<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <HTML> <HEAD> <META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9"> <TITLE>Firewall And Proxy Server HOWTO: $B>R2p(B</TITLE> <LINK HREF="Firewall-HOWTO-2.html" REL=next> <LINK HREF="Firewall-HOWTO.html#toc1" REL=contents> </HEAD> <BODY> <A HREF="Firewall-HOWTO-2.html">$B<!$N%Z!<%8(B</A> $BA0$N%Z!<%8(B <A HREF="Firewall-HOWTO.html#toc1">$BL\<!$X(B</A> <HR> <H2><A NAME="s1">1. $B>R2p(B</A></H2> <P>David Rudder $B$5$s$,$3$N(B Firewall-HOWTO $B$N%*%j%8%J%k$NJ8=q$r=q$-$^$7$?!#(B 4$BG/A0!"$=$7$F:#$b:nIJ$r0z$-7Q$0$3$H$r5v$7$F$/$l$?H`$K46<U$7$^$9!#(B <P>$B?F@Z$K$b!"$3$N<:FI>I$NI.<T$r<jEA$C$F$/$l$?(B Ian Gough $B$5$s$K$b46<U$7$^$9!#(B <P>$B%U%!%$%"%&%)!<%k$O!":#$^$G%$%s%?!<%M%C%H>e$G$N5f6K$N%;%-%e%j%F%#$H(B $B$7$F$NCO0L$rF@$FMh$^$7$?!#(B $B:#F|!"%U%!%$%"%&%)!<%k$OKX$I$N%M%C%H%o!<%/%G%P%$%9$N0lIt$K$J$C$F(B $B$$$^$9!#(B $BB>$N:G?7$NOCBj$HF1MM!"$7$P$7$P8m2r$5$l$,$A$G$9!#(B $B$3$NJ8=q$G$O!"%U%!%$%"%&%)!<%k$N<BBN$H!"9=C[J}K!$r8+$F$$$-$^$9!#(B <P>$B;d$O%+!<%M%k(B 2.2.14 $B$H(B RedHat 6.1 $B$r$3$NJ8=q$N:n@.$K;H$C$F$*$j!"(B $B$=$l8N$KJ8Cf$NNc$O$3$N%G%#%9%H%j%S%e!<%7%g%s$r85$K$7$F$*$j$^$9!#(B $B$b$7!"$"$J$?$N%G%#%9%H%j%S%e!<%7%g%s$H$NAj0cE@$,$"$j$^$7$?$i!"(B email $B$r$/$@$5$$!#$3$N(B howto $B$r99?7$7$^$9!#(B <P> <H2><A NAME="ss1.1">1.1 $B%U%#!<%I%P%C%/(B</A> </H2> <P>$B$I$s$J%U%#!<%I%P%C%/$G$b4?7^$7$^$9!#(B <B>$B$3$NJ8=q$N4V0c$$$r65$($F(B $B$/$@$5$$(B!!</B> $B;d$O?M4V$G$9$+$i4V0c$$$r$7$,$A$G$9!#(B $B2?$+4V0c$$$r8+$D$1$?$i;d$KCN$i$;$F$/$@$5$$!#(B $BA4$F$N(B e-mail $B$KJVEz$7$?$$$N$O$d$^$d$^$J$N$G$9$,!"K;$7$$$N$G!"(B $BJV;v$r$7$J$/$F$bE\$i$J$$$G$/$@$5$$!#(B <P><EM>$B;d$N(B email $B%"%I%l%9$O(B <B> <A HREF=":mailto:mark@grennan.com">mark@grennan.com</A> $B$G$9!#(B</B></EM> <P> <H2><A NAME="ss1.2">1.2 $B@UG$J|4~(B</A> </H2> <P> <B>$B;~$,7P$A$^$7$?!#(B $B$3$NItJ,$O0JA0$O!"(B``$B;d$O%;%-%e%j%F%#!<$N%(%-%9%Q!<%H$G$O$J$/!"$^$?!"(B $B$=$&$J$k5$$b$"$j$^$;$s!#(B'' $B$H$J$C$F$$$^$7$?!#(B $B:#$d!";d$O%(%-%9%Q!<%H$K$J$C$F$7$^$$$^$7$?!%(B $B;d$N8x<0$N8*=q$O%;%-%e%j%F%#!<%"%J%j%9%H$G$9!#(B $B$b$7$+$9$k$H!";d$O!"0JA0$h$j>/$7$O$^$H$b$J;v$r=q$$$F$$$k$+$b$7$l$^$;$s!#(B $B$G$b$o$+$C$FM_$7$$$N$O!"$3$NJ8=q$O$"$/$^$G$b3'$5$s$,$3$NJ,Ln$rC55a$9$k(B $B:]$N=u$1$K$J$k$3$H$rL\;X$7$F$$$k$b$N$J$N$G$9!#(B $B;d$O$3$NJ8=q$N@:EY$r>e$2$k0Y$K<+J,$N?M@8$rER$1$k$D$b$j$O$"$j$^$;$s!#(B $B$b$7!"$"$J$?$N%U%!%$%"%&%)!<%k$NCN<1$NA4$F$,$3$NJ8=q$K4p$E$/$b$N$G(B $B$"$k$J$i$P!";E;v$r%U%!%$%"%&%)!<%k$KER$1$J$$$G$/$@$5$$!#(B $B;d$O!"$3$NJ8=q$K4p$E$$$?9TF0$GIi$C$?A4$F$NB;32$KBP$7$F$N@UG$$r(B $BIi$$$^$;$s!#(B</B> <P> <H2><A NAME="ss1.3">1.3 $BCx:n8"(B</A> </H2> <P> $BFC$K5-=R$,L5$$8B$j!"(B Linux HOWTO $BJ8=q$O!"$=$l$>$l$NCx<T$KCx:n8"$,M-$j$^$9!#(B $B$=$l$O;d$G$9!#(B Linux HOWTO $BJ8=q$O!"$3$NCx:n8"I=<($,F~$C$F$$$k$J$i$P!"0lIt$^$?$OA4It$r(B $B:FJT=8$7!"EE;RE*0?$OJ*M}E*$JJ}K!$K$+$+$o$i$:G[I[$9$k$3$H$,$G$-$^$9(B ($B$`$7$m!"$=$l$,K>$^$7$$(B)$B!#(B $B>&MQG[I[$b4?7^$5$l$^$9!#(B <P>$B$b$7!"$3$NJ8=q$rG[I[$9$k>l9g$O!";d$K%a!<%k$GCN$i$;$F$/$@$5$$!#(B ($B0u:~J*$K<+J,$NL>$,$"$k$N$r8+$k$N$,9%$-$J$b$N$G(B)$B!#(B <P>$BK]Lu$d!"GI@8$7$?:nIJ!"(BLinux HOWTO $BJ8=q$X$N=8Ls$O$3$NCx:n8"I=<($K(B $B$7$?$,$C$F9T$o$J$1$l$P$J$j$^$;$s!#(B $B$3$l$O!"G[I[J*$K?7$?$J@)8B$rDI2C$7$F$O$$$1$J$$$H$$$&$3$H$G$9!#(B $B$3$N%k!<%k$K1h$C$F$$$k$3$H$r3N?.$G$-$k>l9g0J30$O!"(BLinux HOWTO $B%3!<%G%#%M!<%?$KO"Mm$r<h$C$F$/$@$5$$!#(B <P>$BMW$9$k$K!"2f!9$O2DG=$J8B$j$N<jCJ$rDL$8$F!"$3$N>pJs$,9-$/9T$-EO$k$3$H$r(B $BK>$s$G$$$^$9!#(B $B$7$+$7!"2f!9$O(B HOWTO $B%I%-%e%a%s%H$NCx:n8"$rJ];}$7$?$$$H6&$K!":FG[I[$N(B $B7W2h$rCN$i$5$l$?$$$H$b;W$C$F$$$^$9!#(B $B$?$@!"$3$NCx:n8"I=5-$r;D$7$F$$$l$P!"<ALdEy$J$7$K;H$C$F$+$^$$$^$;$s!#(B <P>$B2?$+5?Ld$,$"$j$^$7$?$i!";d$K%a!<%k$GCN$i$;$F$/$@$5$$!#(B($B>e5-;2>H$N$3$H(B) <P> <H2><A NAME="ss1.4">1.4 $B$3$NJ8=q$r=q$/M}M3(B</A> </H2> <P>$B?tG/A0!"%*%/%i%[%^=#$G(B"$B%$%s%?!<%M%C%H4IM}<T(B"$B$H$7$F(B $BF/$$$F$$$?$H$-$K!"$?$@$G(B"$B=#$r%$%s%?!<%M%C%H$K$D$J$2$F$/$l(B"$B$H(B $BMj$^$l$^$7$?!#(B ($BCm0U(B: $B$=$N$H$-$O!"$=$N$h$&$J8*=q$-$O$"$j$^$;$s$G$7$?!#(B $B;d$O$?$@$NC1$J$k2?$G$b20$@$C$?$N$G$9!#(B) $B$3$l$r<B8=$9$k:GNI$NJ}K!$O!"2DG=$J8B$j$NB??t$N%U%j!<%=%U%H$H(B $B%8%c%s%/%O!<%I%&%'%"$r;H$&$3$H$G$7$?!#(B Linux $B$H!"Bt;3$N8E$$(B 486 $B%^%7%s$@$1$,!"<B8=$5$;$k$?$a$NF;6q$G$7$?!#(B <P>Linux $B$@$1$,4uK>$G$7$?!#(B $BEv;~(B ($B$=$7$F:#$b(B) $B!">&MQ$N%U%!%$%"%&%)!<%k$O$I$3$G$b9b2A$JJ*$G$9!#(B $B;d$,8+$D$1$?!"A4$F$N%U%!%$%"%&%)!<%k$NF0:n$r>\=R$7$?J8=q$O!"$=$NKX$I$,(B $B:G9b5!L)$G$7$?!#(B $B$=$N7k2L!"%U%!%$%"%&%)!<%k$r<+$i$N<j$G:n$j>e$2$k$N$OKX$IIT2DG=$J$N$@$H(B $B;W$$$^$7$?!#(B <P>$B<!$N(B American Floral Services (AFS) $B$G$O!"%U%!%$%"%&%)!<%k$r(B $BF0$+$9$3$H$rMj$^$l!"$=$N;~E@$G$O%U%!%$%"%&%)!<%k$N%=!<%9%3!<%I$,(B $B%+!<%M%k$KAH$_9~$^$l$F$$$^$7$?!#(B $B$=$7$F:F$S!"$?$@$G(B Linux $B$r;H$C$F%U%!%$%"%&%)!<%k$r7z$F$^$7$?!#(B $BO;%v7n8e!"%U%!%$%"%&%)!<%k$O40@.$7!"$3$NJ8=q$,99?7$5$l$^$7$?!#(B <P>$B:#!"$"$l$+$i(B6$BG/$r7P$F!";d$OBt;3$N%U%!%$%"%&%)!<%k$G;E;v$r$7$F$$$^$9!#(B $BNc$($P(B CheckPoint Firewall-1, Cisco Pix, $B$=$7$FBt;3$N(B $B%k!<%?$N%U%!%$%"%&%)!<%k$H!"A4$F$N%P!<%8%g%s$N(B Linux $B%Y!<%9$N(B $B%U%!%$%"%&%)!<%k$G$9!#(B $B;d$O!"(B Linux $B$,8=:_$N:GNI$N%U%!%$%"%&%)!<%k$@$H;W$$$^$9!#(B $B$G$b!"$=$N@_Dj$O:G$bJ#;($J$b$N$G$"$k$+$b$7$l$^$;$s!#(B <P> <H2><A NAME="ss1.5">1.5 $B99$KFI$_$?$$?M$O(B</A> </H2> <P> <UL> <LI> <A HREF="http://sunsite.unc.edu/mdw/HOWTO/Networking-Overview-HOWTO.html">The Linux Networking Overview HOWTO</A> </LI> <LI> <A HREF="http://sunsite.unc.edu/mdw/HOWTO/Ethernet-HOWTO.html">The Ethernet HOWTO</A> </LI> <LI> <A HREF="http://ipchains.nerdherd.org/">IPchains Firewalling made Easy!</A> $B!ZLuCm(B: $B>e5-(B URI $B$OL58z$G$9!#![(B </LI> <LI> <A HREF="http://www.linas.org/linux/load.html">Linux Network Address Translation</A> </LI> <LI> <A HREF="http://metalab.unc.edu/mdw/HOWTO/Net-HOWTO/index.html">The Net-HOWTO</A> </LI> <LI> <A HREF="http://metalab.unc.edu/mdw/HOWTO/PPP-HOWTO/index.html">The NET-PPP HOWTO</A> </LI> <LI> <A HREF="http://www.freeswan.org/">Software to build secure VPNs across public networks</A> </LI> <LI> <A HREF="http://icarus.autostock.co.kr/">GFCC a GTK+ Firewall Control Center</A> </LI> <LI> <A HREF="http://freshmeat.net/projects/icq-proxy/homepage/">$B$3$l$O%U%!%$%"%&%)!<%k$N8e$m$+$i(B ICQ $B$N@\B3(B ($B%A%c%C%H!"%U%!%$%k$NAw<u?.(B) $B$r<B8=$9$k!"%]!<%H%U%)%o!<%G%#%s%0%W%m%-%7$G$9!#(B ($B;d$,$3$l$r8+$D$1$k$^$G:J$,;d$rIT2w$K$7$F$/$l$^$7$?!#(B) </A> </LI> <LI> <A HREF="http://freshmeat.net/projects/linuxvpnmasquerade/homepage/">$B$3$N%5%$%H$O(B Linux $B$N(B IP Masquerading $B%U%!%$%"%&%)!<%k$N8e$m$K$"$k(B IPSec $B$d(B PPTP VPN $B$N%[%9%H(B ($B%/%i%$%"%s%H$d%5!<%P(B) $B$K%"%/%;%9$9$kJ}K!$r(B $B2r@b$7$F$$$^$9!#(B</A> </LI> <LI> <A HREF="http://freshmeat.net/projects/rc.firewall/download/">rc.firewall $B$O!"KDBg$J%M%C%H%o!<%/%5!<%S%9(B (NFS, IPSec, VPNs, Proxies$BEy(B) $B$d!"%^%9%+%l!<%G%#%s%0!"(B $B%]!<%H%U%)%o!<%G%#%s%0!"(B IP $B%"%+%&%s%F%#%s%0$r%5%]!<%H$9$k!"(B ipchains $B%Y!<%9$N%U%!%$%"%&%)!<%k%9%/%j%W%H$G$9!#(B $B%9%W!<%U%#%s%0!ZLuCm(B: $B56Au![!"56Au%k!<%F%#%s%0(B/$B%^%9%+%l!<%G%#%s%0!"(B DoS $B!ZLuCm(B: Denial of Service: $B%5!<%S%9ITG=967b![!"(B smurf $B967b!"H/?.%]!<%H%9%-%c%s!"Ey!9$+$i<i$j$^$9!#(B $BJ#?t$N%W%i%$%Y!<%H5Z$S8x6&%$%s%?!<%U%'!<%9$b%5%]!<%H$5$l$F$$$^$9!#(B</A> <P>$B!ZLuCm(B: $B>e5-(B URI $B$OL58z$G$9!#(B $B8=:_$O!"(B <A HREF="http://rcf.mvlan.net/">rcf</A> $B$KJQ99$5$l$F$$$^$9!#![(B <P>$B!ZLuCm(B: "smurf" $B$H$O!"(B DoS $B967b$N0l<o$r9T$&(B $B967b%W%m%0%i%`$NL>A0$G$9!#(B $B>\$7$/$O!"(B <A HREF="http://www.cert.org/advisories/CA-1998-01.html">CERT $B$NJ8=q(B</A> $B$d!"(B <A HREF="http://isl.educ.fukushima-u.ac.jp/~shinoda/net-docs/CERT/CA-98.01.smurf.html">CERT $B$NJ8=q$NF|K\8lLu(B</A> $BEy$r;2>H$7$F$/$@$5$$!#![(B <P> </LI> <LI> <A HREF="http://www.squid-cache.org/">$B4V0c$$$J$/:GNI$N%W%m%-%7%5!<%P$G$9!#(B</A> </LI> <LI> <A HREF="http://freshmeat.net/projects/socks5/homepage/">$B8E$$$G$9$,!"$$$$J*$G$9!#(B Socks$B$N:G?7%P!<%8%g%s$,$3$3$K$"$j$^$9!#(B</A> </LI> </UL> <HR> <A HREF="Firewall-HOWTO-2.html">$B<!$N%Z!<%8(B</A> $BA0$N%Z!<%8(B <A HREF="Firewall-HOWTO.html#toc1">$BL\<!$X(B</A> </BODY> </HTML>