ƑOɂ̓WXg̃obNAbvERs[ĂB
     @́AGNXv[ \WINDOWS fBNgɂ "user.dat" 
     "system.dat" t@CSȏꏊɃRs[Ă܂B
     ȑOɏqׂ@łA
     "Regedit  [WXg(R)][WXgt@C̏o(E)]
     [WXg̏o]EBhE [t@C(N)][ۑ(S)]"
     ́AWXgPɃ}[W邾łāAuł͂ȂƂ
     ƂɒӂĂB

  4. "n" ŏI郌WXgc[̊eXT܂B (Ⴆ0007)
     NIC  IP AhX "IPAddress" ƂWXgGg
     ܂B
     ̃L[̉ɁALĂ -
  ______________________________________________________________________

       

  ______________________________________________________________________
     [Hkey_Local_Machine\System\CurrentControlset\Services\Class\NetTrans\000n]

           type=DWORD
           name="MaxMTU"           (_uNH[e[V͏Ȃł)
           value=1490 (10 i)    ((10 i)Ƃ͏Ȃł)

           type=DWORD
           name="MaxMSS"           (_uNH[e[V͏Ȃł)
           value=1450 (10 i)    ((10 i)Ƃ͏Ȃł)

  5. "TCP Receive Window" (TCP MEChE) ύXł܂B
     ͎Ƃălbg[N̐\Ȃコ邱Ƃ܂B
     X[vbgȂƂ킩A̍ڂ̒l
     ߂Ă烊u[gĂB

       [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\MSTCP]
          type=DWORD
          name="DefaultRcvWindow"   (_uNH[e[V͏Ȃł)
          value=32768 (10 i)    ((10 i)Ƃ͏Ȃł)

          type=DWORD
          name="DefaultTTL"         (_uNH[e[V͏Ȃł)
          value=128 (10 i)      ((10 i)Ƃ͏Ȃł)

  6. ċNĕύXLɂĂB
  ______________________________________________________________________

  7.15.6.  MS Windows 98 -

  ______________________________________________________________________

  1. WXgɂǂȕύX邱ƂɊ댯łBŜ߂ɕKobN
     AbvERs[čsĂB
     ȐӔCōsĂB

  2. [X^[g]  [t@Cw肵Ďs(R)]  "RegEdit" Ɠ͂܂B

    y: ̍ڂ͓{ Windows 98 ̕\eQƂĂ܂Bz

  3. ƑOɂ̓WXg̃obNAbvERs[ĂB
     @́AGNXv[ \WINDOWS fBNgɂ "user.dat" 
     "system.dat" t@CSȏꏊɃRs[Ă܂B
     ȑOɏqׂ@łA
     "Regedit  [WXg(R)][WXgt@C̏o(E)]
     [WXg̏o]EBhE [t@C(N)][ۑ(S)]"
     ́AWXgPɃ}[W邾łāAuł͂ȂƂ
     ƂɒӂĂB

  4. "n" ŏI郌WXgc[̊eXT܂B (Ⴆ0007)
     NIC  IP AhX "IPAddress" ƂWXgGg
     ܂B
     ̃L[̉ɁALĂ -
  ______________________________________________________________________

       

  ______________________________________________________________________
     [Hkey_Local_Machine\System\CurrentControlset\Services\Class\NetTrans\000n]

           type=STRING
           name="MaxMTU"           (_uNH[e[V͏Ȃł)
           value=1490 (10 i)    ((10 i)Ƃ͏Ȃł)

  5. "TCP Receive Window" (TCP MEChE) ύXł܂B
     ͎Ƃălbg[N̐\Ȃコ邱Ƃ܂B
     X[vbgȂƂ킩A̍ڂ̒l
     ߂Ă烊u[gĂB

       [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\MSTCP]
          type=STRING
          name="DefaultRcvWindow"   (_uNH[e[V͏Ȃł)
          value=32768 (10 i)    ((10 i)Ƃ͏Ȃł)

          type=STRING
          name="DefaultTTL"         (_uNH[e[V͏Ȃł)
          value=128 (10 i)      ((10 i)Ƃ͏Ȃł)

  6. ċNĕύXLɂĂB
  ______________________________________________________________________

  7.15.7.  MS Windows NT 4.x

  ______________________________________________________________________

  1. WXgɂǂȕύX邱ƂɊ댯łBŜ߂ɕKobN
     AbvERs[čsĂB
     ȐӔCōsĂB

  2. [X^[g]  [t@Cw肵Ďs]  "RegEdit" Ɠ͂܂B

    y: ̍ڂ͓{ Windows NT ̕\eQƂĂ܂Bz

  3DuWXgv  u Export Registry File (WXgt@C̎荞)v 
     u Save a copy (WXgt@C̏o)vŃWXg̃Rs[
      Sȏꏊɂ܂܂B

  4D 2 {̉\ȃWXgc[Ɏ̃L[쐬ĂB
    ̃Gg[A_CAbvlbg[N (ppp)AC[Tlbg NICAPPTP
     VPN Ȃǂ̗lXȃlbg[Nupɂ܂B

     [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Parameters\Tcpip]
                       
     [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\<Adapter-name>\Parameters
      \Tcpip]

         "<Adapter-Name>" ͎̃AbvN LAN NIC C^[tF[X
     ꂼ̖Oɒu܂B

           type=DWORD
           name="MTU"                 (quotesL͊܂߂Ȃ)
           value=1490 (10 i)      ((10 i)Ƃ͊܂߂Ȃ)

    *** ɂȂ NT 4.xł MSSATCP Window Size ATTL p[^[
    *** ύX@mĂ dranch@trinnet.net Ƀ[𑗂ĂB
    *** HOWTO ɒǉƎv܂B

  5Du[gĕύXLɂĂB
  ______________________________________________________________________

  7.15.8.  MS Windows 2000

  ______________________________________________________________________

  1DWXgɂǂȕύX邱ƂɊ댯łBŜ߂ɕKobN
    AbvERs[čsĂDg̃XNōsĂB

  2. [X^[g]  [t@Cw肵Ďs]  "RegEdit" Ɠ͂܂B

    y: ̍ڂ͓{ Windows 2000 ̕\eQƂĂ܂Bz

  3DuWXgv  u Export Registry File (WXgt@C̎荞)v 
     u Save a copy (WXgt@C̏o)vŃWXg̃Rs[
      Sȏꏊɂ܂܂B

  4DL[܂ŃirQ[g܂ -
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Inter
  faces\<ID for Adapter>

          e <ID for Adapter> iA_v^ ID j́ADNSATCP/IP AhXA
          ftHgEQ[gEFCATulbgE}XNȂǂ̂߂
          ftHgEL[Ă܂B̃lbg[NEJ[hp̂̂ĂB

  5D̃Gg[܂B

        type=DWORD
        name="MTU"                        (quotesL͊܂߂Ȃ)
        value=1490 (10 i)      ((10 i)Ƃ͊܂߂Ȃ)

  http://support.microsoft.com/support/kb/articles/Q120/6/42.asp?LN=EN-US&SD=gn&FR=0

    ***  NT 2000ł MSSATCP Window Size ATTL p[^[ύX@
    *** mĂ dranch@trinnet.net Ƀ[𑗂ĂB
    *** HOWTOɒǉƎv܂B

  6Du[gĕύXLɂĂB
  ______________________________________________________________________

  q̂悤ɁA OS/2, MacOS ̑ OS ɓlȕύX@
  mẮA David Ranch փ[𑗂ĂB HOWTO ɓ
  ܂B

  7.16.  IP }XJ[h FTP NCAg삵܂B

  "ip_masq_ftp" W[[hĂ邩`FbNĂB
  sɂ́A}XJ[hT[oɃOC "/sbin/lsmod" R}h
  s܂BA[hĂ锤 "ip_masq_ftp" W[
  ȂȂA ``IP tH[fBO|V[ݒ肷'' ̏͂Ő
  Ă{I /etc/rc.d/rc.firewall ɏ]Ă邩m߂Ă
  BAƎ̃[ZbggĂȂA HOWTO ̗ɂwǂ
  [܂܂Ă邩ǂmFĂBȂƂ܂ł
  R̖Ɍ邱ƂɂȂ܂B

  7.17.  IP }XJ[hx悤Ɍ܂B

  ɂ͊̌l܂ -

  o  Ȃ̓f\Ɍȏ̂̂҂Ă邩܂BW
     I 56K ̃fڑɂČvZĂ݂܂B

     1. 56k fłAb 56,000 rbg̃f[^xɂȂ܂B

     2. ۂɂ͕č FCC ̐ɂ 56K ̃fł͂Ȃ 52k ̃f
        Ă邱ƂɂȂ܂B

     3. łۂ͂قƂ 52K Őڑł邱Ƃ͂܂B͕i
        48K ȉłȂ܂B

     4. b 48,000 rbgƂƂ͖b 4,800 oCgłB (8rbg
        1 oCgŁA RS232 VArbg͊JnrbgƏIrbg 2
        rbgKvłB)

     5. MTU  1500 ̂ƂA 1 bԂ 3.2 pPbg󂯎܂B̓t
        Oe[V܂ނ̂ŁA 1 bԂ 3 pPbgɐ؂̂Ă
        ܂B

     6. ܂ MTU  1500 ƁȀꍇ 3.2 x 40 oCg (8%)  TCP/IP
        ̃I[o[wbh܂B

     7. ]āA҂łōf[^]\͂́Ak4.68KB/s 
        B v.42bis n[hEGAkA MNP5,  MS/Stac kňk
        ꍇAeLXgt@Ĉ悤ȍkɌf[^ł͈ۓI
        ȒloĂ܂Aۂ ZIP  MP3 ̂悤ȁAɈk
        t@C̓]ł͒xȂĂ܂܂B

  o  C[TlbggƂ̐ݒ (DSL, P[uf, LAN )

     o  ƊÕlbg[N̗ "IP Alias" ̋@\ 1 ̃lb
        g[NJ[hœ삵ĂƂƂȂǂmFĂ
        BȂĂƁA삵Ă͂̂́ȀՓ
         IRQ ̎gpɂĂƂĂȂxȂ܂Bʂ̃lbg
        [NJ[h肵āAlbg[NƊOlbg[NeX
        ̃C^[tF[X悤ɂ邱Ƃ߂܂B

        C[Tlbgݒ̒ SPEED  DUPLEX ̗K؂ł邱Ƃ
        m߂ĂB

        o  10Mb/s C[TlbgJ[hAwǂ 100Mb/s J[h̒ɂ́A
           Sdڑy: Full DuplexzT|[g܂BC[Tlb
           gEJ[h DSL fւ̐ڑ (Ԃ̃nûȂꍇ) ́A
           DSL fSdT|[gĂꍇ̂݁Aݒ肷
           Ƃł܂B܂gpĂ 8 {̃C[SĂ
           Ăǎ̃C[TlbgP[ug悤S|Ă
           B

        o  nuglbg[N͑Sdy: Full Duplexz@\
           g܂BSdʐM@\gɂ 10Mb/s ܂ 100Mb/s
           ̃C[TlbgXCb`y: XCb`OnuzgKv
           ܂B

        o  C[TlbgJ[h 10/100Mb/s SPEED lSVG[V
           ƑSd/dlSVG[V̑oAlbg[N̔j
           NƂ܂Bł NIC  speed  duplex 
           ƂJ[lE\[Xɐݒ𒼂ɏ (n[hR[h)
           Ƃ߂܂B́ALinux NIC J[lEW[
           ͒ڐݒ\Ȃ̂łAJ[lW[g킸hCo
           𒼂ɑgݍނ悤ݒ肵ăRpCꂽJ[l (m
           VbNEJ[l) ɂĂ͒ڐݒ\ł͂܂B
           ꍇA ``''  MII utilities gA܂̓J[l\[
           Xɐݒ𒼂ɏޕKv܂B

  o  MTU œKAȂƂ 8192  TCP Sliding window Zbg
     B

     o  Sɂ͈̔͊̕OȂ̂łA PPP, C[Tlbg,
        TokenRing A܂͊OɎĂSẴlbg[NE
        Nǂ܂B̃gsbN̏ڍׂ́AL ``MTU 
        '' ̍ڂ̒ŊȌɐGĂ܂BXɂƏڂ
        TrinityOS - Section 16  lbg[N̍œK (Network
        Optimization) ̏͂`FbNĂB

  o  PPP gĂVAf̃[U

     o  OfgĂȂA悢VAP[ugĂ邱
        m߂ĂBɁA PC ́A}U[{[h I/O
        J[hVA|[gRlN^܂ł𕽂ׂ{EP[u
        ŐڑĂ܂B炪΁Aꂪ悢Ԃł邱Ƃm
        ߂ĂBlIɁA͑SẴ{EP[û܂ɃtF
        CgERA(DF̋IȃO)tĂ܂B

     o   HOWTO  FAQ ZNV̏̂قɋLڂꂽ悤 MTU 
        1500 ɃZbgĂ邱Ƃm߂ĂB

     o  VA|[g 16550A 邢͂ǂ UART ł邱Ƃm
        ߂ĂB ׂɂ "dmesg | more" R}hs
        B

     o  VA|[g IRQ ̐ݒ

        o  قƂǂ PC n[hEGA Craig Estey  IRQTUNE
           <http://www.best.com/~cae/irqtune/> tool g SLIP  PPP
           ڑ܂ރVA|[g̐\𒘂コ܂B

     o  PPP ڑp̃VA|[g 115,200 bpsi ISDN ^[~iA
        _v^̂悤ȁAfƃVA|[g̗ꍇ́A
        葁xjœ삵Ă邩mFĂB

        o  2.0.x J[l - 2.0.x J[lł͒ 115200 ɃVA|[
           gݒ肷邱ƂłȂ̂ŁAȂ肩܂BႦ
            COM2 ɐڑꂽf̏ꍇ /etc/rc.d/rc.local 
           /etc/rc.d/rc.serial ̂悤ȋNXNvgt@C̒ŁA
           ̂悤ȃR}hs܂ -

           o  setserial /dev/ttyS1 spd_vhi

           o  PPPd XNvg̒ŁApppd  man y[Wɏ] speed
              "38400" ܂ނ悤Ɏۂ pppd sCҏWĂ
              B

        o  2.2.x J[l - 2.1.x  2.2.x ̃J[l͗ 2.0.x J[
           lƈႢA "spd_vhi" ͂܂B

           o  ł̂ŁA PPPd XNvg pppd  man y[Wɏ]A
              "115200" ̃VA]x܂ނ悤Ɏۂ pppd R}
              hCҏWĂB

  o  All interface types:

  7.18.  PORTFW  IP }XJ[hŎgĂ܂ACԑ҂
  Ԃ ȂƐ؂Ă܂܂B

  DSL P[uf̃[UȂ΁As^ɂ̌ۂ͔ɈʓI
  B{IɋNĂ邱Ƃ́A ISP ͎gp̑̐ڑD悵ăT[
  rX邽߂ɁAȂ̐ڑDx̔ɒႢL[ɒǂĂ
  łB̓[U DSL P[ufڑ̃gtBbN
   ISP ̃n[hEGAN܂ł̊ԁAۂɃGh[U̐ڑg
  ȂȂĂ܂ƂłB

  o

  o  DSL ݔ̒ɂ́AgpĂȂڑؒfĂ܂ANCA
     gڑĂ邩ۂ 30 bɈxx`FbNȂ̂
     ܂B

  o  P[uf̐ݒɂẮAgpĂȂڑႢDx
     y: priority queuezɐݒ肵ANCAgڑĂ邩
      1 Ԃ 1 x`FbNȂ݂̂܂B

  ǂ炢ł傤?  30 bɈx ping ftHgQ[gEFC
  ܂傤Bɂ /etc/rc.d/rc.local t@CҏWAt@
  C̈ԉɈȉtĂB

  ______________________________________________________________________
           ping -i 30 100.200.212.121 > /dev/null &
  ______________________________________________________________________

  100.200.212.121 ̃ftHgE[^ (㗬̃[^) ɒu
  B

  y: ADSL ̓P[ufŃC^[lbgڑۂɁAvo
  C_玩IɃftHgQ[gEFCUꍇ́ÃAh
  Xڑ̓xɐύX\̂ŁAӂKvłBv
  oC_񎦂ڑɁAŒ̃ftHgQ[gEFCĂ
  ꍇ́ALŒ IP ̕@g܂AłȂꍇ́Aڑm̍
  ɎsVFXNvgAftHgQ[gEFC IP AhX
  EoāALR}hsȂ΂Ȃ܂Bz

  7.19.  IP }XJ[h𓮂Ƃł܂ASYSLOG ̃Ot@C
   ނ̖ȒʒmG[󂯎Ă܂B IPFWADM 
  IPCHAINS ̃t@CAEH[G[ǂǂ߂΂悢ł傤?

  炭AmFׂʎ܂ -

  o  }XJ[h - s TCP ̃`FbNTG[ - ̃G[́AC
     ^[lbg痈pPbg̃f[^ɃG[Ɍ
     ł傤AȊO̎Ɍ邱Ƃ͂Ȃł傤B Linux {bNX
     ̃pPbgMƂApPbg CRC vZăG[Ȃ
     m߂܂B}CN\tg Windows  OS ̃}Vł́APɃpPb
     ĝĂ邾łA Linux IP }XJ[h͂񍐂܂B
     AȂ PPP NőR̕񍐂󂯂悤ȂA悸 FAQ
     ̑O̕ɂ "}XJ[hx" ̍ɏ]ĂB

  o  L̑SĂsĂłȂꍇ́A /etc/ppp/options
     t@C "-vj" Ă PPPd ċNĂB

  o  t@CAEH[qbg - C^[lbgœKȃt@CAEH[
     ƁAȂƑ̐lXȂ Linux {bNXɐN悤Ƃ
     ɋł傤BāÃt@CAEH[EȎSĂ
     Ӗ̂ł傤?

     TrinityOS - Section 10
     <http://www.ecst.csuchico.edu/~dranch/LINUX/index-linux.html#TrinityOS>
     ̕ -

             ȉɋL[ZbgAt@CAEH[Eqbg̃OׂɁA
             DENY  REJECT ̍sɂ "-l" (IPCHAINSgꍇB͏
             "L") ܂ "-o" (IPFWADMgꍇ) tAɂЂ
             gtBbN͑SĈȉɎ SYSLOG bZ[Wt@Ĉꂩ
             o܂B

     y: ut@CAEH[Eqbgv(firewall hit) Ƃ́A DENY 
     REJECT [ɓKApPbg@ۂwĂ܂B
     K؂ȓ{󂪎vtȂƂƁǍɉxoė܂̂ŁA
     ē{ɂ܂łBz

                     Redhat:         /var/log
                     Slackware:      /var/adm

             ̃t@ĈꂩɋL^t@CAEH[EÓA
             ̂悤ɂȂł傤 -

             ---------------------------------------------------------------------
             IPFWADM:
             Feb 23 07:37:01 Roadrunner kernel: IP fw-in rej eth0 TCP 12.75.147.174:1633
                100.200.0.212:23 L=44 S=0x00 I=54054 F=0x0040 T=254

             IPCHAINS:
             Packet log: input DENY eth0 PROTO=17 12.75.147.174:1633 100.200.0.212:23
               L=44 S=0x00 I=54054 F=0x0040 T=254
             ---------------------------------------------------------------------

       ̂ 1 s̒ɑȐ񂪂܂B
       ̗قĂ܂傤B
       ̌ÃOt@CɋL^Ăt@CAEH[Eqbg
       ɖ߂āAǂ񂾂悤ɓǂݕςĂ݂ĂB
       IPCHAINS [U͒ړǂނƂł̂ŁA̗ IPFWADM ׂ̈
       ܂B

             --------------

             - ̃t@CAEH[̃qbg "Feb 23 07:37:01" ɐ܂B

             - ̃qbg "RoadRunner" Rs[^ւ̃qbgłB

             - ̃qbg "IP" ܂ TCP/IP vgRłB

             - ̃qbg t@CAEH[ IN ւ̃qbgłB ("fw-in")
                     *  "fw-out" OUT A "fw-fwd"  FORWARD ւ̃qbgłB

             - ̃qbg͂ŋi "rejECTED"j܂B
                     *  LOG  "deny" ܂ "accept"ƕ\܂B

             - ̃t@CAEH[Eqbg "eth0" C^[tF[X
               ̂łB (Internet link)

             - ̃qbg "TCP" pPbgłB

             - ̃qbg IP AhX "12.75.147.174" ̕ԐM|[g "1633" 
               ܂B

             - ̃qbg̓AhX "100.200.0.212" ̃|[g "23" Ȃ킿
               TELNET łB
                     *  23  TELNET |[gƒmȂȂ, /etc/services
                       t@Cőɂǂȃ|[ggĂ邩ĂB

             - ̃pPbg "44" oCg̒łB
             - ̃pPbgɂ "Type of Service" (TOS) Zbg
               ܂łB
                     --ꂪłȂĂSzv܂B.. mKv
                       ܂B
                     * ipchains [U TOS 𓾂ɂ́A 4 ŊĂB

             - ̃pPbg "IP ID" ԍ "18" Ă܂B
                     --ꂪłȂĂSzv܂B.. mKv
                       ܂B

             - ̃pPbgɂ "0x0000" ̃tO TCP/IP pPbg܂
               16bit fragment offset ݒ肳Ă܂B
                     --ꂪłȂĂSzv܂B.. mKv
                       ܂B
                     * "0x2..." ܂ "0x3..." Ŏn܂l "More Fragments" bit
                       ZbgĂāAꂽpPbg̑傫
                       pPbgɊׂ̕ʂ̃pPbg邱ƂӖ܂B
                     * "0x4..." ܂ "0x5..." Ŏn܂l "Don't Fragment" bit
                       ZbgĂ܂B
                     * ȊO̒l͌̑傫ȃpPbgČ邽߂ɌŎg
                      (8 Ŋꂽ) tOgItZbgłB

             - ̃pPbgɂ TimeToLive (TTL) Ƃ 20 ݒ肳Ă܂B
                     * pPbgC^[lbǧoHɂSẴ[^ʉ
                       y: hopzۂɁA̐ (1) ܂B
                      ʏApPbg (255) ƂŎn܂܂BĂ̐
                       (0) ɒBƁAۂ̓pPbgA폜邱ƂӖ
                       ܂B

  7.20.  C^[lbg[Uڂɓ}XJ[hENCAgƘA
   邱Ƃł悤 IP }XJ[hݒł܂?

  ͂!  IPPORTFW g΁AŜ͏̌܂C^[lbgz
  Xg}XJ[hڑꂽlbg[N̔Cӂ̃Rs[^ɐڑ
  ł悤ɐݒ肷邱Ƃł܂B̃gsbN͂HOWTO ``tH
  [_ (|[g]c[)'' ̏͂ŊSɖԗĂ܂B

  7.21.  SYSLOG t@C "kernel: ip_masq_new(proto=UDP): no free
  ports."  bZ[W܂B ǂ̂ł傤?

  lbg[Ñ}XJ[hĂRs[^ 1 AC
  ^[lbgɌĈُɑ傫Ȑ̃pPbg𔭐Ă܂B IP }XJ
  [hET[o}XJ[hEe[uāAC^[lbgɂ
  ̃pPbg]Ƃ̃e[u}ɏĂ܂Be[u
  tɂȂƂ̃G[܂B

  mĂ ꎞIɂ̏Ԃo̃AvP[V
  ́AQ[vO "GameSpy" łBȂł傤?  Gamespy ̓T[
  oXgăXgɂ邷ׂĂ̐̃T[o ping ł܂B
   ping łƂɂAɒZԓɐ̋}Ȑڑ
  ܂B IP }XJ[h ̃^CAEgɂẴZbV^CA
  Eg܂ŁA}XJ[hEe[u͖tɂȂ܂B

  ǂ炢ł傤?  Iɂ́Â悤ȃvOgp
  ƂłBO炱̂悤ȃG[ǍɂȂ
  vOāAĝ~߂ĂB{ GameSpy
  DȂAT[oEtbV͍sȂłBƂɂA
  ̃}XJ[hꂽvO̎s߂΁Ã}XJ[hEG
  [̓}XJ[hEe[u̐ڑ^CAEgɂARɉ
  B

  7.22.  IPPORTFW gƂ "ipfwadm: setsockopt failed: Protocol
  not available" ƂG[o܂B

  A "ipfwadm: setsockopt failed: Protocol not available" y:
  "ipfwadm: setsockopt s: vgR͖ł"zƂG[b
  Z[WoȂAVJ[l삵Ă܂BVJ[lɈ
  smFALILO ĎsĂxċNĂB

  ڂ ``tH[_ (|[g]c[)'' ̏͂̍Ō̂قĂ
  B

  7.23.  ( SAMBA ) - Microsoft t@Cƃv^p (File and Print
  Sharing)  Microsoft hCNCAg IP }XJ[hœ삵
  B Microsoft  SMB vgRK؂ɃT|[gɂ́A IP }XJ
  [hE W[Kv܂A3 ̎s\ȕ@
  ܂B ڍׂthis Microsoft KnowledgeBase article ĂB

  ŏ̕@ ``tH[_ (|[g]c[)'' ̏͂Qlɂ
  IPPORTFW ݒ肵A TCP |[g 137, 138, 139 Ԃ Windows }V
   IP AhXɃ|[gtH[h܂Bł삵܂A̕
  @ł͓lbg[Ñ}V̂ 1ł삵܂B

   2 ̉@́A Linux }XJ[hT[o Samba CXg[
  Aݒ肷鎖łB Samba 삷ȂA Samba T[oɓ
  Windows ̃t@Cƃv^̋L (Windows File and Print shares) 
  }bsOł܂BꂩV}Egꂽ SMB LASĂ̊O
  NCAgɃ}Egł܂B Samba ̐ݒ@ Linux
  Documentation Project ̒ɂ HOWTO ɂĊSɖԗĂA܂
  Ɠl TrinityOS ̕ɂ܂B

   3 ̉@́A2 ̃EChEY}VԂŁA 2 ̃lbg[N
  Ԃ VPN (zvCx[gElbg[N) `邱ƂłB
  PPTP oR IPSEC VPN ɂ@̂ǂłsƂł܂B
  Linux p ``'' pb`܂AIPSEC ̎ 2.0.x  2.2.x ̂
  ̃J[lł\łB̉@炭 3 ̑SẲ@̒
  ōłmōłSȕ@ɂȂł傤B

  ̉@̑SéA HOWTO ł͖ԗĂ܂B IPSEC 
  wv TrinityOS ̕ĂBXɑ̏𓾂ȂA
  JJohn Hardin  PPTP ̃y[WĂB

  ܂A Microsoft  SMB vgR̓ZLeBɖ肪邱
  𗝉ĂB̂߁A Microsoft t@Cƃv^̋L
  (File and Print sharing)  Windows hCOCAC^[lbg
  ňÍȂgtBbN̂܂܎gƂ͔Ɋ댯łB

  7.24.  ( IDENT ) - IRC }XJ[hENCAg IRC [Uł
   삵܂B Ȃł傤?

  ł\́A Linux fBXgr[Vɂċ
  ʂɑĂ IDENT, Ȃ킿 "Identity" T[óA IP }XJ[
  hENɑΏłȂƂłBłSz͖płB Linux œ삷
  AɑΉł IDENT vOɂ܂B

  ̃\tgEFÃCXg[͂ HOWTO ͈̔͊OłBAe
  c[ɂׂ͂̈̕܂BɁA URL Љ܂
  -

  o  Oident <http://freshmeat.net/projects/oidentd/homepage/> ́A}XJ
     [hE[UCɓ IDENT T[ołB

  o  Mident <ftp://ftp.code.org/pub/linux/midentd/> ͐lĈ
      IDENT T[ołB

  o  Sident <http://insecurity.net/sidentd.gz>

  o  Other Idents
     <ftp://sunsite.unc.edu/pub/Linux/system/network/daemons/>

  T[o Ident 𓾂ă[UقȂĂƒmĂAzXg
  ̑dڑƂȂ̃C^[lbg IRC T[o
  ƂɒӂĂBT[õVXeǗ҂ɋĂB
  :)

  7.25.  ( DCC ) - mIRC  DCC M삵܂B

   mIRC ̐ݒ̖łBɂ́Aŏ mIRC  IRC
  T[oؒfĂBꂩ mIRC ŁA File  Setup Ɛi݁A
  IRC servers ^uNbN܂B|[g 6667 ݒ肳Ă邱Ƃm
  ߂ĂB̃|[gvȂq̋LڂQƂĂB
  ɁA File   Setup  Local Info JāA Local Host  IP
  Address ̃tB[hNAĂB "LOCAL HOST"  "IP
  address" ̃`FbN{bNXI܂B ( IP address ̓`FbNł
  邩܂񂪖ɂȂ܂B)  "Lookup Method" ̉
  "normal" ɐݒ肵܂B "server" IĂƓ삵܂B
  ꂾłB IRC T[oɍĂьqł݂ĂB

  y: mIRC   ɂA Windows n OS ́AVFAEFA IRC N
  CAgłBȂA҂_E[hĎpĂ݂܂A{
  ̕\͂ł܂łBz

   6667 ȊO (Ⴆ6969) IRC T[õ|[gvȂAIRC }
  XJ[hEW[[hׂɁANt@C
  /etc/rc.d/rc.firewall ҏWKv܂B̃t@C
  "modprobe ip_masq_irc" ̍s "ports=6667,6969" ǉ܂BXɁAJ
  }ŋ؂ă|[g̎wǉł܂B

  ŌɁASẴ}XJ[h}V̑SĂ IRC NCAgؒf
  āA IRC }XJ[hEW[[hĂ -

  /sbin/rmmod ip_masq_irc /etc/rc.d/rc.firewall

  7.26.  ( IP Aliasing ) - IP }XJ[h1̃C[Tlbg lbg
  [NJ[hœ삵܂?

  u͂vƂuvƂ܂B[U̓J[l "IP Alias" @\
  gāA eth0:1, eth0:2 ̂悤ɕʖgd̃C^[tF[X
  ݒł܂BA IP }XJ[h̕ʖC^[tF[XɎg
  Ƃ͂E߂܂B̂ȂAP NIC J[hł͈Sȃt@CA
  EH[񋟂邱ƂɍɂȂ܂BɉāAė
  pPbgقƂǓɔ̂ŁÃNňُȗʂ̃G[
  oł傤B̗RƁA݂ NIC J[h $10 ̉ił
  A͂ꂼ̃}XJ[hڑꂽlbg[NEZOg
  1  NIC ɓ邱Ƃ߂܂B

  ܂IP}XJ[h eth0, eth1 ̂悤ȕIȃC^[tF[Xł
  삵ȂƎvĂB "eth0:1, eth1:1, Ȃ" ̕ʖC^[
  tF[XgĂ}XJ[h͓삵Ȃł傤Bւ΁Aȉ
  ̂悤Ȃ͓̂삵܂ -

  o  /sbin/ipfwadm -F -a m -W eth0:1 -S 192.168.0.0/24 -D 0.0.0.0/0

  o  /sbin/ipchains -A forward -i eth0:1 -s 192.168.0.0/24 -j MASQ"

  łʖC^[tF[Xɂ܂Ă̂łAJ[l
   "IP Alias" @\LɂKv܂B̌AăRpCA
  u[g܂BxVJ[lsƁAVC^[tF[X
  (܂ /dev/eth0:1 Ȃ) gp邽߂ Linux ̐ݒ肪KvɂȂ
  B̌͏L̂悤Ȋ̐܂Aʏ̃C[TlbgE
  C^[tF[X̂悤ɈƂł܂B

  7.27.  ( MULTI-LAN ) -  2 ̃}XJ[hꂽ LANĂ܂
  A݂͌ɒʐMł܂B

  ڍׂ ``̓lbg[Nւ IP }XJ[h'' ĂB

  7.28.  ( SHAPING ) - ́Ã^CṽgtBbN̑x𐧌
  Ǝv܂B

  ̃gsbN͎ۂ IP }XJ[hƂ͊֌WȂALinux J[lɑg
  ܂ĂgtBbNVF[sOƃ[g@\SĂs܂B
  ڍׂ̓J[l\[Xc[ɂ
  /usr/src/linux/Documentation/networking/shaper.txt ĂB
  y: ugtBbNVF[sOv́AJ[l Traffic Shaper
  (CONFIG_SHAPER) ƂXCb`Ŏw肳@\ŁAʂɃlbg[N@
  ̏o͑ōs@\w܂Bu[gvƂt́AL
  ł̃lbg[N̑ш搧ZpŜwAOq̃gtBbNVF[s
  OłȂA̓Iɂ̓|VOL[̃}lWgAXPW[
  Ő@\܂܂܂Bz

  ɊւāAIPROUTE2 ׂ̈ ``2.2.x J[l̕Kv'' ̏͂̉
  ɁA URL ܂ޑ̏񂪂܂B

  7.29.  ( ACCOUNTING ) -  ͒Nlbg[NgpĂ邩ɂ
  ǗKv܂B

  IP }XJ[hłł邱Ƃ͂͂܂񂪁AɊ̃A
  CfA܂BAƗǂ@mĂȂA HOWTO
  ̒҂Ƀ[𑗂ĂB΁AHOWTO ɍڂ܂B

  o  ACfA #1 - C^[lbg֏oĂ www gtBbNSċL^
     ƌƂłˁBt@CAEH[E[Ɂu|[g 80 Ԃ
     ACCEPT vƐݒ肵āA SYN rbgݒ肳ꂽgtBbNOL^
     悤ɐݒł܂BA͔ɑ傫ȃOt@C쐬
     邱ƂɒӂĂB

  o  ACfA #2 - "ipchains -L -M" R}h 1 bԂɈxsA
     ̃Gg[̑SĂOL^܂傤B̌ȀЂƂ
     ̑傫ȃt@C֍vO܂傤B

  7.30.  ( MULTIPLE IPs ) -  ̊O IP AhXgāA
  ̓}V PORTFW ̂łǂ̂悤ɂ̂ł傤B

  ł܂B}XJ[h 1Α NAT ZbgAbvłBȂ{
  Ă悤ȃc[ł͂܂BȂ{Ă̂͑Α NAT
  ɂ@ŁA] NAT ZbgAbvłBȂKvȂ̂
  IPROUTE2 c[ŁAڂ FAQ ̏͂ ``gtBbNVF[sO'' 
   IPROUTE2 ɊւӏĂB

  1 ̓ NIC  "IP Alias" gĕ IP AhXɂAĂ
  炷ׂẴ|[g (0-65535) |[gtH[hAIPROUTE2 gēK
  ȃ\[X^fBXeBl[V IP yAێ邱ƂlĂl
  ̉񓚂ɂȂ܂B̓J[l 2.0.x ł܂AJ[l 2.2.x 
  肤܂܂B̐ɂ炸Â肩͂s
  K؂ȕ@łȂAT|[gꂽ}XJ[h̎gł͂܂
  BIPROUTE2 Ă.. { NAT s@܂B

  ܂̒ӂł -

  AubWꂽ DSL P[uEf (PPPoEł͂Ȃ)gĐ
  Ă΁AȂ̍\ł͌oH߂Ȃ̂ŁAȂ
  BłSz͂܂B LDP  "Bridge+Firewall, Linux
  Bridge+Firewall Mini-HOWTO" `FbNĂB Linux {bNX
  ̃C^[tF[XŁA IP AhXT|[g@
  Ăł傤B

  7.31.  ̓}XJ[hꂽڑׁA NETSTAT R}h g
  Ƃ܂Aꂪ삵Ă܂B

  2.0.x x[X Linux fBXgr[VɊ܂܂ "netstat" vO
  ɖ肪邩܂B Linux u[gA"netstat -M"
  NƁA܂삵܂BA}XJ[hꂽRs[^
   ping  traceroute ̂悤ȁA ICMP gtBbN𔭐ɁAȉ
  ̂悤ȃG[邩܂ -

  masq_info.c: Internal Error `ip_masquerade unknown type'.

  ̂߂̑֎i "/sbin/ipfwadm -M -l" R}hgp邱Ƃ
  B܂xXgꂽ ICMP }XJ[hEGg^CAEg
  ƁA "netstat" ͍Ăѓ삷邱ƂɋCtł傤B

  7.32.  ( VPNs ) - Microsoft PPTP (GRE tunnels) ܂ IPSEC (Linux
  SWAN) gl IP }XJ[h ʂĎĝłB

  ͉\łB͈͑̔͊̕OłAڂ John Hardin
   PPTP Masq y[W`FbNĂB

  7.33.  XYZ lbg[NEQ[ IP }XJ[h ʂĎĝ
  A ܂܂B!

  ܂ASteve Grevemeyer's MASQ Applications page
  <http://www.tsmservices.com/masq> `FbNĂB@
  ɂȂALINUX J[l Glenn Lamb  LooseUDP
  <ftp://ftp.netcom.com/pub/mu/mumford/loose-udp-2.0.36.patch.gz> pb`
  𓖂ĂĂB͂̕ ``'' ̏͂̒ɖԗĂ܂B
  Ƒ̏ Dan Kegel  NAT Page
  <http://www.alumni.caltech.edu/~dank/peer-nat.html> `FbNĂ
  B

  ZpIɋȂA"tcpdump" vOgāAȂ̃lb
  g[N`Ă݂ĂB XYZ Q[gĂvgR
  ƃ|[gԍoĂB̏AIP Masq [
  OXg {āAׂʂ[ďĂĂ
  B

  7.34.  IP }XJ[h ͎b̊Ԃ͂܂삵܂B ǍA
  삵ȂȂ܂B ċNƎb̊Ԃꂪꂽ悤Ɍ
  B Ȃł傤?

  Ȃ IPAUTOFW gĂ邩A͂J[lɃRpCĂ
  邱Ƃɓq܂傤BˁAȂł?   IPAUTOFW Ɋւ
  m̖łB Linux J[l IPAUTOFW gȂŁA
  IPPORTFW gĂBڍׂ ``tH[_ (|[g]c[)''
  ̏͂̒ŖԗĂ܂B

  7.35.  lbg[Ñ}XJ[hĂRs[^ SMTP 
  POP-3 [𑗂Ă܂!

  ̓}XJ[fBO̖ł͂Ȃ̂łA̐lȂ
  ŁAy܂B

  SMTP - ́A炭 SMTP pT[oƂ Linux {bNXgpĂ
  Aȉ̃G[Ă̂ł͂Ȃł傤 -

       "error from mail server: we do not relay" ([T[õG[ -
       ]ł܂B)

  Sendmail ̂Vo[W⑼̃[]G[WFg (MTA) T[
  óAftHgŒp֎~Ă܂B(͂悢Ƃł) ]āA
  邽߂ɉLsĂ -

  o  Sendmail - /etc/sendmail.cw t@CҏWāÃt@CɃlb
     g[Ñ}XJ[hĂRs[^̃zXgyуh
     CāA}XJ[hĂ}Ṽ[̒p
     ĂBX /etc/hosts t@C̒ IP AhXy FQDN
     (zXgƃhCSɋLqꂽO) ݒ肵Ă邱Ƃ
     `FbNĂBIA̐ݒt@Cǂݍވׂ
     sendmail ċNKv܂B TrinityOS - Section 25
     <http://www.ecst.csuchico.edu/~dranch/LINUX/index-
     linux.html#TrinityOS> ̒ŖԗĂ܂B

     POP-3 - 郆[U̓lbg[Ñ}XJ[hĂR
     s[^ POP-3 NCAgAO SMTP T[o֐ڑ
     ɐݒ肵܂BڑĂԁA SMTP T[o̓|[g 113
     ʂĂ̐ڑ IDENT ݂ł傤Bōł肪Ȗ
     ́AftHg̃}XJ[hE|V[ DENY ɐݒ肳Ă邱
     łB͗ǂ܂B REJECT ɂāArc.firewall [
     ZbgĎsĂB

  7.36.  ( IPROUTE2 ) - ́AOɏo邽߂̈قȂO IP AhXA
  Ȃ }XJ[hlbg[N̊eXɊ蓖ĂKv܂B

  ̖ƂƂł - ̓lbg[NƍX
  ̊O IP AhX܂̓lbg[NĂ܂B肽Ƃ
  LAN #1 ͊O IP #1 gpALAN #2 ͊O IP #2 gp
  邱ƂłB

   LAN  -%#045;-------->  IP

  LAN #1                 O IP #1 192.168.1.x      -->
  123.123.123.11

  LAN #2                 O IP #2 192.168.2.x      -->
  123.123.123.12

  {IɁAŋLq͈̂AhXɂ郋[eBO (T^I
  IP [eBO) łȂAMAhXɊÂẴ[eBO
  ĂłB͈ʓI "policy-based routing" y: |V[Ɋ
  Â[eBOz 邢 "source routing" y: M[eB
  OzƌĂ΂܂B̋@\̓J[l 2.0.x ł͒񋟂Ă܂
  AJ[l 2.2.x ł IPROUTE2 pbP[WɂĒ񋟂Ă܂B
  Ă IPTABLES gVJ[l 2.4.x ɂ͑gݍ܂Ă
  B

  悸A IPFWADM y IPCHAINS ͗A[eBOVXe󂯎
  pPbgǂׂ֑肵 *ɂȂ* ߂Ċ֗^̂
  ƂƂ𗝉Ȃ΂Ȃ܂B̓̎dǵ݂ASĂ
  IPFWADM/IPCHAINS/IPMASQ ̕ɑ傫ȐԂX^vŉقǁA{
  ɏdvȂƂłB̗ŔA[U͍ŏɃ[eBO𐳂ݒ肵
  Ȃ΂Ȃ炸Ǎ IPFWADM/IPCHAINS y/̓}XJ[h@\
  ǉn߂邱Ƃł邩łB

  ƂɂAɎꂽ̃P[XɂẮA[eBOVXe
  192.168.1.x ̃pPbg 123.123.123.11 oRɁA 192.168.2.x 
  ̃pPbg 123.123.123.12 oRƂȂ悤ɂKv܂B
  ŁA[eBOȂ΂̏Ƀ}XJ[h
  ̂͊ȒPłB

  ̋C܂ȃ[eBOs߂ɁAIPROUTE2 gp܂B̋@
  \͑S IP }XJ[hƊ֌WȂ̂ŁAHOWTO ͂̃gsbN
  قǏڂԗ܂B̃gsbNɂĂ ``2.2.x J[l̕K
  v'' ɂ銮S URL ƕĂB

  "iprule"  "iproute" R}h "ip rule"  "ip route" R}hƓ
  łB (͌Ղ̂őO҂̂قDłB) L̃R}h͑S
  ĊSɂ͎Ă܂Bꂪ삵ȂꍇA IPROUTE2 ̒҂
  AƂĂ..͑S IP }XJ[fBOƊ֌W܂
  ̂ŁADavid Ranch  IP }XJ[hE[OXg̒NƂ֌W
  ܂B

  ŏ̂̃R}h͋NɈxsKv邾ł
  ŁA /etc/rc.d/rc.local t@C̒ɋLq܂B

       # LAÑ݂[eBO\ɂ܂B
         /sbin/iprule add from 192.168.0.0/16 to 192.168.0.0/16 table main pref 100
       # ׂĂ̑ 192.168.1.x ̃gtBbN͊OłAe[u 101 ɂĈB
         /sbin/iprule add from 192.168.1.0/24 to 0/0 table 101 pref 102
       # ׂĂ̑ 192.168.2.x ̃gtBbN͊OłAe[u 102 ɂĈB
         /sbin/iprule add from 192.168.2.0/24 to 0/0 table 102 pref 102

       eth0 ݒ肳Ă鎞ɁÃR}hsKv܂B
       Redhat VXeł́A炭 /etc/sysconfig/network-scripts/ifup-post
       ̒ŋLq邱ƂƂȂł傤B
       ꂪ삷邱Ƃm߂邽߂ɍŏ͕K蓮ōsĂB

       # e[u 101 ́A蓖ĂꂽpPbgׂ 123.123.123.11 oRɎw܂B
         /sbin/iproute add table 101 via 62123.123.123.11
       # e[u 102 ́A蓖ĂꂽpPbgׂ 123.123.123.12 oRɎw܂B
         /sbin/iproute add table 102 via 62123.123.123.12

       ̒iKł́A192.168.1.x O̐Eւ̃pPbg 123.123.123.11 oRĂA
       192.168.2.x ̃pPbg 123.123.123.12 oRĂ邱ƂmĂĂB

       [eBOmɂȂAx͂ǂ IPFWADM 邢 IPCHAINS
       [邱Ƃł܂B
       ̗ IPCHAINS pł -

       /sbin/ipchains -A forward -i ppp+ -j MASQ

       ׂĂ̐ݒ肪ĂꍇA}XJ[hER[h̓pPbg 123.123.123.11 
       123.123.123.12 oRɃ[eBOĂ邱ƂāA}XJ[h
       MEAhXƂẴAhXgp܂B

  7.37.  ȂV 2.1.x y 2.2.x J[ĺAIPFWADM ̑
  IPCHAINS ĝł?

  IPCHAINS  IPFWADM ĂȂ̋@\T|[g܂B -

  o  "T[rX̎ " (QoS  T|[g)

  o  IPFWADM ̂悤Ȑ`VXeɑ΂āAc[`̃`FCVXe
     łB(Ⴆ΁A IPCHAINS ́uꂪ ppp0 ł΁A (قȂ郋[
     Q܂ł)̃`FCɃWvBv̗lȂƂł
     B)

  o  IPCHAINS ͐ݒ肪_łBႦ΁A("insert" y: }z
     "add" y: ǉzɉ) "replace" y: uzR}h
     Ă܂BɃ[ے肷邱Ƃł܂B (Ⴆ΁Au
     ̃lbg[Nœo^ς݂ IP AhX甭̂ł͂ȂO
     ̃pPbgSĔp܂BvƐݒ肷΁AȂ͑㗝U
     ɂ͂Ȃ炸ɍς݂܂B)

  o  IPCHAINS͒PȂTCP, UDP, ICMP łȂACӂ IP vgR
     IɃtB^ł܂B

  7.38.  J[l 2.2.x ɃAbvO[hA IP }XJ[h 
  ȂȂ܂BȂł傤?

  IP }XJ[hsĂ Linux }VAɃC^[lbg LAN
  ɐڑĂ̂ł΁Aȉ̍ڂ`FbNĂ݂Ă
  -

  o  Kvȋ@\ƃW[RpCA[hĂ邱Ƃm
     ߂ĂBڂ́AȌ͂̕ĂB

  o  /usr/src/linux/Documentation/Changes `FbNāAŒKv
     lbg[N֌W̃c[CXg[Ă邱Ƃm߂Ă
     B

  o   HOWTO  ``IP }XJ[h̃eXg'' ̏͂̒ɂ邷ׂẴe
     Xgɏ]mFĂB

  o  IP }XJ[hƃt@CA[EH[E[ݒ肷邽߂
     ipchains <http://netfilter.filewatcher.org/ipchains/> gȂ
     ΂Ȃ܂B

  o  W IPAUTOFW y IPPORTFW |[g]vO IPMASQADM
     <http://juanjox.kernelnotes.org/> ɒu܂BJ[l
     ̃pb`𓖂āAJ[lăRpCAV IPMASQADM
     c[RpCAAɌÂ IPAUTOFW/IPPORTFW t@CA
     EH[E[ZbgV\ɕϊKv܂B
     ́A ``tH[_ (|[g]c[)'' ̏͂ŊSɖԗĂ
     B

  o  SĂ̐ݒx蒼Ă݂܂傤!  ̖wǂ̓R}h̑
     ԈႢPȃ~X̌łB
  7.39.  J[l 2.0.38 (邢͂ȍ~) ɃAbvO[hA
  IP }XJ[hȂȂ܂BȂł傤?

  IP }XJ[hsĂ Linux }VAɃC^[lbg LAN
  ɐڑĂ̂ł΁Aȉ̍ڂ`FbNĂ݂Ă
  -

  o  Kvȋ@\ƃW[RpCA[hĂ邱ƂmF
     ĂBڂ́AȌ͂̕ĂB

  o  /usr/src/linux/Documentation/Changes `FbNāAŒKv
     lbg[N֌W̃c[CXg[Ă邱Ƃm߂Ă
     B

  o   HOWTO  ``IP }XJ[h̃eXg'' ̏͂̒ɂSẴeX
     gɏ]mFĂB

  o  IP }XJ[hƃt@CAEH[E[ݒ肷邽߂ɂipfwadm
     <http://www.xos.nl/> gȂ΂Ȃ܂B IPCHAINS g
     ̂ȂAJ[l 2.0.x Ƀpb`𓖂ĂKv܂B

  o  SĂ̐ݒx蒼Ă݂܂傤!  ̖wǂ̓R}h̑
     ԈႢPȃ~X̌łB

  7.40.  EQL ڑ IP }XJ[hĝłB

  EQL  IP }XJ[h́A悭 Linux {bNXőgݍ킹܂
  A͑S֌W܂B EQL KvȂARobert Novak's EQL
  HOWTO ̍ŐVo[W`FbN邱ƂE߂܂B

  7.41.  IP }XJ[h삵Ă܂! Windows vbgtH[
  ł̑I͂܂?

  Œ̃n[hEFAœ삵At[ŐMA\ȉ@
  ߂āAdn[hEFAKvƂA\̒ႢȀMȂ@
  ׂ̈ɋ𕥂̂ł? (͎̌lIȈӌłBܘ_Aۂ
  ̂悤ȌoƂ܂ ;-)

  ł傤AȂKvƌȂd܂B Windows NAT
  y/ vLVɂ]ނ̂ȂAɒxǂꗗ
  B͂̃c[Ɋւč܂ŎgƂȂ̂ŁA̍D
  ͂킩܂B

  o  Firesock (Trumpet Winsock̃[J[)

     o  Does Proxy

     o  http://www.trumpet.com.au

  o  Iproute

     o  286+ NX̃Rs[^œ悤ɐ݌vꂽ DOS vOB

     o  Linux }XJ[ĥ悤ȑ̃{bNXKvƂB

     o  http://www.mischler.com/iproute/

  o  Microsoft Proxy

     o  Windows NT Server Kv

     o  ɍ

     o  http://www.microsoft.com

  o  NAT32

     o  Windows 95/98/NT Rp`u

     o  http://www.nat32.com

     o  Win9x p͖ $25 Win9x  WinNT p͖ $47

  o  SyGate

     o  http://www.sygate.com

  o  Wingate

     o  vLV@\

     o  i 2-3 NCAgp $30

     o  http://www.wingate.com

  o  Winroute

     o  NAT @\

     o  http://www.winroute.cz/en/

  Ō "MS Proxy Server", "Wingate", "WinProxy" ŃEFuT[`
  Awww.winfiles.com <http://www.winfiles.com> ɍsĂ݂ĂB
  łA΂ɒNɂƌȂłB

  y: {ł BlackJumboDog Lł傤Bz

  7.42.  IP}XJ[hJɋ͂̂łAł܂?

  Linux IP }XJ[hJ҃[OXgɎQāAȂ̂ł
  ƂJ҂ɐq˂ĂBXgւ̎QɂĂ̂ڍׂ́AFAQ
  ̏͂ ``IP }XJ[hE[OXg'' `FbNĂB

   IP }XJ[h̊JɊ֌WȂ͂Ȃł!!!!

  7.43.  IP }XJ[h̏񂪂Ɨ~̂łB

  IP }XJ[hɊւ葽̏ David Ranch ǗĂ
  Linux IP }XJ[h̏ <http://ipmasq.cjb.net/> Ō
  B

  ܂ TrinityOS Ƒ Linux ̕܂܂Ă Dranch's Linux page
  <http://www.ecst.csuchico.edu/~dranch/LINUX/index-linux.html> ɂāA
  葽̏܂B

  IP }XJ[h[OXg񋟂Ă Indyramp Consulting 
  Ă The Semi-Original Linux IP Masquerading Web Site
  <http://www.indyramp.com/masq/> łAƑ̏
  傤B

  Ō IP }XJ[h[OXg̃A[JCu IP }XJ[hJ
  ҃[OXg̃A[JCu̒̎{Ƃł܂
  Ã[OXgɎ邱Ƃł܂Bڍׂ FAQ 
  ``IP }XJ[hE[OXg'' `FbNĂB

  7.44.   HOWTO ʂ̌ɖ|󂵂̂łAǂ΂ł
  ?

  󂻂Ƃ錾ł̖|A܂NoĂȂƂmFĂ
  BA|󂳂ꂽ HOWTO ̖wǂ͍ÂȂĂāAXVKv
  ܂B݂ HOWTO |̈ꗗ Linux IP }XJ[h̏
  <http://ipmasq.cjb.net/> Ō܂B

  |󂵂 IP }XJ[h HOWTO ̌o[W̃Rs[
  ΁A Linux IP }XJ[h̏ <http://ipmasq.cjb.net/> 
  IP }XJ[h HOWTO  SGML R[h̍ŐVł_E[hĂ
  BAǂ SGML R[fBOێȂ|i߂Ă
  B SGML Ɋւ葽̃wvɂẮAwww.sgmltools.org
  <http://www.sgmltools.org> `FbNĂB

  7.45.   HOWTO ͌ÂȂĂ悤Ɍ܂A܂ێ炵
   ܂? ...ɊւǉĂ炦܂?  HOWTO 
  P\͂܂?

  ͂A HOWTO ͕ێ炳ꑱĂ܂B߂ȂBߋɎ
  2 ̎dŖZ߂āẢɔ₷Ԃꂸɂ܂B v1.50
  ̎_ŁA David Ranch ͕啝ɉÂ݂̂ɂȂĂ
  B

  HOWTO ܂߂悢ƎvgsbN΁A ambrose@writeme.com
  y dranch@trinnet.net Ƀ[𑗂ĂBڂ񋟂
  ĂƂƂłˁB̌Ȁ񂪓K؂ł邱Ƃ킩A
  ܂eXgŊmFł HOWTO ֊܂߂܂B͂Ɋӂ܂!

  B͂ HOWTO P邽߂̃ACfAƌvĂ܂B̒
  ɂ IP }XJ[hgAقȂlbg[ÑZbgAbvJo[
  P[XEX^fBA IPFWADM/IPCHAINS gt@CAEH[
  E[Zbgł̈SA IPCHAINS ̎gp@A葽 FAQ G
  g܂BȂ͂ĂȂA񂨊肢܂!
  X肢܂B

  7.46.  IP}XJ[h삵Ă܂B ͑f炵! ͂
  Ɋӂ̂łAłł傤?

  o  HOWTO ̂Vo[Wʂ̌ɖ|󂵂Ă܂񂩁B

  o  J҂ɊӂāA炪ɔ₵ԋyѓw͂]Ă
     B

  o  IP }XJ[hE[OXgɎQAVK̃}XJ[h[U
     xĂB

  o  փ[𑗂AȂǂȂɍKm点ĂB

  o  ̐lX Linux قǂāAނ炪ĂꍇAނ
     xĂĂB

  8.  ̑̏

  8.1.  Lpȏ

  o  Linux IP }XJ[h̏ <http://ipmasq.cjb.net/> ɂ IP }X
     J[h̐ݒɊւŐV̑SĂڂĂ܂B 2.0.x,
     2.2.x, ČÂ 1.2 J[lԗĂ܂!

  o  ݂ Linux IP }XJ[h̊Ǘ҂ł Juan Jose Ciarlante 
     WWW TCg <http://juanjox.kernelnotes.org> B

  o  IP }XJ[h[OXgA[JCu
     <http://www.indyramp.com/lists/masq> ɂ̓[OXgɓe
     ŐṼbZ[W܂B

  o  TrinityOS Linux y IP-MASQ-HOWTO ̍ŐVo[W܂ David
     Ranch  Linux web y[W
     <http://www.ecst.csuchico.edu/~dranch/LINUX/index-linux.html> B
      IPFWADM/IPCHAINS ̃[ZbgA PPP, Diald, P[uf,
     DNS, Sendmail, Samba, NFS, ZLeB́A IP MASQ Ɋւb
     ڂĂ܂B

  o  The IP Masquerading Applications page
     <http://www.tsmservices.com/masq>: Linux IP }XJ[fBOT[
     oœ삷邩A͓삷悤ɒĂAvP[V
     ̕IȃXgB

  o  MkLinux  IP Masq ݒ肷ȂA tarozax@earthlink.net  Taro
     Fukunaga Ƀ[āAނɂ邱 HOWTO  MkLinux o[W
     ZRs[肵ĂB

  o  IP masquerade FAQ <http://www.indyramp.com/masq/ip_masquerade.txt>
     ɂ͑SʓIȏ񂪊܂B

  o  Paul Russel  http://netfilter.filewatcher.org/ipchains/ ɂ
     IPCHAINS-HOWTO BĂ̌ÂobNAbv Linux IPCHAINS HOWTO
     ɂ܂B HOWTO ɂ IPCHAINS ̎gɊւ񂪖ڂ
     ĂA ipchains c[̃\[XR[hƃoCił܂B
     y: {

     ɂ܂Bz

  o  X/OS Ipfwadm page <http://www.xos.nl/linux/ipfwadm/> ɂ́A ipfwadm
     pbP[WɊւ\[XAoCiAyт̑̏񂪂
     B

  o  GreatCircle's Firewall mailing list 悭ǂŁAt@CA
     EH[̃[Zbgׂ̈̑f炵񌹂𓾂ĂB

  o  LDP Network Administrator's Guide
     <http://www.linuxdoc.org/LDP/nag/nag.html> ́Albg[N\z
     悤Ƃ Linux Ǘ҂̗ɂƂĕKg̕łB

  o  Linux NET-3-4 HOWTO
     <http://www.linuxdoc.org/HOWTO/NET3-4-HOWTO.html> ܂ Linux lb
     g[N\zAݒ肷ׂ́A̕IȕłB

  o  Linux ISP Hookup HOWTO <http://www.linuxdoc.org/HOWTO/ISP-Hookup-
     HOWTO.html> y Linux PPP HOWTO
     <http://www.linuxdoc.org/HOWTO/PPP-HOWTO.html> ́AȂ Linux
     zXgC^[lbgɐڑ@Ɋւ񋟂܂B

  o  Linux Ethernet-Howto <http://www.linuxdoc.org/HOWTO/Ethernet-
     HOWTO.html> ́AC[Tlbgœ삷 LAN ̍\zɊւǂ
     łB

  o  Donald Becker NIC hCoƃT|[g[eBeB
     <http://cesdis.gsfc.nasa.gov/linux/drivers/> y: L URI ͊
     ɃN؂łB݂́A Linux Network Drivers
     <http://www.scyld.com/network/> ɈړĂ܂Bz

  o  ƁALinux Firewalling and Proxy Server HOWTO
     <http://www.linuxdoc.org/HOWTO/Firewall-HOWTO.html> ɂ
     邱Ƃł傤B

  o  Linux Kernel HOWTO <http://www.linuxdoc.org/HOWTO/Kernel-
     HOWTO.html> ͂ȂɃJ[lRpC@𓱂Ă
     B

  o  L Kernel HOWTO ȊO Linux HOWTO ꗗ
     <http://www.linuxdoc.org/HOWTO/HOWTO-INDEX/howtos.html> ɂ
     ܂B

  o  USENET j[YO[vɓeȂ: comp.os.linux.networking

  8.2.  Linux IP }XJ[h̏

  Linux IP }XJ[h̏ <http://ipmasq.cjb.net/> ́A Ambrose Au
  ɂĊǗĂA Linux IP }XJ[hɔMS web TCg
  B IP }XJ[hɊւŐVƁA HOWTO Ɋ܂܂Ȃ
  fڂĂ܂B

  ȉ̏ꏊŁALinux IP }XJ[h̏񌹂܂ -

  o  vC}TCg - http://ipmasq.cjb.net/  http://www.e-
     infomax.com/ipmasq/ ֓]܂B

  o  ZJ_TCg - http://ipmasq2.cjb.net/ 
     http://members.home.net/ipmasq/ ֓]܂B

  8.3.  ӎ

  At@xbg -

  o  Gabriel Beitler, gabrielb@voicenet.com
     3.3.8  ̎M (Novell ̐ݒ)

  o  Juan Jose Ciarlante, irriga@impsat1.com.ar
     IPFWADM |[gtH[hc[ɂނ̌сAJ[l 2.1.x y
     2.2.x ̃R[hAIWi LooseUDP pb`B

  o  Steven Clarke, steven@monmouth.demon.co.uk
     ނ IPPORTFW IP |[gtH[_[c[ɂvB

  o  Andrew Deryabin, djsf@usa.net
     ނ ICQ MASQ W[ɂvB

  o  Ed Doolittle, dolittle@math.toronto.edu
     ZLeBP ipfwadm R}h -V IvV̒āB

  o  Matthew Driver, mdriver@cfmeu.asn.au
      HOWTO ̊g`ƋɁA 3.3.1  (Windows95 ̐ݒ) ̒
     B

  o  Ken Eves, ken@eves.com
     FAQ ɂA HOWTO ׂ̈̋Mdȏ̒񋟁B

  o  John Hardin, jhardin@wolfenet.com
     ނ PPTP y IPSEC tH[fBOc[B

  o  Glenn Lamb, mumford@netcom.com
     LooseUDP pb`B

  o  Ed. Lott, edlott@neosoft.com
     eXgꂽVXeƃ\tgEFA̒XgB

  o  Nigel Metheringham, Nigel.Metheringham@theplanet.net
     ނ̃o[W IP Packet Filtering and IP Masquerading HOWTO ̍v
     B HOWTO ǂAZpIɐ[ɎdグĂꂽB
     4.1, 4.2 ͋yт̑B
  o  Keith Owens, kaos@ocs.com.au
     4.2 ͂ ipfwadm ̑f炵̒񋟁B
     ZLeBz[ ipfwadm -deny IvV̏CAy
     IP }XJ[h ping ̏Ԃ𖾂炩ɂƁB

  o  Michael Owings, mikey@swampgas.com
     CU-SeeMe y Linux IP-Masquerade Teeny How-To ̏͂̒

  o  Rob Pelkey, rpelkey@abacus.bates.edu
     3.3.6 y 3.3.7 ͂̒ (MacTCP y I[vgX|[g̐
     )

  o  Harish Pillay, h.pillay@ieee.org
     4.5  ̒(Diald p_CIf}h)

  o  Mark Purcell, purcell@rmcs.cranfield.ac.uk
     4.6 ͂̒(IPautofw)

  o  David Ranch, dranch@trinnet.net
      HOWTO ̍XVyѕێALinux IP }XJ[h̏񌹂 web y[
     WA TrinityOS ̕A , ..., ɗ񋓂ɂ͑܂B :-)

  o  Paul Russell, rusty@linuxcare.com.au
     IPCHAINS, IP }XJ[h̃J[lpb`ɂނ̎dB

  o  Ueli Rutishauser, rutish@ibm.net
     3.3.9 ͂̒(OS/2 Warp ̐ݒ)

  o  Steve Grevemeyer, grevemes@tsmservices.com
     Lee Nevo  IP Masq AvP[V web y[WpA DB
     obNGh̑SĂXVB

  o  Fred Viles, fv@episupport.com

  o  John B. (Brent) Williams, forerunner@mercury.net
     3.3.7 ͂̒(I[vgX|[g̐ݒ)

  o  Enrique Pessoa Xavier, enrique@labma.ufrj.br
     BOOTp ݒ̒āB

  o  IP-MASQ [OXg̑SĂ̎Q, masq@tiffany.indyramp.com
     V Linux MASQ [Uɑ΂鉇ƃT|[gB

  o  ̑Ȃf炵@\ł IP }XJ[h̃R[hyѕ
     JҁB

          o  Delian Delchev, delian@wfpa.acad.bg

          o  David DeSimone (FuzzyFox), fox@dallas.net

     o  Jeanette Pauline Middelink, middelin@polyware.iaf.nl

     o  Miquel van Smoorenburg, miquels@q.cistron.nl

     o  Jos Vos, jos@xos.nl

     o  Ďŗ񋓂YĂ܂lBB(Ă
        )

  o  ɃhLgNCAǧ񍐂A[OXg
     tB[hobNĂ𑗂SẴ[UƂ͌܂B

  o  A܂dvȖOYĂAl̒Ԃ̃[UĂ
     ꂽ񓙂܂܂ĂȂȂAӂ܂B̒ĂƃACfBA
     Ă܂A؂Ă̕ɓ邽߂ɏ\Ȏ
     Ԃ܂B David Ranch ͂ HOWTO ɎɑSĂ̏
     gݓׂAނ̍őPsĂ܂Bނ̓w͂Ɋӂ
     ɁAB̂̏󋵂FɗĒƎv܂B

  8.4.  Ql

  o  Ken Eves ɂIWi IP }XJ[h FAQ

  o  Indyramp Consulting ́A IP }XJ[h[OXgA[JC

  o  Ambrose Au  IP Masquerade WWW TCg

  o  X/OS  Ipfwadm y[W

  o  ̑lbg[NɊ֌W Linux HOWTO Q

  o  David Ranch  TrinityOS ɂĖԗĂ̘b

  8.5.  ύX_

  o  h - HOWTO -

     o  tH[_̏͂IPMASQADM̃XNvg̎邱ƁBXɁA
        \mF邱ƁB

     o  MASQT[o[̌ɕ̃TulbgꍇɊւ鏬ȏ͂
        邱ƁB

     o  IPCHAINS [ZbgmFAꂪ IPFWADM [ZbgƐ
        Ă邱Ƃm߂邱ƁB

     h - WWW y[W -

     o  PPTP  url ׂ lowrent 
        ftp://ftp.rubyriver.com/pub/jhardin/masquerade/ip_masq_vpn.html
        ֍XV邱ƁB

     o  masq TCg PPTP pb`XV邱ƁB

     o  portfw FTP pb`XV邱ƁB

     1.90  1.95 ܂ł̕ύX - 11/11/00
     o  MASQ ꂽ̃C[TlbgZOg̒ň NIC ғ
        邱Ƃ͍D܂ȂƂɊւZӏƁAMł FAQ
        փN𒣂܂B HOWTO 薾mɂĂꂽ Daniel
        Chudnov Ɋӂ܂B

     o  MASQ  NAT vLṼT[rXƂ͂ǂႤ̂TĂ郆[
        Û߂ɁA FAQ ̏͂ɓ̏͂̒ւ̃|C^܂B

     o  2.2.x, 2.4.x, 2.0.x J[ĺAeX̏͂̕KvXV܂
        B

     o  3͂ŁAJ[l MASQ T|[gĂ邩ۂ؂
        @g܂B

     o  (2.2.x y 2.0.x) ́AP MASQ [Zbg̗̏Ԃ𔽓]
        ܂B

     o  2.0.x  2.2.x  rc.firewall t@Cɂ̖̏
        Еt܂B

     o  2.2.x  rc.firewall ɊւA̃fBXgr[V
        (Debian, TurboLinux, )ɂāAftOIvVȂȂ
        邱ƂɊւ钍ӏ܂B

     o  Pump ̎g܂ rc.firewall XNvg 3Ԗڂ̒ӏ
        ܂B Ross Johnson Ɋӂ܂B

     o  2.2.x y 2.2.x J[l̗ŁAP MASQ [Zbg̗
        Еt܂B

     o  ̓lbg[ÑgtBbN MASQ Ɋ֌W
        邽߂ɁAOC^[tF[X(IPCHAINS -i ł; IPFWADM
         -W łB)܂ނ߂ɁAPł苭 IPCHAINS y IPFWADM
        ̃[ZbgXV܂B

     o  R}h{̏o͂ɂȂ悤ȁASȎǉX
        ebv𔺂āA5()啝Ɋg܂B

     o  H.323 AvP[V𖢃T|[gT|[gς݂ֈړ܂
        B:)

     o   LAN ̗̏͂ (2.2.xǍ 2.0.x) Ăѐ܂B

     o   LAN ̗ɐǉ܂B

        lbg[N̗ŁA NIC ɂ}XJ[fBOɂ
        āAlbg[N̎w肪tɂȂĂƂdȌAC
        B Matt Goheen Ɋӂ܂B

     o  PORTFW ̏͂̒ MFW ɊւAȒPȏЉǉ܂B

     o  PORTFW ̂߂ 2.0.x  2.2.x ̏͂̏Ԃtɂ܂B

     o  2.2.x J[l FTP gtBbÑ|[gtH[fBOɊ
        AŐVXV܂B

        ________________________________________________________________
           - _ŁA 2.2.x J[lɂ|[gtH[fBO FTP ڑ
               IP_MASQ_FTP W[̓x[^xłB
               ̓A[hKvȂA쒆 FTP |[g̃|[gtH[
               fBOǉ@\T|[gĂ܂B
               āA IP_MASQ_FTP W[[hƊ FTP ڑ
               SĔj󂳂܂B

        ________________________________________________________________

     o  FTP ̃|[gtH[fBO (PORTFW) ̃T|[gɊւAgbv
        x̒߂܂B

     o  J[l 2.0.x  |[gtH[fBOꂽ FTP ̗ŁA
        [U̓|[g20Ԃ|[gtH[fBOKvȂ̂Ƃ
        ƂɊւ钍ӏǉ܂B

     o  |[gtH[fBȌ͂ɁA[ÚAႦ SuSe ł
        悤ȁA|[gtH[fBOꂽ FTP ̂悤ȋ@\T|[
        g邽߂ FTP vLVAvP[Vg邱ƂɊւ錾
        yǉAXV܂B Stephen Graham Ɋӂ܂B

     o  ̓ FTP T[oɐڑ邽߂ɕ̃|[ggp郆[
        U ip_masq_ftp W[[h@ׂ̈̕KvȐݒ
        ށAFTP ̃|[gtH[fBOLɂ@̗XV܂
        BɊւĎvoĂꂽ Bob Britton Ɋӂ܂B

     o  rc.firewall t@C ^M ꍞ񂾃[Üׂ FAQ ڂ
        ܂B

     o  ̗Lv URL ܂ށA MASQ  NAT vLVƂ̑_Ɋ
         FAQ ڂg܂B

     o  MASQ MTU ̐XVA̎v2̐ɂċLq
        ܂B

     o   ISP  1460 MTU ̃ZbeBOv܂A PPPoE
         1490  MTU Pɗvׂł̂ŁA RFC ɏ]Ă
        mɂ܂B̂߁A 1490  MTU ߂ɗXV
        ܂B

     o  Win95  Win98 ͈قȂݒ (DWORD  STRING) gp̂ŁA
        Windows 9x ̏͂j܂BƋɂ̏͂薾mɂ
        ׂɍXVAWXg̃obNAbv@XV܂B

     o  NT 4.0 ̃WXgGgɂ (Tcpip/p[^ ΃p
        [^/Tcpip) AC܂B

     o  WinNT Gg DWORD ł STRING ł͂ȂC܂
        B

     o  lX PPPoE yїlX Windows WXgGg̏CɊւA
        Geoff Mottram ɐ[ӂ܂B

     o  IRC FAQGg[ Oident  URL ǉ܂B

     o  ̉ꂽ "netstat" ̃o[WɊւ FAQ ̏͂XV
        B

     o  MASQ AJEeBÕACfBAƃgtBbNVF[sOɊ
        V FAQ ̏͂ǉ܂B

     o  |V[[eBO͉ɊւA IPROUTE2  FAQ ڂg
        ܂B

     o  2.2.x J[l̕Kv̏͂ IPROUTE2  URL ړAXɓ
        l URL ǉ܂B

     o  c̗Ɩ̂Ȃ 192.168.0.0 lbg[Nɔfׂ́A
        苭 IPCHAINS ̃[Zbg "intnet" ϐC܂B
        Ross Johnson Ɋӂ܂B

     o  ̓ MASQ ꂽ LAN m̃tH[fBO̖₷
        lẌׂɁAV FAQ ̏͂ǉ܂B

     o  ̊O IP AhXP̓ IP AhX֑SẴ|[g
        |[gtH[fBO[UɊւAV FAQ ̏͂
        ܂BXɁA IP GCAXC^[tF[X̑SĂ
        |[g̃|[gtH[fBO݂lɌy܂B܂A
        [eBOȂŕ IP  DSL yуP[u
        f[ǗׂA Bridge+Firewall HOWTO Ɍy܂B

     o  T|[gς݃Xg Mandrake 7.2  Slackware 7.1 ǉ܂
        B

     o  MASQ T|[gς݃fBXgr[V RedHat 7.0 ǉ
        B Eugene Goldstein Ɋӂ܂B

     o  FAQ ̏͂ "őX[vbg" ̌vZ̊ԈႢC܂B Joe
        White @ ip255@msn.com Ɋӂ܂B

     o  Windowx9x  MTU ̕ύX STRING ̕ύXłA DWORD ̕ύXł
        ȂɊÂďC܂B jmoore@sober.com Ɋӂ܂B

     o  ip_defrag IvV 2.0 y 2.2 J[l̗ɂ邱ƂɊ
        A rc.firewall XNvg̒߂XV܂B̂Ƃ
        Ăꂽ pumilia@est.it Ɋӂ܂B

     1.85  1.90 ܂ł̕ύX - 07/03/00

     o  ̐VCAEg𔽉f邽߂ɁA TrinityOS  URLXV
        ܂B

     o  IPCHAINS ̃[Zbg "ip_always_defrag" Ə
        "ip_ip_always_defrag" ƏĂ܂ĂA܂B

     o  Taro Fukunaga ւ URL  "mailto:" gp "mail:" ɂ
        Ă܂Ă܂B

     o   eth0 QƂ̂𗝉ĂȂlB̈
        ɁA "̓C^[tF[X}XJ[h" Ɋ
        ܂B

     o  苭 IPCHAINS ̏͂̒ŁA́uEXTIP ϐ̌̃Xy[
        XṽoOC܂B́A 1𓦂Ɛ܂B

     o  5͂̃eXg #7 ɂāAXebv #4 ɖ߂悤Ƀ[UɗU܂
        B̓Xebv #6 łׂłB

     o  SuSe 5.2 y 6.0 ɕtJ[l̃o[WXV܂B

     o  7.2͂̌A (or  of) C܂B

     o  }XJ[h̖𖢂ɕĂ郆[UɁA FAQ  MTU ̍
        ڂǂ܂ׂɁA}XJ[h̃eXg̏͂ɃACe #9 ǉ
        ܂B
     o  5͂̉ӏP܂B

     o  MASQ/FORWARD e[u߂ IPCHAINS ̍\XV܂
        BȑO "ipchains -F -L" Őɓ삵܂A݂
        "ipchains -M -L" ł삵܂B

     o  2.2.16 ȍ~̃J[lɂV LooseUDP ̐U镑𔽉f
        邽߂ɁA LooseUDP ̕XV܂BȑO͏ɗLł
        A݂̓}XJ[hꂽ UDP |[gXLjO̐Ǝ㐫
        AftHgŃItƂȂĂ܂Bʏ́Ayт⋭
        IPCHAINS ̃[Zbgɂ̃IvV𔽉fׂXV܂
        B

     o  Âo[W̃J[l TCP [g̐Ǝ㐫
        ŁA 2.2.x J[l̓o[W 2.2.16 ȍ~ɂׂł|
        ܂B

     o  MASQ T|[gς݃Xg RedHat 6.2 ǉ܂B

     o  Sonny Parlin  FWCONFIG ւ̃N݂ fBuilder ւ̂̂
        XV܂B

     o  lXȗɂ IP AhXLȂ̂ɂׂA
        111.222.333.444  111.222.121.212 ֍XV܂B

     o  x[^ H.323 MASQW[ URL XV܂B

     o  悤₭A PPPoE DSL yуP[uEfE[Ux邽
         MTU FAQ ̏͂XV܂B{I ``MTU '' ̏͂́A
        ݁A[U͋ꂽ MASQ MTU 邽߂ɁASĂ̓
        }V MTU ݒύX邱Ƃł邱Ƃ𔽉fĂ܂B

     o  PORTFW ̏͂ɁAONCAgɓ삷|[gtH[hꂽ
        ڑ́ANCAgɂ͓삵ȂƂ̉𖾂ǉ܂B
        |[gtH[fBOKvȂA REDIR c[̎l
        ɕKvłB̖ 2.4.x J[l Netfilter ɂĉ
        ƂLĂ܂B

     o  XɁẪViIK؂ɓ삵Ȃ̂AƂƂɊւA
        Juanjo ̋ZpIȐ PORTFW ̏͂̍Ō̕ɉ܂B

     o  IPCHAINS  URL ̑SĂ Paul Rusty  VTCg
        http://netfilter.filewatcher.org/ipchains/ ֍XV܂B

     o  Paul Rusty  [AhXXV܂B

     o  FAQ ̏͂ɁAڑԎgĂȂ܂܂ƁA͂|[gtH
        [hڑ͓삵ȂƂǉ܂B

     o  LDP  URL ̑SĂmetalab.unc.edu VTCgł
        linuxdoc.org ֍XV܂B

     o  Updated the Netfilter URLs to point to renamed HOWTOs, etc.  
        l[ꂽ HOWTO ɍ킹 Netfilter  URL XV܂
        B

     o  2.4.x J[l̃T|[gɊւA Netfilter tT
        |[gA܂͕̌ʂ HOWTO ɐ؂藣ł邱ƂL
        ܂B

     o  2.4.x J[l̕Kv̏͂ŁA Netfiler  IPFWADM  IPCHAINS
        ƔrĂǂ̂悤ɕς𔽉fA_/_̈ꗗɐV@
        \Ƌ̓ւ̕ύX܂B

     o  "̃}XJ[hڑx" Ƃ FAQ ڂɁA[UptH[
        }XɌލۂ̗ǂׂ̈ɁA TCP/IP ̐l̗ǉ
        ܂B

     o  "pump" DHCP NCAg̐Vo[ẂAN (bringup) A
        y: IP AhX́z[XXṼXNvgœł邱
        Ƃ𔽉fׂA HOWTO XV܂B

     o  l̃[U ip_masq_ftp W[g킸ɓ}Vւ
        FTP gtBbN̓]ɐƌĂ邱Ƃ𔽉f
        A FTP |[gtH[fBO̍ڂXV܂B́A[
        U͐悸CꂽW[Ŏ݂ĂAɗv
        pb`KpׂłƁA HOWTO ɔf܂B

     1.82  1.85 ܂ł̕ύX - 05/29/00

     o  David Ranch  1Nȏ HOWTO ̎vȃeiłƋɁA
        Ambrose Au ̖O^Cgy[W폜܂BȂ
        A Ambrose  WWW TCgŖ܂܂ł傤B

     o  6.4 ͂̌čXy[X폜܂B

     o  }XJ[h݊ OS ̏͂č\A OS/400 VXeғ
        AS/400 ̐ݒ@ǉ܂B jaco@libero.it Ɋӂ܂B

     o  HTTP ANZXsꍇ́A FTP ANZXp̕tI FTP
        |[gtH[fBOpb` URL ǉ܂B

     o  FAQ  Redhat 5.1 y 6.1 ̃J[lo[WXV܂
        B

     o  }XJ[h\ Linux fBXgr[V̈ꗗ FloppyFW
        ǉ܂B

     o  苭 IPFWADM ̃[Zbg "ppp_ip"  "=" ̊ԂɃXy[
        Xꍇ̖C܂B

     o  2.2.x J[l̃RpC̏͂ŁA "CONFIG_IP_ALWAYS_DEFRAG" X
        Cb`IQƂ폜܂B̃IvV̓RpC
        ͂폜A2.2.12 J[lɂă}XJ[hI
        ̃ftHgɂȂ܂B

     o  J[l̓̕ωɂāA rc.firewall ̑SĂ̗
        ip_always_defrag \ɂ邱Ƃǉ܂B

     o  H.323 ̃T|[g󋵂XV܂B݁A 2.0.x y 2.2.x J[
        l̗ŁA H.323 T|[gAt@Ńo[W̃
        W[܂B

     o  }XJ[hT|[gfBXgr[V̈ꗗ Debian
        v2.2 ǉ܂B

     o  ԑ݂ĂAIPCHAINS p̖I IP AhXtB^
        Ȍ͂ɌÂ IPFWADM ̕@cĂC܂BX
        ̏͂A₷܂B

     o  ! dv MASQ ̏񌹂̏͂ Juan Ciarlante  URL ǉ
        ܂B.. NB͂̕ƎɐɂȂKv
        񂾂!!

     o  J[l 2.0.38 y 2.2.15 𔽉fׂ HOWTO XV܂B

     o  2.0.x J[lȂÂȂĂ邱ƂɊӂ݁AJ[lRpC
        ̊J̏Ԃ 2.2.x J[lɂāAtɂ܂B

     o  ŐV 2.2.x J[l̕ύXꂽIvV𔽉fׂA 2.2.x
        J[l̃RpC̏͂XV܂B

     o  ߋ̃}XJ[heXg #5 Ɏslׂ̈ɉ\ȉ@
        ǉ܂B

     1.81  1.82 ܂ł̕ύX - 01/22/00

     o  6.5 ͂̂苭 IPCHAINS ̃[Zbg̒́A
        /proc/sys/net/ipv4/ip_dynaddr ɊւLږYǉ܂B

     o  IP }XJ[hT|[g̍ڂŁA Debian 2.1  YES ɕύX܂
        B

     o  FAQ ̏͂"}XJ[hx"ڂɁAŒC[Tlbgxyѕ
        ܂߂ׂč\AXV܂B

     o  Donald Becker ̃C[Tlbg NIC J[hp MII [eBeB̃
        Nǉ܂B

     o  2.2.x J[l̏(ȑO̓J[lo[W 2.0.x ̕C
        Ă܂)ɁA ICQ |[gtH[fBOXNvg ")" 
        LږYǉ܂B܂A -lt  -le ܂ł̕]ύX
        B

     o  }XJ[hT|[gψꗗ Caldera eServer v2.3 ǉ܂
        B

     o  }XJ[hT|[gψꗗ Mandrake 6.0, 6.1, 7.0 ǉ܂
        B

     o  }XJ[hT|[gψꗗ Slackware v7.0 ǉ܂B

     o  }XJ[hT|[gψꗗ Redhat 6.1 ǉ܂B

     o  }XJ[hT|[gψꗗ TurboLinux 4.0 Lite ǉ܂
        B

     o  }XJ[hT|[gψꗗ SuSe 6.3 ǉ܂B

     o   2.2.x J[l 2.2.11 V̂E߂ׂXV
        ܂B

     o  3.3͂ɂāAeX̃u[głǂ̂悤
        /etc/rc.d/rc.firewall ǂݍނ̂[Uɓ`@
        AHOWTO ɋLڂ邱ƂYĂ܂B͌ Redhat (y
        т̔hfBXgr[V) y Slackware Jo[
        ܂B

     o  Windows WFWG v3.x y NT ̐ݒ̏͂ɁÃ[U DHCP, WINS
        yуtH[fBÕIvVݒ肷ׂłȂ̖mȐ
        ǉ܂B

     o  FAQ ̏͂ɁA}XJ[hꂽ}Vɂ FTP ̖̉
        @ǉ܂B

     o  Fixed a typo in the Stronger firewall rulesets.  The "extip"
        variabl cannot have the SPACE between the variable name and the
        "=" sign.  Thanks to johnh@mdscomp.com for the sharp eye.  
        t@CAEH[̃[ZbǧAC܂B "extip"
        ϐ͕ϐ"="̊ԂɃXy[XނƂ͋܂B
        johnh@mdscomp.com ̉sڂɊӂ܂B

     o  ݊̏͂XV܂ - Mandrake 7.0 ̓J[l 2.2.14 x[X
        ŁA TurboLinux v6.0 ̓J[l 2.2.12 삵܂B

     1.80  1.81 ܂ł̕ύX - 01/09/00

     o  V ICQ }XJ[hW[t@C]ƃA^C
        `bgT|[g邱Ƃ𔽉fׂA ICQ ̏͂XV܂
        BJ[l 2.0.x ̃W[͂܂̐܂B

     o  Steven E. Grevemeyer ̃[AhXXV܂Bނ IP }
        XJ[hAvP[Vy[W̃eiłB

     o  "setsockopt" G[płȂƂĂ̂ŁAsC
        B

     o  ϐ "extip" g킸 "ppp_ip" gpĂA苭
        IPCHAINS ̃[Zbg̃G[XV܂B

     o  DHCP ̃Rg̏͂ 3.3.1 ͂ŁA "."  "?" ̌AC܂
        B

     o  ICQ |[gtH[fBOXNvg ")" ̋LږYǉ
        B܂A -lt  -le ܂ł̕]ύX܂B

     o  Quake W[̕@ "ports=" gpȂƂXV܂
        B

     1.79  1.80 ܂ł̕ύX - 12/26/99

     o  "ppp_ip" AhX̐ݒŁAXy[X̌AC܂B

     o  P IPCHAINS ̃[ZbǧAC܂B "deny" 
        "DENY" ɂłB

     o  Bjorn  Linux p "modutils"  URL XV܂B

     o  NetFilter  IPTables Ɋւ verbage A HOWTO ͈
         HOWTO ɒǉ܂ł̊ԁA URL LĂ܂B

     o  Â Quake W[̃oO[Uɒʒm邽߂ɁAP
        /etc/rc.d/rc.firewall ̗XV܂B

     o  I IP AhX(PPP y DHCP)AV DHCPCD ̕@AÂ
        Quake W[̃oOɊւă[Uɖ邽߂ɁA IPFWADM
        gp /etc/rc.d/rc.firewall ̗XV܂B

     o  I IP AhX(PPP y DHCP)ƁAÂ Quake W[̃oO
        ւ͂̏Y*ǉ*邽߂ɁA IPCHAINS gp
        /etc/rc.d/rc.firewall ̗XV܂B

     o  "AvP[V삵Ȃ"̏͂ɁAJ[l 2.0.x  (H.323
        x[X) Microsoft NetMeeting v2.x ̃x[^ŃW[̒L
        ǉ܂B NetMeeting 3.x y/ J[l 2.2.x œ삷
        o[W͂܂܂B

     1.78  1.79 ܂ł̕ύX - 10/21/99

     o   HOWTO ̖OXV܂B͂₱ HOWTO  MINI ł͂
        ܂!

     1.77  1.78 ܂ł̕ύX - 8/24/99

     o  Fixed a typeo in "Section 6.6 - Multiple Internal Networks"
        where the -a policy was ommited.  "6.6 - ̓lbg[
        N" ŁA -a |V[ȗꂽAC܂B

     o  2.2.x J[l̐ݒIvV "\[XoH䂳ꂽt[
        ̂Ă" 폜܂B͌݃ftHgŗLɂȂĂA
        J[lRpC̃IvVƂĎ菜ꂽłB

     o  IPCHAINS ̃tOe[ṼoO[UɒʒmׂA
        J[l 2.2.x yёSĂ IPCHAINS ̏͂XV܂B

     o  Lee Nevo ̌Â IP }XJ[hAvP[Ṽy[Ww
        SĂ URL  Seg ̐Vy[W֍XV܂B

     1.76  1.77 ܂ł̕ύX - 7/26/99

     o  |[gtH[fBȌ͂ŁA "ipmasqadm ipportfw -f" łȂ
        "ipmasqadm ipportfw -C" ƂĂAC܂B

     1.75  1.76 ܂ł̕ύX - 7/19/99

     o  tH[_̏͂ɂă[U񓚂TƂȂ薾mɂ邽
        ɁA FAQ  "ipfwadm: setsockopt failed: Protocol not
        available" y: "ipfwadm: setsockopt ͎s܂: vgR
        ͗pł܂"z XV܂B

     o  6.7͂ IPMASQADM  "portfw" ̊Ԉ@C܂B

     1.72  1.75 ܂ł̕ύX - 6/19/99

     o  ア IPFWADM y IPCHAINS ̃[ZbgƋ IPFWADM ̃[
        Zbg𓯗lɁA quake W[̃|[gݒ̗vC܂
        B

     o  ICQ ̃|[g4000Ԃ𒼐ڃ|[gtH[fBOA"Sock"vL
        V̐ݒp邱ƂȂ ICQ ̃ftHgݒgp郆[U
        |[gǉ܂B

     o  IPMASQADM c[ URL XV܂B

     o  Taro Fukunaga tarozax@earthlink.net ւ̎QƂǉ܂Bނ
        HOWTO  MkLinux ւ̈ڐAsĂ܂B

     o  V IPCHAINS T|[g Sonny Parlin  FWCONFIG c[
        `XV܂B

     o  Fred Vile ̃pb`ɂ FTP |[gtH[fBOANZX
        2.0.x J[l*̂*Lł邱ƂǋL܂B

     o  2.2.x J[l̃XebvŁAiK̃^OɊւ͂ȐX
        V܂B

     o  ͎҈ꗗ LooseUDP pb`̍ Glen Lamb ̖Oǉ܂
        B

     o  LooseUDP pb`̃CXg[ɊւA񈳏kpb` "cat" gp
        ׂłǉ܂B

     o  IPAUTO FAQ ̏͂̌AC܂B

     o   IPFWADM  IPCHAINS ̃[Zbĝ߂ DHCP NCA
        g̃|[gԍtɂ܂Bsv́AȂ Linux
        T[o DHCP T[ołǂłB

     o  SĂ̎ア[ZbgAyы[Zbg̗ɖI /sbin
        ւ PATH ǉ܂B

     o  PPP y DHCP [ÜׂɁA IPFWADM ̏͂ɓI IP AhX
        Ɋւ̉𖾂s܂B͂܂A[Zbg
        PPP Nꂽ DHCP  IP AhX̃[XXVꂽɍ
        Nׂł邱ƂǋL܂B

     o  J[l 2.2.x ̕Kv̒ɎQƂāAICQ  FAQ ̏͂X
        VAICQ MASQ W[̍҂ Andrew Deryabin ͎҈ꗗ
        ͂ɒǉ܂B

     o  FAQ ̏͂ɉ 2.1.x y 2.2.x J[l IPCHAINS Ɉڍs
        ɊւA̐ǉ܂B

     o  }XJ[hT[oʉ߂ Microsoft ̃t@C//hC
        T[rX (Samba) Ɋւ鏬 FAQ ̏͂ǉ܂BƓ
        ɁAڍׂȓëׂ Microsoft mx[X (Knowledge
        base document)  URL ǉ܂B

     o  FAQ ̏͂ Debian fBXgr[V IP }XJ[hT
        |[gĂȂǉ܂B

     o  FAQ ̏͂̃}XJ[hT|[gς݃fBXgr[VXV
        ܂B

     o  FAQ ̃GCAX NIC ̏͂ɁAC^[tF[X̃GCAX̓}X
        J[h*łȂ*|ǉ܂By: uC^[tF[X
        GCAXv́AJ[l̐ݒɂ "IP: Aliasing"wĂ
        B̃C^[tF[Xɕ IP AhXU@\
        Bz

     o  .. ܂ŋCÂȂǁA[Zbg̏͂ "ppp-
        ip" Ƃϐ͖ł!  "ppp_ip" Ƀl[܂B

     o  IPFWADM y IPCHAINS ̗̒Pȃ[Zbg̐ݒ̈ŁA
        DHCP gtBbNӏRgAEg܂B
        ́AŌ reject sł!  `NVE!  痼͂̏ֈ
        ܂B

     o  P IPCHAINS ̐ݒŁA DHCP [Üׂ̃RgAEgsŁA
        IPCHAINS  "-i" p[^łȂA IPFWADM  "-W" R}hg
        pĂ܂B

     o  tH[_̏͂ɁAL "ipfwadm: setsockopt failed: Protocol
        not available" y: "ipfwadm: setsockopt ͎s܂: v
        gR͗pł܂"z G[bZ[W̉̏Ȑ`
        ܂B͍XɁAJ[l IPPORTFW LȏꍇɁA
        lXɊmF鏬 /proc eXg܂ł܂B܂AP
        ׂ̈ FAQ ̏͂ɂ̃G[ǉ܂B

     o   HOWTO ɋ IPCHAINS ̃[Zbgǉ܂B

     o  FAQ ̏͂ "kernel: ip_masq_new(proto=UDP): no free ports."y
        : "kernel: ip_masq_new(prot=UDP): 󂫃|[g܂B"z
        G[bZ[W̐ǉ܂B

     o  IPMASQADM PORTFW [̃XNvg̗ǉ܂B

     o  Linux Documentation Project (LDP)  URL ̊XV܂
        B

     o  SĂ rc.firewall [Zbg̃W[ǂݍ݂̏͂ɁA
        Quake III T|[gǉ܂B

     o  ICQ̂߂ IPMASQADM tH[fBOC܂B

  o  1.72 - 4/14/99 - Dranch - Windows  NAT/vLV̑֎iAi
     ̊T URL ƋɁAK͂ȃXgɒǉ܂B

  o  1.71 - 4/13/99 - Dranch - ̃}XJ[hꂽlbg[N
     ׂ̈ IPCHAINS ̐ݒǉ܂B ICQ ̐ݒŁA ICQ ̃ftH
     g60b^CAEg IPFWADM/IPCHAINS 160b^CAEgύX
     ܂B MASQ y MASQ-DEV [OXgƂ̓o^̎菇X
     V܂B

  o  1.70 - 3/30/99 - Dranch - SMTP/POP-3 ̃^CAEgƁA̓
     lbg[N IPROUTE2 pĈقȂO IP AhXփ}XJ
     [h@ FAQ ̏͂ɒǉ܂B

  o  1.65 - 3/29/99 - Dranch - AC܂B 2.2.x J[lIv
     V̕Kvڂ𖾂܂BI PPP IP AhX̃T|[g
     t@CAEH[̏͂ɒǉ܂B quake II W[̈ڐA
     ǉ܂B LooseUDP pb`͍ŐV 2.2.x J[lɑgݍ܂A
     Dan Kegel ł͂Ȃ Glenn Lamb ̍ł邱Ƃ𖾋L܂B݊
     ̏͂ɂ葽̃Q[̏ǉ܂B

  o  1.62 - Dranch - Ō̑1htgiK̕ύX𕶏ɍsA MASQ [
     OXgɍm܂B

  o  1.61 - Dranch - ҏW̕ύXāA̍ق𐮂AAWindows95  NT
     ̐ݒɂ邢̃G[C܂B

  o  1.58 - Dranch - |[gtH[fBȌ͂̒ǉ; LooseUDP ̐ݒ;
     IRC [U ׂ̈ Ident T[oAt@CAEH[̃O̓ǂݕA
     ɎgȂ CuSeeme Mini-HOWTO ̍폜B

  o  1.55 - Dranch - SȃI[o[z[A FAQ ̒ǉA v1.50
     HOWTO ̑SʓIȕҏWB 2.2.x J[l IPCHAINS ̐ݒ܂
     BKpׂ̈ IPAUTOFW  IPPORTFW ւ̕ϊs܂BX
     ̑̕⃆[eBeB̃TCgւ̑ URL ǉ܂B
     Ă̕ύX܂.. ݂ȂDł邱Ƃ]݂܂B
      IP MASQ [OXgɂĒׂAF܂ł́A
     HOWTO ̐Vł LDP vWFNgɂŏIs͍s܂(
      v2.00 ɂȂ܂)B

  o  1.50 - Ambrose - HOWTO ̏dȍXVƁA 2.2.0 J[l IPCHAINS
     ̐ݒ̏iK̒ǉB

  o  1.20 - Ambrose - 2.0.x J[lȑO IPFWADM ɂĒPƂňꂽA
     V HOWTO ̂̈B

  9.  {ɂ

  { : 2001N 712 JF Project u`[ Masqueradev |
  ꗗ(h̗A50):

  o  㓡됰 <magotou@fubyshare.gr.jp> 6

  o  cz <matsuda@palnet.or.jp> 2,3,8

  o  R <shingo@axs2.com> 1,5,7

  o  l <isao@m05.htmnet.ne.jp> 4

  ̕|󂷂ɂA <mizuhara@acm.org>  Linux IP
  Masquerade mini HOWTO { <http://www.linux.or.jp/JF/JFdocs/IP-
  Masquerade.html> 瑽pv܂B

  ̕|󂷂ɂAȉ̕XAhoCX܂
  B(50)
  {ɂ肪Ƃ܂B

  o  {K <kokamoto@itg.hitachi.co.jp>

  o  ˂ <se-kane@str.hitachi.co.jp>

  o  konkiti <konkiti@lares.dti.ne.jp>

  o  UTi <ysenda@pop01.odn.ne.jp>

  o  L <takei@webmasters.gr.jp>

  o  {_ꂳ <hng@ps.ksky.ne.jp>

  o  m <uv9h-hykw@asahi-net.or.jp>

  o   <mizuhara@acm.org>

  o  X{~ <morimoto@xantia.citroen.org>

