<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
<TITLE>Linux IP Masquerade HOWTO: IP �$B%^%9%+%l!<%I$N@_Dj�(B</TITLE>
<LINK HREF="IP-Masquerade-HOWTO-4.html" REL=next>
<LINK HREF="IP-Masquerade-HOWTO-2.html" REL=previous>
<LINK HREF="IP-Masquerade-HOWTO.html#toc3" REL=contents>
</HEAD>
<BODY>
<A HREF="IP-Masquerade-HOWTO-4.html">�$B<!$N%Z!<%8�(B</A>
<A HREF="IP-Masquerade-HOWTO-2.html">�$BA0$N%Z!<%8�(B</A>
<A HREF="IP-Masquerade-HOWTO.html#toc3">�$BL\<!$X�(B</A>
<HR>
<H2><A NAME="s3">3. IP �$B%^%9%+%l!<%I$N@_Dj�(B</A></H2>
<P>
<BLOCKQUOTE>
<B>�$B%W%i%$%Y!<%H%M%C%H%o!<%/>e$K=EMW$J>pJs$,$"$k>l9g$K$O!"�(B IP
�$B%^%9%+%l!<%I$r<BAu$9$kA0$K!"%;%-%e%j%F%#$N4QE@$+$i?5=E$K8!F$$7$F�(B
�$B$/$@$5$$!#�(B
�$B$3$l$rBU$k$H!"�(B IP �$B%^%9%+%l!<%I$O$"$J$?$,%$%s%?!<%M%C%H$X=P$F9T$/�(B
�$B%2!<%H%&%'%$$K$J$j$^$9$,!"$3$l$H6&$K30B&$N@$3&$K$$$kC/$+$,$"$J$?$N�(B
�$B%M%C%H%o!<%/$K?/F~$9$k%2!<%H%&%'%$$H$b$J$C$F$7$^$&$N$G$9!#�(B</B>
<P>�$B$R$H$?$S�(B IP �$B%^%9%+%l!<%I5!G=$r@_Dj$9$k$J$i$P!"6/NO$J�(B IPFWADM/IPCHAINS
�$B$K$h$k%U%!%$%"%&%)!<%k$N%k!<%k%;%C%H$r<BAu$9$k$3$H$r6/$/$*A&$a$7$^$9!#�(B
�$B>\:Y$O8e=R$N�(B
<A HREF="IP-Masquerade-HOWTO-6.html#Strong-IPFWADM-Rulesets">�$B6/$$�(B IPFWADM �$B$N%k!<%k%;%C%H�(B</A>
�$B5Z$S�(B
<A HREF="IP-Masquerade-HOWTO-6.html#Strong-IPCHAINS-Rulesets">�$B6/$$�(B IPCHAINS �$B$N%k!<%k%;%C%H�(B</A>
�$B$N>O$r$4Mw$/$@$5$$!#�(B
</BLOCKQUOTE>
<P>
<A NAME="Kernel-Compile"></A> <P>
<H2><A NAME="ss3.1">3.1 IP �$B%^%9%+%l!<%I$rAH$_9~$s$@%+!<%M%k$N%3%s%Q%$%k�(B</A>
</H2>
<P>
<P>
<P>
<BLOCKQUOTE>
<B>�$B$*;H$$$N�(B Linux �$B%G%#%9%H%j%S%e!<%7%g%s$,!"4{$K2<5-$NI,MW$J5!G=$NA4$F�(B
�$B$r%5%]!<%H$7$F$$$F!D�(B - </B>
<UL>
<LI>IPFWADM/IPCHAINS</LI>
<LI>IP �$B%U%)%o!<%G%#%s%0�(B</LI>
<LI>IP �$B%^%9%+%l!<%G%#%s%0�(B</LI>
<LI>IP �$B%U%!%$%"%&%)!<%j%s%0�(B</LI>
<LI>�$B$=$NB>�(B</LI>
</UL>
�$B$=$7$FA4$F$N�(B MASQ �$B$K4X78$9$k%b%8%e!<%k$,%3%s%Q%$%k$5$l$F$$$k�(B (�$BB?$/$N�(B
�$B%b%8%e%i!<%+!<%M%k$OI,MW$H$5$l$kA4$F$,4^$^$l$F$$$k$3$H$G$7$g$&�(B) �$B$J$i!"�(B
�$B%+!<%M%k$r:F%3%s%Q%$%k$9$kI,MW$O$"$j$^$;$s!#�(B
�$B$"$J$?$N;HMQ$9$k�(B Linux �$B%G%#%9%H%j%S%e!<%7%g%s$,�(B MASQ �$B5!G=$rAuHw$7$F�(B
�$B$$$k$H<+?.$,;}$F$J$$$J$i!"�(B
<A HREF="IP-Masquerade-HOWTO-7.html#MASQ-supported-Distributions">�$B%^%9%+%l!<%I%5%]!<%H:Q$_%G%#%9%H%j%S%e!<%7%g%s�(B</A>
�$B$N>O$r;2>H$7$F$/$@$5$$!#�(B
�$B$3$N%j%9%H$,?.MQ$G$-$J$$$+!"$"$J$?$N;HMQ$9$k%G%#%9%H%j%S%e!<%7%g%s$,�(B
�$B%j%9%H$K$J$$$J$i!"0J2<$N%F%9%H$r;n$7$F$_$F$/$@$5$$�(B -
<P>
<UL>
<LI>Linux box �$B$K%m%0%$%s$7$F!"%3%^%s%I�(B "ls /proc/sys/net/ipv4" �$B$r�(B
�$B<B9T$7$F$_$F$/$@$5$$!#�(B</LI>
<LI>�$B%3%^%s%I$NI=<(7k2L$NCf$K�(B "ip_forward", "ip_masq_debug", "ip_masq_udp_dloose"(�$BG$0U�(B), �$B5Z$S�(B "ip_always_defrag"(�$BG$0U�(B) �$BEy$,$"$k$+3NG'$7$F$/$@$5$$!#�(B</LI>
</UL>
�$B$3$l$i$,$"$l$P!"$"$J$?$N%+!<%M%k$K$O%^%9%+%l!<%I5!G=$,<BAu$5$l$F$$$^$9!#�(B
<P>�$B$"$J$?$N;HMQ$9$k%G%#%9%H%j%S%e!<%7%g%s$,I8=`$G�(B IP �$B%^%9%+%l!<%G%#%s%0�(B
�$B$r%5%]!<%H$7$F$$$k$K$b$+$+$o$i$:>e5-%U%!%$%k$,8+$D$+$i$J$$>l9g!"�(B
�$B%^%9%+%l!<%I5!G=$O%5%]!<%H$5$l$F$$$J$$$H?dB,$;$6$k$rF@$^$;$s!#�(B
�$B$=$N>l9g!D%+!<%M%k$r%3%s%Q%$%k$7$J$1$l$P$J$j$^$;$s!#�(B
�$B$G$b!"$4?4G[L5$/!#Fq$7$/$J$$$G$9$+$i!#�(B
<P>�$BI8=`$G%5%]!<%H$5$l$F$$$k$+H]$+$K$+$+$o$i$:!"$3$N>O$OB>$NM-MQ$J>pJs$r�(B
�$B4^$s$G$$$^$9$N$G!"FI$`$3$H$r6/$/$*A&$a$7$^$9!#�(B
</BLOCKQUOTE>
<P>
<P>
<H3>Linux 2.2.x �$B%+!<%M%k�(B</H3>
<P>
<P><B>�$BI,MW$H$5$l$k%=%U%H%&%'%"$d%Q%C%AEy$O�(B
<A HREF="IP-Masquerade-HOWTO-2.html#2.2.x-Requirements">2.2.x �$B%+!<%M%k$NI,MW>r7o�(B</A>
�$B$N>O$r$4Mw$/$@$5$$!#�(B</B>
<P>
<UL>
<LI>�$B$^$:Bh0l$K!"�(B 2.2.x �$B$N%+!<%M%k%=!<%9$,I,MW$G$9!#�(B (�$BK>$^$7$/$O�(B
2.2.16 �$B0J9_$N:G?7$N%+!<%M%k$,NI$$$G$9!#�(B)
<P>�$BCm0U�(B #1 - 2.2.16 �$B$h$j0JA0$N�(B Linux 2.2.x �$B%+!<%M%k$K$O!"�(B TCP �$B@\B3$K$*$$$F�(B
�$B%k!<%H8"8B$,:q<h$5$l$k<eE@$,$"$j!"�(B 2.2.11 �$B0JA0$N%P!<%8%g%s$K$O�(B IPCHAINS
�$B$N%U%i%0%a%s%F!<%7%g%s$K%P%0$,$"$j$^$9!#�(B
�$B$3$N$?$a!"6/NO$J�(B IPCHAINS �$B$N%k!<%k%;%C%H$rF0:n$5$;$h$&$H$9$k?M$O!"�(B
�$B$3$l$i967b$KBP$7$FL5KIHw$G$9!#�(B
�$B$"$J$?$N%+!<%M%k$r=$@5:Q$_%P!<%8%g%s$X%"%C%W%0%l!<%I$7$F$/$@$5$$!#�(B
<P>�$BCm0U�(B #2 - 2.2.x �$B%+!<%M%k$,@0Hw$5$lB3$1$i$l$?7k2L!"%3%s%Q%$%k;~$N�(B
�$B%*%W%7%g%s$,JQKF$7B3$1$F$$$^$9!#�(B
�$B:#2s$N%P!<%8%g%s$NJ8=q$K$*$$$F!"$3$N>O$O%+!<%M%k�(B 2.2.15 �$B$N@_DjFbMF�(B
�$B$rH?1G$7$F$$$^$9!#�(B
�$B$b$7$b$*;H$$$N%+!<%M%k$,$b$C$H8E$$%P!<%8%g%s$N>l9g$G$9$H!"%@%$%"%m%0�(B
�$B$NI=<($O0c$C$F8+$($k$G$7$g$&!#�(B
�$B?75!G=$d0BDj@-$r$b$?$i$9:G?7%P!<%8%g%s$N%+!<%M%k$X$N%"%C%W%0%l!<%I�(B
�$B$r$*A&$a$7$^$9!#�(B
<P>
</LI>
<LI>�$B%+!<%M%k$N%3%s%Q%$%k$,=i$a$F$G$b!"62$,$k$3$H$O$"$j$^$;$s!#�(B
�$B<B$N=j$+$J$j4JC1$G$9$7!"�(B
<A HREF="IP-Masquerade-HOWTO-2.html#2.2.x-Requirements">2.2.x �$B%+!<%M%k$NI,MW>r7o�(B</A>
�$B$N>O$G<($94v$D$+$N�(B URL �$B$G$b07$o$l$F$$$^$9!#�(B
<P>
</LI>
<LI>�$B<!$N%3%^%s%I$K$F%+!<%M%k%=!<%9$r�(B <CODE>/usr/src/</CODE> �$B%G%#%l%/%H%j�(B
�$B$XE83+$7$F$/$@$5$$�(B - <CODE>tar xvzf linux-2.2.x.tar.gz -C /usr/src</CODE>
�$B$3$3$G!"�(B2.2.x �$B$N�(B "x" �$B$O�(B Linux 2.2 �$B%+!<%M%k$N8=:_$N%P!<%8%g%s%J%s%P!<�(B
�$B$G$9!#�(B
�$B40N;$7$^$7$?$i!"�(B <CODE>/usr/src/linux/</CODE> �$B$H$$$&%G%#%l%/%H%j$,$"$k$+!"�(B
�$B$^$?$O%7%s%\%j%C%/%j%s%/$,D%$i$l$F$$$k$3$H$r3NG'$7$F$/$@$5$$!#�(B
<P>
</LI>
<LI>�$BE,Ev$J!"0?$OG$0U$N%Q%C%A$r%+!<%M%k%=!<%9%3!<%I$KEv$F$F$/$@$5$$!#�(B
�$B%+!<%M%k�(B 2.2.1 �$B$N;~E@$G$O!"�(B IP Masq �$B$r2TF/$5$;$k0Y$NFC<l$J%Q%C%AEy�(B
�$B$OITMW$G$9!#�(B
PPTP �$B5Z$S�(B Xwindow �$B$N%U%)%o!<%G%#%s%0$N5!G=$O%*%W%7%g%s$G$9!#�(B
<A HREF="IP-Masquerade-HOWTO-2.html#2.2.x-Requirements">2.2.x �$B%+!<%M%k$NI,MW>r7o�(B</A>
�$B$N>O$K$"$k�(B URL�$B$H�(B
<A HREF="http://ipmasq.cjb.net/">IP �$B%^%9%+%l!<%I$N>pJs8;�(B</A>
�$B$K$"$k:G?7>pJs$H%Q%C%A$N�(B URL �$B$r;2>H$7$F$/$@$5$$!#�(B
<P>
</LI>
<LI>�$B0J2<$K%+!<%M%k$r%3%s%Q%$%k$9$k:]$K:GDc8BI,MW$J%*%W%7%g%s$r�(B
�$B5-$7$^$9!#�(B
�$B%$%s%9%H!<%k$5$l$?%M%C%H%o!<%/%$%s%?!<%U%'!<%9$bF1MM$K@_Dj$9$kI,MW$,�(B
�$B$"$j$^$9!#�(B
�$B%+!<%M%k$r%3%s%Q%$%k$9$kJ}K!$N>\:Y$K$D$$$F$O!"�(B
<A HREF="http://www.linuxdoc.org/HOWTO/Kernel-HOWTO.html">Linux Kernel HOWTO</A>
�$B$H!"%+!<%M%k%=!<%9%G%#%l%/%H%j$N�(B README �$B%U%!%$%k$r;2>H$7$F$/$@$5$$!#�(B
�$B!ZLuCm�(B:
<A HREF="http://www.linux.or.jp/JF/JFdocs/Kernel-HOWTO.html">JF�$B$K$h$k�(B Kernel-HOWTO �$B$NF|K\8lLu$b$"$j$^$9!#�(B</A>
�$B$^$?!"�(B Debian GNU/Linux �$B$G$O!"�(B fakeroot �$B$H�(B kernel-package �$B$H$$$&%Q%C%1!<%8�(B
�$B$rF3F~$9$k$3$H$G!"%+%9%?%`%+!<%M%k$N:n@.$,0lHL%f!<%6$N%[!<%`%G%#%l%/%H%j�(B
�$BG[2<$G!"4JC1$K$G$-$k$h$&$K$J$C$F$$$^$9!#�(B
�$BC"$7!"$3$NJ8=qCf$G<($5$l$k�(B make menuconfig �$B0?$O�(B make xconfig �$B$NFbMF$O�(B
�$B6&DL$G$9!#![�(B
<P>
�$B0J2<$N�(B <B><EM>YES or NO �$B$NA*Br�(B</EM></B> �$B$KCm0U$7$F$/$@$5$$!#�(B
�$BA4$F$N%*%W%7%g%s$O$3$N�(B HOWTO �$B$K$F8e=R$9$k@5$7$$%+!<%M%k%Q%C%A$J$/$7$F!"�(B
�$BM-8z$H$O8B$j$^$;$s!#�(B
</LI>
</UL>
<P>
<BLOCKQUOTE><CODE>
<PRE>
* �$B3+H/Cf$dIT40A4$J%3!<%I�(B/�$B%I%i%$%P$bI=<(�(B (CONFIG_EXPERIMENTAL) [Y/n/?]
- YES: IP MASQ �$B<+BN$G$OI,MW$J$$$1$l$I$b!"$3$N%*%W%7%g%s$G�(B MASQ
�$B%b%8%e!<%k$N:n@.$H%]!<%H%U%)%o!<%G%#%s%0$,<B8=$5$l$^$9!#�(B
-- �$B%^%9%+%l!<%I$KL54X78$N%*%W%7%g%s$rHt$P$7$^$9�(B --
* �$B%m!<%@%V%k!&%b%8%e!<%k$r;HMQ2DG=$K$7$^$9�(B (CONFIG_MODULES) [Y/n/?]
- YES: �$B$3$l$G%+!<%M%k$N�(B IP MASQ �$B$N%b%8%e!<%k$,;H$($k$h$&$K$J$j$^$9!#�(B
-- �$B%^%9%+%l!<%I$KL54X78$N%*%W%7%g%s$rHt$P$7$^$9�(B --
* �$B%M%C%H%o!<%/$N%5%]!<%H�(B (CONFIG_NET) [Y/n/?]
- YES: �$B%M%C%H%o!<%/%5%V%7%9%F%`$rM-8z$K$7$^$9!#�(B
-- �$B%^%9%+%l!<%I$KL54X78$N%*%W%7%g%s$rHt$P$7$^$9�(B --
* Sysctl �$B%5%]!<%H�(B (CONFIG_SYSCTL) [Y/n/?]
- YES: �$B%U%)%o!<%G%#%s%0!"%@%$%J%_%C%/�(B IP �$B!"%k!<%:�(B UDP �$BEy$N%*%W%7%g%s�(B
�$B$rM-8z�(B/�$BL58z$K$7$^$9!#�(B
-- �$B%^%9%+%l!<%I$KL54X78$N%*%W%7%g%s$rHt$P$7$^$9�(B --
* �$B%Q%1%C%H!&%=%1%C%H�(B (CONFIG_PACKET) [Y/m/n/?]
- YES: �$B$3$l$OG$0U$G$9$,!"�(BIP MASQ �$B$KE;$o$k$"$i$f$kLdBj$r%G%P%C%0�(B
�$B$9$k$?$a$K�(B TCP DUMP �$B$r;H$($k$h$&$K$9$k:]$KI,MW$J5!G=$G$9!#�(B
* �$B%+!<%M%k!?%f!<%6�(B �$B%M%C%H%o!<%/!&%j%s%/!&%=%1%C%H�(B (CONFIG_NETLINK) [Y/n/?]
- YES: �$B$3$l$OG$0U$G$9$,!"7PO)>pJsEy$N9bEY$J%U%!%$%"%&%)!<%k$N�(B
�$BLdBjE@$N5-O?$r<h$k$N$KLrN)$A$^$9!#�(B
�$B!ZLuCm�(B: �$B$3$NItJ,$O!"<B:]$O!V%+!<%M%k!?%f!<%6�(B �$B%M%C%H%o!<%/!&%j%s%/!&%I%i%$%P�(B
(Kernel/User network link driver) �$B!W$H$J$C$F$$$^$9!#![�(B
* �$B%k!<%F%#%s%0!&%a%C%;!<%8�(B (CONFIG_RTNETLINK) [Y/n/?]
- NO: �$B$3$N%*%W%7%g%s$O%Q%1%C%H%U%!%$%"%&%)!<%k$N5-O?$r<h$k$3$H$H$O�(B
�$BL54X78$G$9!#�(B
-- �$B%^%9%+%l!<%I$KL54X78$N%*%W%7%g%s$rHt$P$7$^$9�(B --
* �$B%U%!%$%"%&%)!<%k5!G=�(B (CONFIG_FIREWALL) [Y/n/?]
- YES: �$B%+!<%M%k$K�(B IPCHAINS �$B%U%!%$%"%&%)!<%k%D!<%k$K$h$k@_Dj$,$G$-$k�(B
�$B$h$&$K$7$^$9!#�(B
* �$B%=%1%C%H$G$NJ,JL�(B (CONFIG_FILTER) [Y/n/?]
- �$BG$0U�(B: �$B$3$l$O�(B IPMASQ �$B$HL54X78$G$9$,!"FbIt%M%C%H%o!<%/$K�(B DHCP �$B%5!<%P�(B
�$B$r<BAu$9$k$J$i!"$3$N%*%W%7%g%s$,I,MW$K$J$j$^$9!#�(B
* Unix �$B%I%a%$%s!&%=%1%C%H�(B (CONFIG_UNIX) [Y/m/n/?]
- YES: �$B$3$l$G�(B UNIX TCP/IP �$B%=%1%C%H5!9=$rM-8z$K$7$^$9!#�(B
* TCP/IP �$B%M%C%H%o!<%-%s%0�(B (CONFIG_INET) [Y/n/?]
- YES: TCP/IP �$B%W%m%H%3%k$rM-8z$K$7$^$9!#�(B
-- �$B%^%9%+%l!<%I$KL54X78$N%*%W%7%g%s$rHt$P$7$^$9�(B --
* IP: �$B9b5!G=%k!<%?�(B (CONFIG_IP_ADVANCED_ROUTER) [Y/n/?]
- YES: �$B$3$l0J9_$N9b5!G=�(B MASQ �$B%*%W%7%g%s$N@_Dj$,M-8z$K$J$j$^$9!#�(B
* IP: �$B%]%j%7!<%k!<%F%#%s%0�(B (CONFIG_IP_MULTIPLE_TABLES) [N/y/?]
- NO: MASQ �$B$G$OITMW$G$9$,!"�(B TCP/IP �$BH/?.85%"%I%l%9$rMQ$$$k$+!"�(B
�$B0?$O�(B TOS (Type-Of-Service) �$BCM$rMQ$$$k%k!<%F%#%s%0Ey$N9b5!G=�(B
�$B$rI,MW$H$9$k?M$O$3$N%*%W%7%g%s$,I,MW$G$9!#�(B
* IP: �$BEy2A%3%9%HB?=E%Q%9�(B (CONFIG_IP_ROUTE_MULTIPATH) [N/y/?]
- NO: �$BDL>o$N�(B MASQ �$B5!G=$K$OITMW$G$9!#�(B
* IP: �$B7PO)7hDj4p=`$H$7$F�(B TOS �$BCM$r;HMQ$9$k�(B (CONFIG_IP_ROUTE_TOS) [N/y/?]
- NO: �$BDL>o$N�(B MASQ �$B5!G=$K$OITMW$G$9!#�(B
* IP: �$B>iD9$J7PO)4F;k�(B (CONFIG_IP_ROUTE_VERBOSE) [Y/n/?]
- YES:
IP �$B%"%I%l%9$r:>>N$7$?%Q%1%C%H$rGK4~$7!"%m%05-O?$9$k%k!<%F%#%s%0�(B
�$B%3!<%I$r;H$&:]$K$OJXMx$G$9�(B (�$B6/$/$*A&$a$7$^$9�(B) �$B!#�(B
* IP: �$BBg$-$J%k!<%F%#%s%0%F!<%V%k�(B (CONFIG_IP_ROUTE_LARGE_TABLES) [N/y/?]
- NO: �$BDL>o$N�(B MASQ �$B5!G=$K$OITMW$G$9!#�(B
* IP: �$B%+!<%M%k%l%Y%k$N<+F09=@.�(B (CONFIG_IP_PNP) [N/y/?] ?
- NO: �$BDL>o$N�(B MASQ �$B5!G=$K$OITMW$G$9!#�(B
* IP: �$B%U%!%$%"%&%)!<%k�(B (CONFIG_IP_FIREWALL) [Y/n/?]
- YES: �$B%U%!%$%"%&%)!<%k5!G=$rM-8z$K$7$^$9!#�(B
* IP: �$B%U%!%$%"!<%&%)!<%k$N%Q%1%C%H!&%M%C%H%j%s%/!&%G%P%$%9�(B (CONFIG_IP_FIREWALL_NETLINK) [Y/n/?]
- �$BG$0U�(B: �$BG$0U$G$9$,!"$3$N5!G=$O�(B IPCHAINS �$B$+$i%3%T!<$7$?%Q%1%C%H�(B
�$B$r%f!<%66u4V$N%W%m%0%i%`$KEO$7$F%A%'%C%/$9$k$3$H$r<B8=$7$^$9!#�(B
* IP: �$BF)2a%W%m%-%7$N%5%]!<%H�(B (CONFIG_IP_TRANSPARENT_PROXY) [N/y/?]
- NO: �$BDL>o$N�(B MASQ �$B5!G=$K$OITMW$G$9!#�(B
�$B!ZLuCm�(B: �$B$3$NItJ,$O!"<B:]$O!VEy2A%W%m%-%7�(B (IP: transparent proxying)�$B!W�(B
�$B$H$J$C$F$$$^$9!#![�(B
* IP: �$B%^%9%+%l!<%G%#%s%0�(B (CONFIG_IP_MASQUERADE) [Y/n/?]
- YES: �$BFbIt%M%C%H%o!<%/$N�(B TCP/IP �$B%Q%1%C%H$r30It%M%C%H%o!<%/$N�(B
�$B$b$N$K=q$-49$($k!"�(B IP �$B%^%9%+%l!<%I$rM-8z$K$7$^$9!#�(B
* IP: ICMP �$B%^%9%+%l!<%G%#%s%0�(B (CONFIG_IP_MASQUERADE_ICMP) [Y/n/?]
- YES: ICMP ping �$B%Q%1%C%H$N%^%9%+%l!<%G%#%s%0$r<B8=$7$^$9�(B
(ICMP �$B$N%(%i!<%3!<%I$O!"$3$N%*%W%7%g%s$N@_Dj$K4X78$J$/%^%9%+%l!<%I�(B
�$B$5$l$^$9�(B)�$B!#�(B
�$B@\B3$N%H%i%V%k%7%e!<%F%#%s%0$KI,?\$N5!G=$G$9!#�(B
* IP: �$B%^%9%+%l!<%G%#%s%0MQFC<l%b%8%e!<%k$N%5%]!<%H�(B (CONFIG_IP_MASQUERADE_MOD) [Y/n/?]
- YES: �$B$G$bG$0U$G$9!#�(B
�$B$3$N%*%W%7%g%s$O!"$3$l0J9_$N%*%W%7%g%s$G30B&$N%M%C%H%o!<%/>e$N�(B
�$B%3%s%T%e!<%?$H�(B MASQ �$B$5$l$?FbIt%M%C%H%o!<%/>e$N%^%7%sF1;N$rD>@\E*�(B
�$B$K@\B3$9$k�(B TCP/IP �$B%]!<%H%U%)%o!<%G%#%s%0$rM-8z$K$9$k$b$N$G$9!#�(B
* IP: ipautofw �$B%^%9%+%l!<%I$N%5%]!<%H�(B(EXPERIMENTAL) (CONFIG_IP_MASQUERADE_IPAUTOFW) [N/y/m/?]
- NO: IPautofw �$B$O�(B �$B%]!<%H%U%)%o!<%G%#%s%0$N8E$$J}K!$G$9!#�(B
�$BKX$I$,8E$$%3!<%I$G@j$a$i$l!"4v$D$+$NLdBjE@$b8+$D$+$C$F$*$j$^$9!#�(B
�$B$*A&$a�(B*�$B$7$^$;$s�(B*�$B!#�(B
�$B!ZLuCm�(B: �$B86J8$O�(B ipautofw masq support �$B$H$J$C$F$$$^$9$,!"<B:]$O�(B
ipautofw masquerade support �$B$H$J$C$F$$$^$9!#![�(B
* IP: ipportfw �$B%^%9%+%l!<%I!&%5%]!<%H�(B (EXPERIMENTAL) (CONFIG_IP_MASQUERADE_IPPORTFW) [Y/m/n/?]
- YES:
�$B30B&$N%M%C%H%o!<%/>e$N%3%s%T%e!<%?$H�(B MASQ �$B$5$l$?FbIt%M%C%H%o!<%/�(B
�$B>e$N%^%7%sF1;N$rD>@\E*$K@\B3$9$k�(B IPPORTFW �$B$rM-8z$K$7$^$9!#�(B
�$BBg35!"$3$N5!G=$OFbIt$N�(B SMTP, TELNET, �$B5Z$S�(B WWW �$B%5!<%P$X$N%"%/%;%9�(B
�$B$KMQ$$$i$l$^$9!#�(B
FTP �$B%]!<%H%U%)%o!<%G%#%s%0$O$3$N�(B MASQ HOWTO �$B$N�(B FAQ �$B$N>O$K>\=R�(B
�$B$5$l$F$$$kDI2C$N%Q%C%A$,I,MW$G$9!#�(B
�$B%]!<%H%U%)%o!<%G%#%s%0$K4X$9$k$h$j>\:Y$J>pJs$O!"$3$N�(B HOWTO �$B$N�(B
�$B%U%)%o!<%I$N>O$K$"$j$^$9!#�(B
�$B!ZLuCm�(B: �$B86J8$G$O�(B EXPERIMENTAL �$B$G$9$,!"<B:]$O%+!<%M%k�(B 2.2.0 �$B0J9_!"�(B
EXPERIMENTAL �$B$,<h$l$F$$$^$9!#![�(B
* IP: ip fwmark �$B%^%9%+%l!<%I!&%U%)%o!<%G%#%s%0!&%5%]!<%H�(B (EXPERIMENTAL) (CONFIG_IP_MASQUERADE_MFW) [Y/m/n/?]
- �$BG$0U�(B: �$B$3$l$O�(B PORTFW �$B$N?7$7$$J}K!$G$9!#�(B
�$B$3$N%*%W%7%g%s$K$h$C$F!"�(B IPCHAINS �$B$O99$J$kF/$-$,M-8z$K$J$j!"�(B
�$B%Q%1%C%H$K0u$rIU$1$i$l$k$h$&$K$J$j$^$9!#�(B
IPMASQADM �$B$d�(B IPPORFW �$BEy$N%f!<%66u4V%D!<%k$rMQ$$$F!"�(BIPCHAINS
�$B$O<+F0E*$K%Q%1%C%H$N%"%I%l%9$r=q$-49$($^$9!#�(B
�$B8=>u$G$O!"�(B PORTFW �$B$h$j$O%F%9%H$5$l$F$$$^$;$s$,!"?.Mj$G$-$k$G$7$g$&!#�(B
�$B8=:_!"�(B IPMASQADM �$B5Z$S�(B IPPORTFW �$B$N;HMQ$,?d>)$5$l$F$$$^$9!#�(B
�$B$3$N�(B MFW �$B$K9M$($,$*$"$j$G$7$?$i!"%a!<%k$r$*4j$$$7$^$9!#�(B
�$B!ZLuCm�(B: �$B<B:]$O�(B IP: ipmarkfw masquerade support �$B$H!"�(B forwarding �$B$,�(B
�$B<h$l$F$$$^$9!#![�(B
* IP: �$B%[%9%H$G$O$J$/%k!<%?$H$7$F:GE,2=$9$k�(B (CONFIG_IP_ROUTER) [Y/n/?]
- YES: �$B$3$l$O%+!<%M%k$r%M%C%H%o!<%/%5%V%7%9%F%`$N0Y$K:GE,2=�(B
�$B$7$^$9$,!"$3$l$K$h$C$F%Q%U%)!<%^%s%9$K=EBg$J1F6A$r5Z$\$9$H$O�(B
�$BG'$a$i$l$^$;$s!#�(B
* IP: �$B%H%s%M%j%s%0�(B (CONFIG_NET_IPIP) [N/y/m/?]
- NO: �$B$3$NG$0U$NA*Br$O�(B IP �$B%^%9%+%l!<%I$rDL$8$k�(B IPIP �$B%H%s%M%k�(B
�$B$N0Y$K$"$j$^$9!#�(B
�$B%H%s%M%j%s%0�(B/VPN �$B5!G=$r$*K>$_$J$i!"�(B GRE �$B0?$O�(B IPSEC �$B%H%s%M%k$N�(B
�$B;HMQ$r$*A&$a$7$^$9!#�(B
* IP: IP �$B1[$7$N�(B GRE �$B%H%s%M%k�(B (CONFIG_NET_IPGRE) [N/y/m/?]
- NO: �$B$3$NG$0U$NA*Br$O!"�(B IP MASQ �$B%\%C%/%9$rDL$8$k�(B PPTP�$B$H�(B GRE
�$B%H%s%M%k$r<B8=$5$;$k0Y$K$"$j$^$9!#�(B
-- �$B%^%9%+%l!<%I$KL54X78$N%*%W%7%g%s$rHt$P$7$^$9�(B --
* IP: TCP syn �$B%/%C%-!<$N%5%]!<%H�(B (�$B%G%U%)%k%H$G$OL58z�(B) (CONFIG_SYN_COOKIES) [Y/n/?]
- YES: �$B4pK\E*$J�(B TCP/IP �$B%M%C%H%o!<%/%;%-%e%j%F%#$N0Y$K6/$/$*A&$a$7$^$9!#�(B
�$B!ZLuCm�(B: �$B<B:]$O�(B SYN flood protection (SYN �$B967b$+$i$NKI8f�(B)
�$B$H$$$&L>>N$K$J$C$F$$$^$9!#![�(B
-- �$B%^%9%+%l!<%I$KL54X78$N%*%W%7%g%s$rHt$P$7$^$9�(B --
* IP: �$B%&%#%s%I%&$rBg$-$/$7$^$9�(B (�$B%a%b%j$,�(B 16 MB �$BL$K~$N>l9g$O4+$a$^$;$s�(B) (CONFIG_SKB_LARGE) [Y/n/?]
- YES: Linux �$B$N�(B TCP �$B%&%#%s%I%&$r:GE,2=$9$k0Y$K$*A&$a$7$^$9!#�(B
-- �$B%^%9%+%l!<%I$KL54X78$N%*%W%7%g%s$rHt$P$7$^$9�(B --
* �$B%M%C%H%o!<%/%G%P%$%9$N%5%]!<%H�(B (CONFIG_NETDEVICES) [Y/n/?]
- YES: Linux �$B%M%C%H%o!<%/%G%P%$%9AX$rM-8z$K$7$^$9!#�(B
-- �$B%^%9%+%l!<%I$KL54X78$N%*%W%7%g%s$rHt$P$7$^$9�(B --
* �$B%M%C%H%o!<%/MQ%@%_!<%I%i%$%P$N%5%]!<%H�(B (CONFIG_DUMMY) [M/n/y/?]
- YES: �$BG$0U$G$9$,!"$3$N%*%W%7%g%s$OLdBj$N%G%P%C%0$r=u$1$^$9!#�(B
== �$B%M%C%H%o!<%/%+!<%I$N%5%]!<%H$r%3%s%Q%$%k$7K:$l$J$$$G$/$@$5$$�(B!! ==
-- �$B%^%9%+%l!<%I$KL54X78$N%*%W%7%g%s$rHt$P$7$^$9�(B --
== �$B%b%G%`0?$O�(B PPPoE DSL �$B%b%G%`$r$*;}$A$NJ}$O�(B PPP/SLIP �$B$N%5%]!<%H$r�(B
�$B%3%s%Q%$%k$7K:$l$J$$$G$/$@$5$$!#�(B ==
-- �$B%^%9%+%l!<%I$KL54X78$N%*%W%7%g%s$rHt$P$7$^$9�(B --
* /proc �$B%U%!%$%k%7%9%F%`$N%5%]!<%H�(B (CONFIG_PROC_FS) [Y/n/?]
- YES: Linux �$B%M%C%H%o!<%/%U%)%o!<%G%#%s%0$rM-8z$K$9$k0Y$KI,MW$G$9!#�(B
</PRE>
</CODE></BLOCKQUOTE>
<P>
<P>�$BCm0U�(B - �$B$3$l$i$O�(B IP �$B%^%9%+%l!<%I$N0Y$@$1$KI,MW$JMWAG$G$9!#�(B
�$B$"$J$?$N%7%9%F%`$KFCM-$J!"B>$N@_Dj9`L\$bA*Br$9$kI,MW$,$"$j$^$9!#�(B
<P>
<P>
<UL>
<LI>�$B%+!<%M%k$r%3%s%Q%$%k$7$?8e!"0J2<$N$h$&$K�(B IP MASQ �$B%b%8%e!<%k$r�(B
�$B%3%s%Q%$%k$7$F!"%$%s%9%H!<%k$7$F$/$@$5$$�(B -
<BLOCKQUOTE><CODE>
<PRE>
make modules; make modules_install
</PRE>
</CODE></BLOCKQUOTE>
<P>
</LI>
<LI>�$B<!$K!"%j%V!<%H8e�(B IP �$B%^%9%+%l!<%I%b%8%e!<%k$rFI$_9~$^$;!"�(B
IP MASQ �$B$r<+F0E*$KM-8z$K$9$k0Y$K!"�(B <CODE>/etc/rc.d/rc.local</CODE> �$B$K�(B
�$B2?9T$+DI2C$7$^$9�(B -
<P>
<BLOCKQUOTE><CODE>
<PRE>
.
.
.
#rc.firewall script - Start IPMASQ and the firewall
/etc/rc.d/rc.firewall
.
.
.
</PRE>
</CODE></BLOCKQUOTE>
<P>
</LI>
</UL>
<P>
<P>
<H3>Linux 2.0.x �$B%+!<%M%k�(B</H3>
<P>
<P><B>�$BI,MW$H$5$l$k%=%U%H%&%'%"$d%Q%C%AEy$O�(B
<A HREF="IP-Masquerade-HOWTO-2.html#2.0.x-Requirements">2.0.x �$B%+!<%M%k$NI,MW>r7o�(B</A>
�$B$N>O$r$4Mw$/$@$5$$!#�(B</B>
<P>
<UL>
<LI>�$B$^$:Bh0l$K!"%+!<%M%k%=!<%9$,I,MW$G$9!#�(B (�$BK>$^$7$/$O�(B 2.0.38 �$B0J9_$N�(B
�$B:G?7$N%+!<%M%k$,NI$$$G$9!#�(B)
<P>
</LI>
<LI>�$B%+!<%M%k$N%3%s%Q%$%k$,=i$a$F$G$b!"62$,$k$3$H$O$"$j$^$;$s!#�(B
�$B<B$N=j$+$J$j4JC1$G$9$7!"�(B
<A HREF="IP-Masquerade-HOWTO-2.html#2.0.x-Requirements">2.0.x �$B%+!<%M%k$NI,MW>r7o�(B</A>
�$B$N>O$G<($94v$D$+$N�(B URL �$B$G$b07$o$l$F$$$^$9!#�(B
<P>
</LI>
<LI>�$B<!$N%3%^%s%I$K$F%+!<%M%k%=!<%9$r�(B <CODE>/usr/src/</CODE> �$B%G%#%l%/%H%j$X�(B
�$BE83+$7$F$/$@$5$$�(B - <CODE>tar xvzf linux-2.0.x.tar.gz -C /usr/src</CODE>
�$B$3$3$G!"�(B2.0.x �$B$N�(B "x" �$B$O�(B Linux 2.0 �$B%+!<%M%k$N8=:_$N%P!<%8%g%s%J%s%P!<�(B
�$B$G$9!#�(B
�$B40N;$7$^$7$?$i!"�(B <CODE>/usr/src/linux/</CODE> �$B$H$$$&%G%#%l%/%H%j$,$"$k$+!"�(B
�$B$^$?$O%7%s%\%j%C%/%j%s%/$,D%$i$l$F$$$k$3$H$r3NG'$7$F$/$@$5$$!#�(B
<P>
</LI>
<LI>�$BE,Ev$J!"0?$OG$0U$N%Q%C%A$r%+!<%M%k%=!<%9%3!<%I$KEv$F$F$/$@$5$$!#�(B
�$B%+!<%M%k�(B 2.0.36 �$B$N;~E@$G$O!"�(B IP Masq �$B$r2TF/$5$;$k0Y$NFC<l$J%Q%C%AEy�(B
�$B$OITMW$G$9!#�(B
IPPORTFW, PPTP �$B5Z$S�(B Xwindow �$B$N%U%)%o!<%G%#%s%0$N5!G=$O%*%W%7%g%s$G$9!#�(B
<A HREF="IP-Masquerade-HOWTO-2.html#2.0.x-Requirements">2.0.x �$B%+!<%M%k$NI,MW>r7o�(B</A>
�$B$N>O$K$"$k�(B URL�$B$H�(B
<A HREF="http://ipmasq.cjb.net/">IP �$B%^%9%+%l!<%I$N>pJs8;�(B</A>
�$B$K$"$k:G?7>pJs$H%Q%C%A$N�(B URL �$B$r;2>H$7$F$/$@$5$$!#�(B
<P>
</LI>
<LI>�$B0J2<$K%+!<%M%k$r%3%s%Q%$%k$9$k:]$K:GDc8BI,MW$J%*%W%7%g%s$r�(B
�$B5-$7$^$9!#�(B
�$B%$%s%9%H!<%k$5$l$?%M%C%H%o!<%/%$%s%?!<%U%'!<%9$bF1MM$K@_Dj$9$kI,MW$,�(B
�$B$"$j$^$9!#�(B
�$B%+!<%M%k$r%3%s%Q%$%k$9$kJ}K!$N>\:Y$K$D$$$F$O!"�(B
<A HREF="http://www.linuxdoc.org/HOWTO/Kernel-HOWTO.html">Linux Kernel HOWTO</A>
�$B$H!"%+!<%M%k%=!<%9%G%#%l%/%H%j$N�(B README �$B%U%!%$%k$r;2>H$7$F$/$@$5$$!#�(B
�$B!ZLuCm�(B:
<A HREF="http://www.linux.or.jp/JF/JFdocs/Kernel-HOWTO.html">JF�$B$K$h$k�(B Kernel-HOWTO �$B$NF|K\8lLu$b$"$j$^$9!#�(B</A> �$B![�(B
<P>
�$B0J2<$N�(B <B><EM>YES or NO �$B$NA*Br�(B</EM></B> �$B$KCm0U$7$F$/$@$5$$!#�(B
�$BA4$F$N%*%W%7%g%s$O$3$N�(B HOWTO �$B$K$F8e=R$9$k@5$7$$%+!<%M%k%Q%C%A$J$/$7$F!"�(B
�$BM-8z$H$O8B$j$^$;$s!#�(B
</LI>
</UL>
<P>
<BLOCKQUOTE><CODE>
<PRE>
* �$B3+H/Cf$dIT40A4$J%3!<%I�(B/�$B%I%i%$%P$bI=<(�(B (CONFIG_EXPERIMENTAL) [Y/n/?]
- YES: �$B$3$N%*%W%7%g%s$G�(B IP �$B%^%9%+%l!<%I5!G=$N%3!<%I$,A*Br�(B
�$B$G$-$k$h$&$K$J$j$^$9!#�(B
* �$B%m!<%@%V%k!&%b%8%e!<%k$r;HMQ2DG=$K$7$^$9�(B (CONFIG_MODULES) [Y/n/?]
- YES: �$B$3$l$G%+!<%M%k$N�(B IP MASQ �$B$N%b%8%e!<%k$,;H$($k$h$&$K$J$j$^$9!#�(B
* �$B%M%C%H%o!<%/$N%5%]!<%H�(B (CONFIG_NET) [Y/n/?]
- YES: �$B%M%C%H%o!<%/%5%V%7%9%F%`$rM-8z$K$7$^$9!#�(B
* �$B%U%!%$%"%&%)!<%k5!G=�(B (CONFIG_FIREWALL) [Y/n/?]
- YES: IPFWADM �$B%U%!%$%"%&%)!<%k%D!<%k$rM-8z$K$7$^$9!#�(B
* TCP/IP �$B%M%C%H%o!<%-%s%0�(B (CONFIG_INET)
- YES: TCP/IP �$B%W%m%H%3%k$rM-8z$K$7$^$9!#�(B
* IP: �$B%U%)%o!<%G%#%s%0�(B/�$B%2!<%H%&%'%$%s%0�(B (CONFIG_IP_FORWARD)
- YES: IPFWADM �$B$K$F@)8f$5$l$k�(B Linux �$B%M%C%H%o!<%/$N%Q%1%C%HE>Aw$H�(B
�$B%k!<%F%#%s%0$rM-8z$K$7$^$9!#�(B
* IP: syn �$B%/%C%-!<�(B (CONFIG_SYN_COOKIES) [Y/n/?]
- YES: �$B4pK\E*$J%M%C%H%o!<%/%;%-%e%j%F%#$N0Y$K6/$/$*A&$a$7$^$9!#�(B
* IP: �$B%U%!%$%"%&%)!<%j%s%0�(B (CONFIG_IP_FIREWALL) [Y/n/?]
- YES: �$B%U%!%$%"%&%)!<%k5!G=$rM-8z$K$7$^$9!#�(B
* IP: �$B%U%!%$%"%&%)!<%k$N%Q%1%C%H5-O?�(B (CONFIG_IP_FIREWALL_VERBOSE) [Y/n/?]
- YES: (�$BG$0U$G$9$,6/$/$*A&$a$7$^$9�(B) - �$B%U%!%$%"%&%)!<%k$K0z$C$+$+$C$?�(B
�$B%Q%1%C%H$r%m%0$K5-O?$7$^$9!#�(B
* IP: �$B%^%9%+%l!<%G%#%s%0�(B (CONFIG_IP_MASQUERADE [Y/n/?]
- YES: �$BFbIt%M%C%H%o!<%/$N�(B TCP/IP �$B%Q%1%C%H$r30It%M%C%H%o!<%/$N$b$N$K�(B
�$B=q$-49$($k!"�(B IP �$B%^%9%+%l!<%I$rM-8z$K$7$^$9!#�(B
* IP: ipautofw �$B%^%9%+%l!<%I$N%5%]!<%H�(B (EXPERIMENTAL) (CONFIG_IP_MASQUERADE_IPAUTOFW) [Y/n/?]
- NO: IPautofw �$B$O�(B �$B%]!<%H%U%)%o!<%G%#%s%0$N8E$$J}K!$G$9!#�(B
�$BF0:n$O$7$^$9$,!"�(B IPPORTFW �$B$NJ}$,NI$$J}K!$G$9$N$G!"�(B IPAUTOFW �$B$O�(B
�$B$*A&$a$7$^$;$s!#�(B
* IP: ipportfw �$B%^%9%+%l!<%I!&%5%]!<%H�(B (EXPERIMENTAL) (CONFIG_IP_MASQUERADE_IPPORTFW) [Y/n/?]
- YES: �$B$3$N%*%W%7%g%s$O�(B 2.0.x �$B%+!<%M%k$N%Q%C%A$G$N$_M-8z$G$9!#�(B
�$B$3$N%*%W%7%g%s$G!"%$%s%?!<%M%C%H>e$N30B&$N%3%s%T%e!<%?$H�(B MASQ
�$B$5$l$?FbIt%M%C%H%o!<%/>e$N%^%7%sF1;N$,D>@\E*$K@\B3$G$-$k$h$&$K�(B
�$B$J$j$^$9!#�(B
�$BBg35!"$3$N5!G=$OFbIt$N�(B SMTP, TELNET, �$B5Z$S�(B WWW �$B%5!<%P$X$N%"%/%;%9$K�(B
�$BMQ$$$i$l$^$9!#�(B
FTP �$B%]!<%H%U%)%o!<%G%#%s%0$O$3$N�(B FAQ �$B$N>O$K>\=R$5$l$F$$$kDI2C$N�(B
�$B%Q%C%A$,I,MW$K$J$k$G$7$g$&!#�(B
�$B%]!<%H%U%)%o!<%G%#%s%0$K4X$9$k$h$j>\:Y$J>pJs$O!"$3$N�(B HOWTO �$B$N�(B
�$B%U%)%o!<%I$N>O$K$"$j$^$9!#�(B
* IP: ICMP �$B%^%9%+%l!<%G%#%s%0�(B (CONFIG_IP_MASQUERADE_ICMP) [Y/n/?]
- YES: ICMP ping �$B%Q%1%C%H$N%^%9%+%l!<%G%#%s%0$r<B8=$7$^$9!#�(B
�$BG$0U$H;W$o$l$^$9$,!"B?$/$N%W%m%0%i%`$,�(B ICMP �$B%5%]!<%H$J$/$7$F�(B
�$B40A4$K$O5!G=$7F@$J$$$G$7$g$&!#�(B
* IP: loose UDP �$B%]!<%H%U%)%o!<%G%#%s%0�(B (EXPERIMENTAL) (CONFIG_IP_MASQ_LOOSE_UDP) [Y/n/?]
- YES: �$B$3$N%*%W%7%g%s$O�(B 2.0.x �$B%+!<%M%k$K%Q%C%A$rE,MQ$9$k$3$H$K�(B
�$B$h$C$F$N$_M-8z$G$9!#�(B
�$B$3$N%*%W%7%g%s$G!"%$%s%?!<%M%C%H$r7PM3$9$k!"�(B NAT �$B$rMQ$$$k$h$&$J�(B
�$B%M%C%H%o!<%/BP@o7?%2!<%`$,!"%^%9%+%l!<%I$5$l$?FbIt%M%C%H%o!<%/>e$N�(B
�$B%3%s%T%e!<%?$G=PMh$k$h$&$K$J$j$^$9!#�(B
�$B>\:Y$K$D$$$F$O$3$N�(B HOWTO �$B$N�(B FAQ �$B$N>O$K7G:\$7$F$$$^$9!#�(B
* IP: �$B>o$K%G%U%i%0%a%s%H$9$k�(B (CONFIG_IP_ALWAYS_DEFRAG) [Y/n/?]
- YES: �$B$3$N5!G=$O�(B IP MASQ �$B@\B3$r:GE,2=$7$^$9!#�(B- �$B6/$/$*A&$a$7$^$9!#�(B
* IP: �$B%[%9%H$H$7$F$G$O$J$/%k!<%?$H$7$F:GE,2=$9$k�(B (CONFIG_IP_ROUTER) [Y/n/?]
- YES: �$B$3$l$K$h$C$F%+!<%M%k$r%M%C%H%o!<%/%5%V%7%9%F%`$H$7$F�(B
�$B:GE,2=$7$^$9!#�(B
* IP: �$BH/?.85%"%I%l%9$G7PO)IU$1$5$l$?%U%l!<%`$rGK4~$9$k�(B (CONFIG_IP_NOSR) [Y/n/?]
- YES: �$B4pK\E*$J%M%C%H%o!<%/%;%-%e%j%F%#$N0Y$K6/$/$*A&$a$7$^$9!#�(B
* �$B%M%C%H%o!<%/MQ%@%_!<%I%i%$%P$N%5%]!<%H�(B (CONFIG_DUMMY) [M/n/y/?]
- YES: �$BG$0U$G$9$,!"$3$N%*%W%7%g%s$OLdBj$r%G%P%C%0$9$k:]$N�(B
�$B=u$1$K$J$j$^$9!#�(B
* /proc �$B%U%!%$%k%7%9%F%`$N%5%]!<%H�(B (CONFIG_PROC_FS) [Y/n/?]
- YES: Linux �$B%+!<%M%k$,%M%C%H%o!<%/>e$G%Q%1%C%H$rE>Aw$9$k�(B
�$B5!G=$rM-8z$K$9$k0Y$KI,MW$G$9!#�(B
</PRE>
</CODE></BLOCKQUOTE>
<P>
<P>�$BCm0U�(B - �$B$3$l$i$O�(B IP �$B%^%9%+%l!<%I$N0Y$@$1$KI,MW$JMWAG$G$9!#�(B
�$B$"$J$?$N%M%C%H%o!<%/$d%O!<%I%&%'%"$KFCM-$JB>$N@_Dj9`L\$bA*Br$9$k�(B
�$BI,MW$,$"$j$^$9!#�(B
<P>
<UL>
<LI>�$B%+!<%M%k$r%3%s%Q%$%k$7$?8e!"0J2<$N$h$&$K�(B IP MASQ �$B%b%8%e!<%k$r�(B
�$B%3%s%Q%$%k$7$F!"%$%s%9%H!<%k$7$F$/$@$5$$�(B -
<BLOCKQUOTE><CODE>
<PRE>
make modules; make modules_install
</PRE>
</CODE></BLOCKQUOTE>
</LI>
<LI>�$B<!$K!"�(B IP �$B%^%9%+%l!<%I%9%/%j%W%H$rFI$_9~$^$;!"%j%V!<%H$NEYKh$K�(B
IP MASQ �$B$r<+F0E*$KM-8z$K$9$k0Y$K!"�(B <CODE>/etc/rc.d/rc.local</CODE> �$B$K2?9T$+�(B
�$BDI2C$7$^$9�(B -
<BLOCKQUOTE><CODE>
<PRE>
.
.
.
#rc.firewall script - Start IPMASQ and the firewall
/etc/rc.d/rc.firewall
.
.
.
</PRE>
</CODE></BLOCKQUOTE>
</LI>
</UL>
<P>
<P>
<H3>Linux 2.3.x / 2.4.x �$B%+!<%M%k�(B</H3>
<P>
<P><B>�$B$3$N�(B HOWTO �$B$G$O�(B 2.3.x �$B$H�(B 2.4.x �$B%+!<%M%k$OL$$@<h$j07$C$F$$$^$;$s!#�(B
<A HREF="IP-Masquerade-HOWTO-2.html#2.3.x/2.4.x-Requirements">2.3.x/2.4.x �$B%+!<%M%k$NI,MW>r7o�(B</A>
�$B$N>O$K5-$5$l$k�(B URL �$B$r;2>H$9$k$+!"$=$l$i$r<h$j07$C$F$$$k?7$7$$�(B HOWTO
�$B$r;2>H$7$F$/$@$5$$!#�(B</B>
<P>
<H2><A NAME="ss3.2">3.2 �$B%W%i%$%Y!<%H%M%C%H%o!<%/�(B IP �$B%"%I%l%9$rFbIt�(B LAN �$B$K3d$jEv$F$k�(B</A>
</H2>
<P>
<P>�$BA4$F$N�(B <B>�$BFbIt%M%C%H%o!<%/>e$G�(B MASQ �$B$5$l$?�(B</B> �$B%^%7%s$O!"�(B
�$B%$%s%?!<%M%C%H$G8x<0$K3d$jEv$F$i$l$?%"%I%l%9$r;}$D$Y$-�(B*�$B$G$O$"$j$^$;$s�(B*�$B!#�(B
�$B$G$9$N$G!"%$%s%?!<%M%C%H>e$N%"%I%l%9$H$V$D$+$i$:$K!"FbIt%M%C%H%o!<%/$N�(B
�$B%^%7%s$K%"%I%l%9$r3NJ]$9$k0Y$N!"FC<l$GE,@Z$JJ}K!$,B8:_$7$J$1$l$P�(B
�$B$J$j$^$;$s!#�(B
<P>>�$B%*%j%8%J%k$N�(B IP �$B%^%9%+%l!<%I�(B FAQ �$B$h$j�(B -
<P>
<A HREF="http://www.cis.ohio-state.edu/htbin/rfc/INDEX.rfc.html">RFC 1918</A>
�$B$O%$%s%?!<%M%C%H$XD>@\@\B3$5$l$J$$$+!"$^$?$O�(B "�$B%W%i%$%Y!<%H�(B"
�$B%M%C%H%o!<%/$KMQ$$$i$l$k�(B IP �$B%"%I%l%9$K4X$9$k8x<0J8=q$G$9!#�(B
�$B$3$NMQES$N0Y$KFCJL$K3d$jEv$F$i$l$?�(B 3�$B$D$N�(B IP �$B%"%I%l%9$N%V%m%C%/�(B
�$B$,$"$j$^$9!#�(B
<P>
<BLOCKQUOTE><CODE>
<PRE>
Section 3 - �$B%W%i%$%Y!<%H%"%I%l%96u4V�(B
Internet Assigned Numbers Authority (IANA) �$B$O!"�(BIP �$B%"%I%l%96u4V$N$&$A�(B
�$B0J2<$N�(B3�$B$D$N%V%m%C%/$r%W%i%$%Y!<%H%M%C%H%o!<%/MQ$KM=Ls$7$F$$$^$9!#�(B
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
�$B:G=i$N%V%m%C%/$O!V�(B24�$B%S%C%H%V%m%C%/!W!"�(B2�$BHVL\$N%V%m%C%/$O!V�(B20�$B%S%C%H�(B
�$B%V%m%C%/!W!"�(B3�$BHVL\$N%V%m%C%/$O!V�(B16�$B%S%C%H!W%V%m%C%/$H8F$P$l$^$9!#�(B
�$B:G=i$N%V%m%C%/$OC10l$N%/%i%9�(B A �$B%M%C%H%o!<%/HV9f0J30$N$J$K$b$N$G$b$J$/!"�(B
2�$BHVL\$N%V%m%C%/$OO"B3$9$k�(B16�$B8D$N%/%i%9�(B B �$B%M%C%H%o!<%/HV9f$N=89g$G$"$j!"�(B
3�$BHVL\$N%V%m%C%/$OO"B3$9$k�(B255�$B8D$N%/%i%9�(B C �$B%M%C%H%o!<%/HV9f$N=89g$G$"$k$3$H$K�(B
�$BCm0U$7$F$/$@$5$$!#�(B
</PRE>
</CODE></BLOCKQUOTE>
�$B;29M$N0Y$K!";d$O�(B 192.168.0.0 �$B$N%M%C%H%o!<%/%"%I%l%9$H�(B 255.255.255.0
�$B$N�(B Class-C �$B%5%V%M%C%H%^%9%/$rA*Br$7$F$*$j!"$3$N�(B HOWTO �$B$K$*$$$F$b$3$l$r�(B
�$BH?1G$7$F$$$^$9!#�(B
�$B$G$b!">e5-$N%W%i%$%Y!<%H%M%C%H%o!<%/$OA4$FM-8z$G$9$1$l$I$b!"I,$:@5$7$$�(B
�$B%5%V%M%C%H%^%9%/$rMQ$$$F$/$@$5$$!#�(B
�$B$G$9$N$G!"$b$7�(B Class-C �$B$N%M%C%H%o!<%/$r;H$&$J$i!"$"$J$?$N%M%C%H%o!<%/�(B
�$B>e$N�(B TCP/IP �$B%W%m%H%3%k$,5!G=$7$F$$$k%^%7%s$K3d$jEv$F$i$l$kHV9f$O!"�(B
192.168.0.1, 192.168.0.2, 192.168.0.3, ..., 192.168.0.x �$B$H$J$j$^$9!#�(B
<P>192.168.0.1 �$B$OB?$/$N>l9g!"30It%M%C%H%o!<%/$X=P$F9T$/0Y$N�(B
�$BFbIt%2!<%H%&%'%$0?$O�(B Linux MASQ �$B%^%7%s$H$J$j$^$9!#�(B
192.168.0.0 �$B$H�(B 192.168.0.255 �$B$O$=$l$>$l%M%C%H%o!<%/5Z$S�(B
�$B%V%m!<%I%-%c%9%H%"%I%l%9$G$"$k$3$H$KCm0U$7$F$/$@$5$$�(B
(�$B$3$l$i$N%"%I%l%9$O�(B*�$BM=Ls:Q$_�(B*�$B$G$9�(B) �$B!#�(B
�$B$3$l$i$N%"%I%l%9$r%^%7%s$K3d$jEv$F$J$$$G$/$@$5$$!"$5$b$J$/$P�(B
�$B$"$J$?$N%^%7%s$d%M%C%H%o!<%/$O@5>o$KF0:n$7$^$;$s!#�(B
<P>
<A NAME="firewall-examples"></A> <P>
<H2><A NAME="ss3.3">3.3 IP �$B%U%)%o!<%G%#%s%0%]%j%7!<$r@_Dj$9$k�(B</A>
</H2>
<P>�$B$3$NE@$K4X$7$F$O!"%+!<%M%k$H$=$NB>I,MW$J%Q%C%1!<%8$,%$%s%9%H!<%k�(B
�$B$5$l$F$$$k$Y$-$G$9!#�(B
�$BA4$F$N%M%C%H%o!<%/$N�(B IP �$B%"%I%l%9!"%2!<%H%&%'%$!"$=$7$F�(B DNS �$B%"%I%l%9$O�(B
Linux MASQ �$B%5!<%P>e$G$bF1MM$K@_Dj$5$l$F$$$k$Y$-$G$9!#�(B
�$B$b$7�(B Linux �$B%M%C%H%o!<%/%+!<%I$N@_DjJ}K!$rCN$i$J$$$J$i!"$3$N�(B HOWTO �$B$N�(B
<A HREF="IP-Masquerade-HOWTO-2.html#2.0.x-Requirements">2.0.x �$B%+!<%M%k$NI,MW>r7o�(B</A>
�$B0?$O�(B
<A HREF="IP-Masquerade-HOWTO-2.html#2.2.x-Requirements">2.2.x �$B%+!<%M%k$NI,MW>r7o�(B</A>
�$B$N>O$r;2>H$7$F$/$@$5$$!#�(B
<P>�$B$5$F!":G8e$K$d$j;D$7$?$3$H$O!";XDj$5$l$?%^%7%s$KE,@Z$K%Q%1%C%H$r�(B
�$BE>Aw�(B (FORWARD) �$B5Z$S�(B �$B%^%9%+%l!<%I�(B (MASQUERADE) �$B$9$k0Y$N!"�(B IP
�$B%U%!%$%"%&%)!<%j%s%0%D!<%k$r@_Dj$9$k$3$H$G$9!#�(B
<P>
<P>
<BLOCKQUOTE>
** �$B$3$N<B8=$K$O?'!9$H0c$&J}K!$,Bt;3$"$jF@$^$9!#�(B
�$B$3$l$+$i<($9Ds0F$H<BNc$O;d$N=j$GF0:n$7$F$$$^$9$,!"$"$J$?$J$j$N0c$&�(B
�$B%"%$%G%#%"$dI,MW@-$,$"$k$3$H$G$7$g$&!#�(B
</BLOCKQUOTE>
<P>
<BLOCKQUOTE>
�$B$3$N>O$O�(B IP �$B%^%9%+%l!<%I5!G=$,F0:n$7F@$k0Y$N!"AG$N:GDc8B$N�(B
�$B%U%!%$%"%&%)!<%k$N%k!<%k%;%C%H$r>R2p$9$k�(B*�$B$@$1�(B*�$B$G$9!#�(B
�$B0lC6�(B (�$B$3$N�(B HOWTO �$B$K$F8e=R$9$k�(B) IP MASQ �$B$N%F%9%H$,@.8y$7$?$i!"�(B
�$B$h$j0BA4$J%U%!%$%"%&%)!<%k$N%k!<%k%;%C%H$N0Y$K�(B
<A HREF="IP-Masquerade-HOWTO-6.html#Strong-IPFWADM-Rulesets">�$B6/$$�(B IPFWADM �$B$N%k!<%k%;%C%H�(B</A>
�$B$H�(B
<A HREF="IP-Masquerade-HOWTO-6.html#Strong-IPCHAINS-Rulesets">�$B6/$$�(B IPCHAINS �$B$N%k!<%k%;%C%H�(B</A>
�$B$N>O$r;2>H$7$F$/$@$5$$!#�(B
�$B99$K!">\:Y$K$D$$$F$O�(B IPFWADM (2.0.x) �$B5Z$S�(B/�$BKt$O�(B IPCHAINS (2.2.x)
�$B$N%*%s%i%$%s%^%K%e%"%k$r;2>H$7$F$/$@$5$$!#�(B
</BLOCKQUOTE>
<P>
<A NAME="rc.firewall-2.2.x"></A> <P>
<P>
<H3>Linux 2.2.x �$B%+!<%M%k�(B</H3>
<P>
<P>2.1.x �$B$H�(B 2.2.x �$B%+!<%M%k$NN>J}$K$F�(B IP �$B%^%9%+%l!<%G%#%s%0$N%k!<%k$r�(B
�$BA`:n$9$k0Y$K!"�(B <B>IPFWADM �$B$O$b$O$d%U%!%$%"%&%)!<%k%D!<%k$H$7$F$O�(B
�$B;H$($J$$�(B</B> �$B$3$H$KCm0U$7$F$/$@$5$$!#�(B
�$B:#!"$3$l$i?7$7$$%+!<%M%k$G$O�(B IPCHAINS �$B%D!<%k$r;H$$$^$9!#�(B
�$B$3$NJQ99$K4X$9$k>\:Y$K$D$$$F$O!"�(B
<A HREF="IP-Masquerade-HOWTO-7.html#FAQ">�$B$h$/$"$k<ALd�(B (FAQ)</A>
�$B$N>O$r;2>H$7$F$/$@$5$$!#�(B
<P>�$B=iJbE*$GC1=c$J%k!<%k%;%C%H$K$F!"�(B �$B0J2<$K5-$9$h$&$K�(B /etc/rc.d/rc.firewall
�$B$r:n@.$7$^$9�(B -
<P>
<BLOCKQUOTE><CODE>
<PRE>
#!/bin/sh
#
# rc.firewall - IPCHAINS �$B$rMQ$$$?!"�(B 2.1.x �$B5Z$S�(B 2.2.x �$B%+!<%M%k$N0Y$N!"�(B
# �$B=iJbE*$GC1=c$J�(B IP �$B%^%9%+%l!<%I$N%F%9%H�(B
#
#
# �$BI,MW$J�(B IP MASQ �$B%b%8%e!<%k$rA4$FFI$_9~$_$^$9!#�(B
#
# �$BCm0U�(B - �$BI,MW$H$9$k�(B IP MASQ �$B%b%8%e!<%k$@$1$r%m!<%I$7$F$/$@$5$$!#�(B
# �$B8=:_$N�(B IP MASQ �$B%b%8%e!<%k$NA4$F$,0J2<$K5-$5$l$F$$$^$9$,!"�(B
# �$B%3%a%s%H%"%&%H$9$l$P%m!<%I$rM^;_$G$-$^$9!#�(B
</PRE>
</CODE></BLOCKQUOTE>
<BLOCKQUOTE><CODE>
<PRE>
# �$B%b%8%e!<%k$N%m!<%I$N=i4|CJ3,$KI,MW$G$9!#�(B
#
/sbin/depmod -a
# PORT �$B%a%=%C%I$rMQ$$$?�(B FTP �$B%U%!%$%kE>Aw$NE,@Z$J%^%9%+%l!<%G%#%s%0$r�(B
# �$B%5%]!<%H$7$^$9!#�(B
# �$B!ZLuCm�(B: PORT �$B%a%=%C%I$O%Q%C%7%V%b!<%I$G$J$$!"DL>o$N�(B FTP �$B@\B3$r;X$7$^$9!#�(B
# �$B@\B38e!"%G!<%?%]!<%H$r;HMQ$9$k:]$K!"�(B FTP �$B%5!<%PB&$+$i%/%i%$%"%s%HB&$K�(B
# �$BBP$7$F�(B TCP �$B@\B3$r3NN)$7$h$&$H$7$^$9!#�(B
# �$B$3$N%b%8%e!<%k$O�(B FTP �$B%/%i%$%"%s%H$r%Q%C%7%V%b!<%I$G;HMQ$9$k:]$K$OITMW�(B
# �$B$G$9!#![�(B
#
/sbin/modprobe ip_masq_ftp
# UDP �$B>e$G�(B RealAudio �$B$N%^%9%+%l!<%G%#%s%0$r%5%]!<%H$7$^$9!#�(B
# �$B$3$N%b%8%e!<%k$,$J$$$H!"�(B RealAudio �$B$O5!G=$7$^$9$,!"�(B TCP �$B%b!<%I$GF0:n�(B
# �$B$7!"$=$N7k2L$H$7$F2;<A$NNt2=$r$R$-5/$3$7$^$9!#�(B
#
#/sbin/modprobe ip_masq_raudio
</PRE>
</CODE></BLOCKQUOTE>
<BLOCKQUOTE><CODE>
<PRE>
# IRC �$B$K$*$1$k�(B DCC �$B%U%!%$%kE>Aw$N%^%9%+%l!<%G%#%s%0$r%5%]!<%H$7$^$9!#�(B
#
#/sbin/modprobe ip_masq_irc
</PRE>
</CODE></BLOCKQUOTE>
<BLOCKQUOTE><CODE>
�$B!ZLuCm�(B: DCC (Direct Client Connection) �$B$H$O!"�(Bclient �$BF1;N$,�(B IRC server �$B$r�(B
�$B2p$5$:$KD>@\�(B connection �$B$rD%$C$F%U%!%$%k$rAw<u$7$?$j!"2qOC$r$7$?$j$9$k�(B
�$B$7$/$_$r;X$7$^$9!#�(B
DCC �$B$N>\:Y$K$D$$$F$O�(B
<A HREF="http://www.linux.or.jp/JF/JFdocs/irchat-micro-howto.html">irchat-micro-howto</A> �$B$d!"�(B
<A HREF="ftp://ftp.kyoto.wide.ad.jp/IRC/irchat/irchat-2.4jp24k.tar.gz">irchat-jp �$B%Q%C%1!<%8�(B</A>
�$B$KE:IU$5$l$F$$$k�(B FAQ-about-jp24.txt �$BEy$r;2>H$7$F$/$@$5$$!#![�(B
</CODE></BLOCKQUOTE>
<BLOCKQUOTE><CODE>
<PRE>
# �$B%G%U%)%k%H$G�(B Quake �$B5Z$S�(B QuakeWorld �$B$N%^%9%+%l!<%G%#%s%0$r%5%]!<%H$7$^$9!#�(B
# �$B$3$N%b%8%e!<%k$O�(B Linux MASQ �$B%5!<%P$N8e$mB&$K$$$kJ#?t$N%f!<%6$N0Y$K$"$j�(B
# �$B$^$9!#�(B
# Quake I, II, �$B5Z$S�(B III �$B$r%W%l%$$9$k$D$b$j$J$i!"�(B 2�$BHVL\$NNc$rMQ$$$F$/$@$5$$!#�(B
#
# �$BCm0U�(B - �$B$b$7�(B QUAKE �$B%b%8%e!<%k$N%m!<%I$K<:GT$7$F�(B ERROR �$B$,I=<($5$l$?$i!"�(B
# ----- �$B$=$l$O%P%0$,4^$^$l$?8E$$%+!<%M%k$G$9!#:G?7$N%+!<%M%k$K99?7$7$F�(B
# �$B$/$@$5$$!#�(B
#
#Quake I / QuakeWorld (26000 �$B5Z$S�(B 27000 �$BHV%]!<%H�(B)
#/sbin/modprobe ip_masq_quake
#
#Quake I/II/III / QuakeWorld (26000, 27000, 27910, 27960 �$BHV%]!<%H�(B)
#/sbin/modprobe ip_masq_quake 26000,27000,27910,27960
# CuSeeme �$B%S%G%*2q5D%=%U%H%&%'%"$N%^%9%+%l!<%G%#%s%0$r%5%]!<%H$7$^$9!#�(B
#
#/sbin/modprobe ip_masq_cuseeme
# VDO-live �$B%S%G%*2q5D%=%U%H%&%'%"$N%^%9%+%l!<%G%#%s%0$r%5%]!<%H$7$^$9!#�(B
#
#/sbin/modprobe ip_masq_vdolive
</PRE>
</CODE></BLOCKQUOTE>
<BLOCKQUOTE><CODE>
<PRE>
#�$B=EMW�(B - �$B%G%U%)%k%H$GL58z$K$J$C$F$$$k�(B IP �$B%U%)%o!<%G%#%s%0$rM-8z$K$7$^$9!#�(B
#
# Redhat �$B%f!<%6$X�(B - /etc/sysconfig/network �$B$r0J2<$N$h$&$K�(B
# �$B=q$-49$($F!"$3$N%*%W%7%g%s$rJQ99$G$-$k�(B
# �$BH&$G$9$N$G!";n$7$F$_$F$/$@$5$$!#�(B
#
# FORWARD_IPV4=false
# �$B"-�(B
# FORWARD_IPV4=true
#
echo "1" > /proc/sys/net/ipv4/ip_forward
#�$B=EMW�(B - 2.2.x �$B%+!<%M%k$N%G%U%)%k%H$GL58z$K$J$C$F$$$k�(B IP �$B%G%U%i%0%a%s%H�(B
# (�$B:GE,2=�(B)�$B$rM-8z$K$7$^$9!#�(B
# �$B$3$l$O%3%s%Q%$%k;~$N%*%W%7%g%s$GM-8z$G$7$?$,!"�(B 2.2.12 �$B$N;~$K�(B
# �$B$=$NF0:n$,JQ99$5$l$F$7$^$$$^$7$?!#�(B
#
echo "1" > /proc/sys/net/ipv4/ip_always_defrag
</PRE>
</CODE></BLOCKQUOTE>
<BLOCKQUOTE><CODE>
<PRE>
# �$BF0E*�(B IP �$B%f!<%6$X�(B -
#
# �$B$b$7�(B SLIP, PPP, �$B0?$O�(B DHCP �$B$GF0E*$K�(B IP �$B%"%I%l%9$rF@$F$$$k$J$i!"$3$3$K�(B
# �$B5-$90J2<$N%*%W%7%g%s$rM-8z$K$7$F$/$@$5$$!#�(B
# �$B$3$l$K$h$C$F�(B IP MASQ �$B$K$*$$$FF0E*�(B IP �$B%"%I%l%9$N%O%C%-%s%0$r<B8=$7!"�(B
# �$BMF0W$K�(B Diald �$B$dF1MM$N%W%m%0%i%`$N2TF/;~4V$r?-$P$7$^$9!#�(B
#
#echo "1" > /proc/sys/net/ipv4/ip_dynaddr
�$B!ZLuCm�(B: �$B$3$N%*%W%7%g%s$rM-8z$K$9$k$H!"�(B ppp �$BEy$N:F@\B3;~!"%$%s%?!<%U%'!<%9$N�(B
IP �$B%"%I%l%9$,JQ$o$C$F$b!"0JA0$N%^%9%+%l!<%I%F!<%V%k$rGK4~$;$:!"�(B IP �$B%"%I%l%9�(B
�$B$r=q$-49$($F:FMxMQ$7$^$9!#![�(B
</PRE>
</CODE></BLOCKQUOTE>
<BLOCKQUOTE><CODE>
<PRE>
# �$B4v$D$+$N%$%s%?!<%M%C%HBP1~%2!<%`$,MW5a$9$k!"%k!<%:�(B UDP �$B%Q%C%A$r�(B
# �$BM-8z$K$7$^$9!#�(B
#
# IP �$B%^%9%+%l!<%I%\%C%/%91[$7$K%$%s%?!<%M%C%HBP1~%2!<%`$r$d$j$?$/$F!"�(B
# �$B$=$N%2!<%`$rN)$A>e$2$F:F@_Dj$9$k$3$H$J$/3Z$7$_$?$$$J$i!"$3$N%*%W%7%g%s$r�(B
# �$BM-8z$K$7$F$_$F$/$@$5$$�(B ("#" �$B$K$h$k%3%a%s%H%"%&%H$r:o=|$7$^$9�(B) �$B!#�(B
# �$BFbIt%^%7%s$,�(B UDP �$B%]!<%H%9%-%c%s$G967b$5$l$d$9$/$J$k2DG=@-$,$"$k$N$G!"�(B
# �$B$3$N%*%W%7%g%s$O%G%U%)%k%H$G$OL58z$K$J$C$F$$$^$9!#�(B
#
#echo "1" > /proc/sys/net/ipv4/ip_masq_udp_dloose
</PRE>
</CODE></BLOCKQUOTE>
<BLOCKQUOTE><CODE>
<PRE>
# MASQ �$B%?%$%`%"%&%HCM�(B
#
# TCP �$B%;%C%7%g%s$K$*$$$F�(B 2 �$B;~4V$N%?%$%`%"%&%HCM$r!"�(B
# TCP/IP "FIN" �$B%Q%1%C%H$r<u?.8e$N%H%i%U%#%C%/$K$*$$$F�(B 10 �$BIC$N%?%$%`%"%&%H�(B
# �$BCM$r!"�(B
# UDP �$B%H%i%U%#%C%/$K$*$$$F�(B 160 �$BIC$N%?%$%`%"%&%HCM�(B(MASQ �$B$5$l$?�(B ICQ �$B%f!<%6�(B
# �$B$N0Y$K=EMW$G$9�(B) �$B$r@_Dj$7$^$9!#�(B
#
/sbin/ipchains -M -S 7200 10 160
# DHCP - ADSL �$B$d�(B �$B%1!<%V%k%b%G%`$N%f!<%6$N$h$&$J!"�(BDHCP �$B0?$O�(B BOOTP �$B$N�(B
# �$B$$$:$l$+$+$i30It�(B IP �$B%"%I%l%9$r<hF@$9$k?M$O!"$3$N8e$K5-=R$5$l$k�(B
# ipchains �$B$N�(B deny �$B%3%^%s%I$NA0$K$3$N9T$rI,MW$H$7$^$9!#�(B
# "bootp_client_net_if_name" �$B$K$O�(B DHCP/BOOTP �$B%5!<%P$,%"%I%l%9$r�(B
# �$B3d$jEv$F$k%$%s%?!<%U%'!<%9L>$K=q$-49$($F$/$@$5$$!#�(B
# �$B62$i$/�(B "eth0", "eth1" �$BEy$K$J$k$3$H$G$7$g$&!#�(B
#
# �$B$3$NNc$O:#$N=j%3%a%s%H%"%&%H$7$F$$$^$9!#�(B
#
#/sbin/ipchains -A input -j ACCEPT -i bootp_clients_net_if_name -s 0/0 67 -d 0/0 68 -p udp
# �$BC1=c$J�(B IP �$B%U%)%o!<%G%#%s%05Z$S%^%9%+%l!<%G%#%s%0$rM-8z$K$7$^$9!#�(B
#
# �$BCm0U�(B - �$B0J2<$NNc$O�(B 192.168.0.x �$B$NFbIt�(B LAN �$B%"%I%l%9$G�(B 255.255.255.0 �$BKt$O�(B
# "24" �$B%S%C%H$N%5%V%M%C%H%^%9%/$h$j$J$k%M%C%H%o!<%/$,!"�(B eth0
# �$B%$%s%?!<%U%'!<%9$rDL$8$F%$%s%?!<%M%C%H$X@\B3$5$l$k>l9g$r5-$7$F�(B
# �$B$$$^$9!#�(B
#
# ** �$B$"$J$?$NFbIt�(B LAN �$B$N@_Dj$K9g$&$h$&$K!"%M%C%H%o!<%/HV9f!"�(B
# ** �$B%5%V%M%C%H%^%9%/5Z$S%$%s%?!<%M%C%H@\B3$N%$%s%?!<%U%'!<%9L>�(B
# ** �$B$rJQ99$7$F$/$@$5$$!#�(B
#
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -i eth0 -s 192.168.0.0/24 -j MASQ
</PRE>
</CODE></BLOCKQUOTE>
<P>�$B0lC6�(B /etc/rc.d/rc.firewall �$B$N%k!<%k%;%C%H$rJT=8$7=*$($?$i!"<B9T2DG=$K�(B
�$B$9$k$h$&$K�(B <CODE>chmod 700 /etc/rc.d/rc.firewall</CODE> �$B$rF~NO$7!"<B9T$7$F�(B
�$B$/$@$5$$!#�(B
<P>
<P>�$B$5$F!"%U%!%$%"%&%)!<%k$N%k!<%k%;%C%H$N=`Hw$,@0$$$^$7$?!#�(B
�$B$3$l$r%j%V!<%H8e$K<B9T$5$;$kI,MW$,$"$j$^$9!#�(B
�$B<B9T$K$O!"Kh2s<j$G9T$&J}K!�(B (�$B6lDK$G$9�(B) �$B$+!"%V!<%H%9%/%j%W%H$KDI2C$9$kJ}K!�(B
�$B$,$"$j$^$9!#�(B
�$B0J2<$K�(B 2�$B$D$NJ}K!$r5-$7$F$*$-$^$7$?�(B -
<P>
<UL>
<LI>Redhat �$B5Z$S�(B Redhat �$B$+$iGI@8$7$?%G%#%9%H%j%S%e!<%7%g%s�(B -
<P>
</LI>
<LI>�$B5/F0%9%/%j%W%H$N%m!<%I$K4X$7!"�(B Redhat �$B$K$O�(B 2�$B$D$NJ}K!$,$"$j$^$9�(B -
/etc/rc.d/rc.local �$B0?$O�(B /etc/rc.d/init.d/ �$B$NCf$K$"$k�(B init �$B%9%/%j%W%H$G$9!#�(B
�$BA0<T$NJ}K!$,:G$b4JC1$G$9!#$d$k$Y$-$3$H$O0J2<$N9T$r�(B /etc/rc.d/rc.local
�$B%U%!%$%k$N:G8e$KDI2C$9$k$3$H$G$9�(B -
<P>
<UL>
<LI>echo "Loading the rc.firewall ruleset.."
/etc/rc.d/rc.firewall</LI>
</UL>
<P>�$B$3$N<jK!$NLdBjE@$O!"6/8G$J%U%!%$%"%&%)!<%k$N%k!<%k%;%C%H$rF0:n$5$;$h$&$H�(B
�$B$9$k:]$K!"%U%!%$%"%&%)!<%k$O%V!<%H=*N;$K;j$k$^$G<B9T$5$l$J$$!"$H$$$&E@$K�(B
�$B$"$j$^$9!#�(B
�$B9%$^$7$$<jK!$H$7$F$O!"%M%C%H%o!<%/%5%V%7%9%F%`$N@_Dj$,%m!<%I$5$l$?D>8e$K!"�(B
�$B%U%!%$%"%&%)!<%k$N@_Dj$,%m!<%I$5$l$k$h$&$K$9$k$3$H$G$9!#�(B
�$B:#$N=j!"$3$N�(B HOWTO �$B$O�(B /etc/rc.d/rc.local �$B$N@_Dj$N$_$r07$C$F$$$^$9!#�(B
�$B$h$j6/8G$J%7%9%F%`$r$*K>$_$J$i!"�(B
�$B$3$N�(B HOWTO �$B$N:G8e$N>O$K%j%s%/$,$"$k�(B TrinityOS �$B$N�(B10�$B>O$r;2>H$9$k$3$H$r$*A&$a�(B
�$B$7$^$9!#�(B
</LI>
</UL>
<P>
<UL>
<LI>Slackware -
<P>
</LI>
<LI>�$B5/F0%9%/%j%W%H$N%m!<%I$K4X$7!"�(B Slackware �$B$K$O�(B 2�$B$D$NJ}K!$,$"$j$^$9�(B -
/etc/rc.d/rc.local �$B0?$O�(B /etc/rc.d/rc.inet2 �$B%U%!%$%k$rJT=8$9$k$3$H$G$9!#�(B
�$BA0<T$NJ}K!$,:G$b4JC1$G$9!#$d$k$Y$-$3$H$O0J2<$N9T$r�(B /etc/rc.d/rc.local
�$B%U%!%$%k$N:G8e$KDI2C$9$k$3$H$G$9�(B -
<P>
<UL>
<LI>echo "Loading the rc.firewall ruleset.."<P>/etc/rc.d/rc.firewall
</LI>
</UL>
<P>�$B$3$N<jK!$NLdBjE@$O!"6/8G$J%U%!%$%"%&%)!<%k$N%k!<%k%;%C%H$rF0:n$5$;$h$&$H�(B
�$B$9$k:]$K!"%U%!%$%"%&%)!<%k$O%V!<%H=*N;$K;j$k$^$G<B9T$5$l$J$$!"$H$$$&E@$K�(B
�$B$"$j$^$9!#�(B
�$B9%$^$7$$<jK!$H$7$F$O!"%M%C%H%o!<%/%5%V%7%9%F%`$N@_Dj$,%m!<%I$5$l$?D>8e$K!"�(B
�$B%U%!%$%"%&%)!<%k$N@_Dj$,%m!<%I$5$l$k$h$&$K$9$k$3$H$G$9!#�(B
�$B:#$N=j!"$3$N�(B HOWTO �$B$O�(B /etc/rc.d/rc.local �$B$N@_Dj$N$_$r07$C$F$$$^$9!#�(B
�$B$h$j6/8G$J%7%9%F%`$r$*K>$_$J$i!"$3$N�(B HOWTO �$B$N:G8e$N>O$K%j%s%/$,$"$k�(B
TrinityOS �$B$N�(B10�$B>O$r;2>H$9$k$3$H$r$*A&$a$7$^$9!#�(B
</LI>
</UL>
<P>
<P><B>�$B>e=R$N%U%!%$%"%&%)!<%k$N%k!<%k%;%C%H$rJQ99$7$?$$%f!<%6$X$NCm0U�(B - </B>
<P>�$B40A4$J�(B TCP/IP �$B%M%C%H%o!<%/$r<B8=$9$k>e=R$NJ}K!$NBe$o$j$K!"�(B*�$BC1BN$N%^%7%s�(B
�$B$@$1�(B*�$B$N�(B IP �$B%^%9%+%l!<%G%#%s%0$r<B8=$7$?$$$H;W$&J}$b$$$k$3$H$G$7$g$&!#�(B
�$BNc$($P!";d$O�(B 192.168.0.2 �$B$H�(B 192.168.0.8 �$B$N%[%9%H$@$1$r%$%s%?!<%M%C%H$X�(B
�$B@\B3$5$;$?$$$H$7$^$9!#$3$N;~FbIt%M%C%H%o!<%/>e$KB>$N%^%7%s$OB8:_$7$^$;$s!#�(B
�$B;d$O�(B (�$B>e=R$N�(B) "�$BC1=c$J�(B IP �$B%U%)%o!<%G%#%s%05Z$S%^%9%+%l!<%G%#%s%0$r<B8=$9$k�(B"
�$B$N>O$N!"�(B /etc/rc.d/rc.firewall �$B$N%k!<%k%;%C%H$r!"0J2<$N$h$&$K=q$-49$($^$9!#�(B
<P>
<BLOCKQUOTE><CODE>
<PRE>
#!/bin/sh
#
# �$BC1=c$J�(B IP �$B%U%)%o!<%G%#%s%05Z$S%^%9%+%l!<%G%#%s%0$rM-8z$K$7$^$9!#�(B
#
# �$BCm0U�(B - �$B0J2<$NNc$O�(B 192.168.0.x �$B$NFbIt�(B LAN �$B%"%I%l%9$G�(B 255.255.255.0 �$BKt$O�(B
# "24" �$B%S%C%H$N%5%V%M%C%H%^%9%/$h$j$J$k%M%C%H%o!<%/$,!"�(B eth0
# �$B%$%s%?!<%U%'!<%9$rDL$8$F%$%s%?!<%M%C%H$X@\B3$5$l$k>l9g$r5-$7$F�(B
# �$B$$$^$9!#�(B
#
# ** �$B$"$J$?$NFbIt�(B LAN �$B$N@_Dj$K9g$&$h$&$K!"%M%C%H%o!<%/HV9f!"�(B
# ** �$B%5%V%M%C%H%^%9%/5Z$S%$%s%?!<%M%C%H@\B3$N%$%s%?!<%U%'!<%9L>�(B
# ** �$B$rJQ99$7$F$/$@$5$$!#�(B
#
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -i eth0 -s 192.168.0.2/32 -j MASQ
/sbin/ipchains -A forward -i eth0 -s 192.168.0.8/32 -j MASQ
</PRE>
</CODE></BLOCKQUOTE>
<P>
<P><B>�$B$h$/$"$k4V0c$$�(B - </B>
<P>�$B=i4|CJ3,$N�(B IP Masq �$B%f!<%6$,HH$7$,$A$J$h$/$"$k4V0c$$$H$7$F!"�(B
�$B0J2<$N$h$&$J%3%^%s%I$,$"$j$^$9�(B -
<P>/sbin/ipchains -P forward masquerade
<P>�$B7h$7$F!"%G%U%)%k%H%]%j%7!<$r%^%9%+%l!<%G%#%s%0$K$7$F$O�(B<B>�$B$$$1$^$;$s�(B</B>�$B!#�(B
�$B$5$b$J$/$P!"7PO)%F!<%V%k$rA`:n$G$-$kC/$+$,$"$J$?$N%2!<%H%&%'%$%^%7%s$K�(B
�$B7j$r3+$1!"<+?H$N?H85$r%^%9%+%l!<%I$7$F$7$^$&$+$bCN$l$J$$$+$i$G$9�(B!
<P>
<P>�$B7+$jJV$7$^$9!"$3$l$i$N9T$O�(B <CODE>/etc/rc.d/rc.firewall</CODE> �$B%U%!%$%k$+!"�(B
�$B$"$J$?$,A*Br$9$kB>$N�(B rc �$B%U%!%$%k$N$&$A$N0l$D$KDI2C$G$-$k$+!"�(B
IP �$B%^%9%+%l!<%I$rI,MW$H$9$kEYKh$K<j:n6H$G<B9T$G$-$^$9!#�(B
<P>IPCHAINS �$B$H6/8G$J�(B IPCHAINS �$B$N%k!<%k%;%C%H$NNc$N>\:Y$J<j0z$K4X$7$F$O!"�(B
<A HREF="IP-Masquerade-HOWTO-6.html#Strong-IPFWADM-Rulesets">�$B6/$$�(B IPFWADM �$B$N%k!<%k%;%C%H�(B</A>
�$B$H�(B
<A HREF="IP-Masquerade-HOWTO-6.html#Strong-IPCHAINS-Rulesets">�$B6/$$�(B IPCHAINS �$B$N%k!<%k%;%C%H�(B</A>
�$B$N>O$r;2>H$7$F$/$@$5$$!#�(B
�$B99$K>\:Y$J�(B IPCHAINS �$B$N;H$$J}$K4X$7$F$O!"%W%i%$%^%j�(B IPCHAINS �$B%5%$%H$G$"$k�(B
<A HREF="http://netfilter.filewatcher.org/ipchains/">http://netfilter.filewatcher.org/ipchains/</A>
�$B$+!"�(B
<A HREF="http://www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO.html">Linux IP CHAINS HOWTO Backup</A>
�$B$r;2>H$7$F$/$@$5$$!#�(B
<P>
<P>
<A NAME="rc.firewall-2.0.x"></A> <P>
<H3>Linux 2.0.x �$B%+!<%M%k�(B</H3>
<P>
<P>�$B=iJbE*$GC1=c$J%k!<%k%;%C%H$K$F!"�(B �$B0J2<$K5-$9$h$&$K�(B /etc/rc.d/rc.firewall
�$B$r:n@.$7$^$9�(B -
<BLOCKQUOTE><CODE>
<PRE>
# rc.firewall - IPFWADM �$B$rMQ$$$?!"�(B 2.0.x �$B%+!<%M%k$N0Y$N!"�(B
# �$B=iJbE*$GC1=c$J�(B IP �$B%^%9%+%l!<%I$N@_Dj�(B
#
# �$BI,MW$J�(B IP MASQ �$B%b%8%e!<%k$rA4$FFI$_9~$_$^$9!#�(B
#
# �$BCm0U�(B - �$BI,MW$H$9$k�(B IP MASQ �$B%b%8%e!<%k$@$1$r%m!<%I$7$F$/$@$5$$!#�(B
# �$B8=:_$N�(B IP MASQ �$B%b%8%e!<%k$NA4$F$,0J2<$K5-$5$l$F$$$^$9$,!"�(B
# �$B%3%a%s%H%"%&%H$9$k$3$H$G%m!<%I$rM^;_$9$k$3$H$,$G$-$^$9!#�(B
# �$B%b%8%e!<%k$N%m!<%I$N=i4|CJ3,$KI,MW$G$9!#�(B
#
#
/sbin/depmod -a
# Supports the proper masquerading of FTP file transfers using the PORT method
# PORT �$B%a%=%C%I$rMQ$$$?�(B FTP �$B%U%!%$%kE>Aw$NE,@Z$J%^%9%+%l!<%G%#%s%0$r�(B
# �$B%5%]!<%H$7$^$9!#�(B
# �$B!ZLuCm�(B: PORT �$B%a%=%C%I$O%Q%C%7%V%b!<%I$G$J$$!"DL>o$N�(B FTP �$B@\B3$r;X$7$^$9!#�(B
# �$B@\B38e!"%G!<%?%]!<%H$r;HMQ$9$k:]$K!"�(B FTP �$B%5!<%PB&$+$i%/%i%$%"%s%HB&$K�(B
# �$BBP$7$F�(B TCP �$B@\B3$r3NN)$7$h$&$H$7$^$9!#�(B
# �$B$3$N%b%8%e!<%k$O�(B FTP �$B%/%i%$%"%s%H$r%Q%C%7%V%b!<%I$G;HMQ$9$k:]$K$OITMW�(B
# �$B$G$9!#![�(B
#
/sbin/modprobe ip_masq_ftp
# UDP �$B>e$G�(B RealAudio �$B$N%^%9%+%l!<%G%#%s%0$r%5%]!<%H$7$^$9!#�(B
# �$B$3$N%b%8%e!<%k$,$J$$$H!"�(B RealAudio �$B$O5!G=$7$^$9$,!"�(B TCP �$B%b!<%I$GF0:n�(B
# �$B$7!"$=$N7k2L$H$7$F2;<A$NNt2=$r$R$-5/$3$7$^$9!#�(B
#
#/sbin/modprobe ip_masq_raudio
# IRC �$B$K$*$1$k�(B DCC �$B%U%!%$%kE>Aw$N%^%9%+%l!<%G%#%s%0$r%5%]!<%H$7$^$9!#�(B
</PRE>
</CODE></BLOCKQUOTE>
<BLOCKQUOTE><CODE>
�$B!ZLuCm�(B: DCC (Direct Client Connection) �$B$H$O!"�(Bclient �$BF1;N$,�(B IRC server �$B$r�(B
�$B2p$5$:$KD>@\�(B connection �$B$rD%$C$F%U%!%$%k$rAw<u$7$?$j!"2qOC$r$7$?$j$9$k�(B
�$B$7$/$_$r;X$7$^$9!#�(B
DCC �$B$N>\:Y$K$D$$$F$O�(B
<A HREF="http://www.linux.or.jp/JF/JFdocs/irchat-micro-howto.html">irchat-micro-howto</A> �$B$d!"�(B
<A HREF="ftp://ftp.kyoto.wide.ad.jp/IRC/irchat/irchat-2.4jp24k.tar.gz">irchat-jp �$B%Q%C%1!<%8�(B</A> �$B$KE:IU$5$l$F$$$k�(B FAQ-about-jp24.txt �$BEy$r;2>H$7$F$/$@$5$$!#![�(B
</CODE></BLOCKQUOTE>
<BLOCKQUOTE><CODE>
<PRE>
#
#/sbin/modprobe ip_masq_irc
# �$B%G%U%)%k%H$G�(B Quake �$B5Z$S�(B QuakeWorld �$B$N%^%9%+%l!<%G%#%s%0$r%5%]!<%H$7$^$9!#�(B
# �$B$3$N%b%8%e!<%k$O�(B Linux MASQ �$B%5!<%P$N8e$mB&$K$$$kJ#?t$N%f!<%6$N0Y$K$"$j�(B
# �$B$^$9!#�(B
# Quake I, II, �$B5Z$S�(B III �$B$r%W%l%$$9$k$D$b$j$J$i!"�(B 2�$BHVL\$NNc$rMQ$$$F$/$@$5$$!#�(B
#
# �$BCm0U�(B - �$B$b$7�(B QUAKE �$B%b%8%e!<%k$N%m!<%I$K<:GT$7$F�(B ERROR �$B$,I=<($5$l$?$i!"�(B
# ----- �$B$=$l$O%P%0$,4^$^$l$?8E$$%+!<%M%k$G$9!#:G?7$N%+!<%M%k$K99?7$7$F�(B
# �$B$/$@$5$$!#�(B
#
#Quake I / QuakeWorld (ports 26000 and 27000)
#/sbin/modprobe ip_masq_quake
#
#Quake I/II/III / QuakeWorld (ports 26000, 27000, 27910, 27960)
#/sbin/modprobe ip_masq_quake 26000,27000,27910,27960
# CuSeeme �$B%S%G%*2q5D%=%U%H%&%'%"$N%^%9%+%l!<%G%#%s%0$r%5%]!<%H$7$^$9!#�(B
#
#/sbin/modprobe ip_masq_cuseeme
# VDO-live �$B%S%G%*2q5D%=%U%H%&%'%"$N%^%9%+%l!<%G%#%s%0$r%5%]!<%H$7$^$9!#�(B
#
#/sbin/modprobe ip_masq_vdolive
#�$BCWL?E*�(B - �$B%G%U%)%k%H$GL58z$K$J$C$F$$$k�(B IP �$B%U%)%o!<%G%#%s%0$rM-8z$K$7$^$9!#�(B
#
# Redhat �$B%f!<%6$X�(B - /etc/sysconfig/network �$B$r0J2<$N$h$&$K�(B
# �$B=q$-49$($F!"$3$N%*%W%7%g%s$rJQ99$5$;$k�(B
# �$B$3$H$,$G$-$k$G$7$g$&!#�(B
#
# FORWARD_IPV4=false
# to
# FORWARD_IPV4=true
#
echo "1" > /proc/sys/net/ipv4/ip_forward
#�$BCWL?E*�(B - �$B%G%U%)%k%H$GL58z$K$J$C$F$$$k�(B IP �$B%G%U%i%0%a%s%H�(B(�$B:GE,2=�(B)�$B$rM-8z$K�(B
# �$B$7$^$9!#�(B
# �$B$3$l$O%3%s%Q%$%k;~$N%*%W%7%g%s$GM-8z$G$7$?$,!"�(B 2.2.12 �$B$N;~$K�(B
# �$B$=$NF0:n$,JQ99$5$l$F$7$^$$$^$7$?!#�(B
# �$B$3$N%*%W%7%g%s$O�(B 2.0 �$B5Z$S�(B 2.2 �$B%+!<%M%k$NN>J}$KI,MW$G$9!#�(B
#
echo "1" > /proc/sys/net/ipv4/ip_always_defrag
# �$BF0E*�(B IP �$B%f!<%6$X�(B -
#
# �$B$b$7�(B SLIP, PPP, �$B0?$O�(B DHCP �$B$GF0E*$K�(B IP �$B%"%I%l%9$rF@$F$$$k$J$i!"$3$3$K�(B
# �$B5-$90J2<$N%*%W%7%g%s$rM-8z$K$7$F$/$@$5$$!#�(B
# �$B$3$l$K$h$C$F�(B IP MASQ �$B$K$*$$$FF0E*�(B IP �$B%"%I%l%9$N%O%C%-%s%0$r<B8=$7!"�(B
# �$BMF0W$K�(B Diald �$B$dF1MM$N%W%m%0%i%`$N2TF/;~4V$r?-$P$7$^$9!#�(B
#
#echo "1" > /proc/sys/net/ipv4/ip_dynaddr
# MASQ �$B%?%$%`%"%&%HCM�(B
#
# TCP �$B%;%C%7%g%s$K$*$$$F�(B 2 �$B;~4V$N%?%$%`%"%&%HCM$r!"�(B
# TCP/IP "FIN" �$B%Q%1%C%H$r<u?.8e$N%H%i%U%#%C%/$K$*$$$F�(B 10 �$BIC$N%?%$%`%"%&%H�(B
# �$BCM$r!"�(B
# UDP �$B%H%i%U%#%C%/$K$*$$$F�(B 160 �$BIC$N%?%$%`%"%&%HCM�(B(MASQ �$B$5$l$?�(B ICQ �$B%f!<%6�(B
# �$B$N0Y$K=EMW$G$9�(B) �$B$r@_Dj$7$^$9!#�(B
#
/sbin/ipfwadm -M -s 7200 10 160
# DHCP - ADSL �$B$d�(B �$B%1!<%V%k%b%G%`$N%f!<%6$N$h$&$J!"�(BDHCP �$B0?$O�(B BOOTP �$B$N�(B
# �$B$$$:$l$+$+$i!"30It�(B IP �$B%"%I%l%9$r<hF@$9$k?M$O!"$3$N8e$K5-=R$5$l$k�(B
# ipchains �$B$N�(B deny �$B%3%^%s%I$NA0$K$3$N9T$rI,MW$H$7$^$9!#�(B
# "bootp_client_net_if_name" �$B$K$O�(B DHCP/BOOTP �$B%5!<%P$,%"%I%l%9$r�(B
# �$B3d$jEv$F$k%$%s%?!<%U%'!<%9L>$K=q$-49$($F$/$@$5$$!#�(B
# �$B62$i$/�(B "eth0", "eth1" �$BEy$K$J$k$3$H$G$7$g$&!#�(B
#
# �$B$3$NNc$O:#$N=j%3%a%s%H%"%&%H$7$F$$$^$9!#�(B
#
#
#/sbin/ipfwadm -I -a accept -S 0/0 67 -D 0/0 68 -W bootp_clients_net_if_name -P udp
# �$BC1=c$J�(B IP �$B%U%)%o!<%G%#%s%05Z$S%^%9%+%l!<%G%#%s%0$rM-8z$K$7$^$9!#�(B
#
# �$BCm0U�(B - �$B0J2<$NNc$O�(B 192.168.0.x �$B$NFbIt�(B LAN �$B%"%I%l%9$G�(B 255.255.255.0 �$BKt$O�(B
# "24" �$B%S%C%H$N%5%V%M%C%H%^%9%/$h$j$J$k%M%C%H%o!<%/$,!"�(B eth0
# �$B%$%s%?!<%U%'!<%9$rDL$8$F%$%s%?!<%M%C%H$X@\B3$5$l$k>l9g$r5-$7$F�(B
# �$B$$$^$9!#�(B
#
# ** �$B$"$J$?$NFbIt�(B LAN �$B$N@_Dj$K9g$&$h$&$K!"%M%C%H%o!<%/HV9f!"�(B
# ** �$B%5%V%M%C%H%^%9%/5Z$S%$%s%?!<%M%C%H@\B3$N%$%s%?!<%U%'!<%9L>�(B
# ** �$B$rJQ99$7$F$/$@$5$$!#�(B
#
/sbin/ipfwadm -F -p deny
/sbin/ipfwadm -F -a m -W eth0 -S 192.168.0.0/24 -D 0.0.0.0/0
</PRE>
</CODE></BLOCKQUOTE>
<P>�$B0lC6�(B /etc/rc.d/rc.firewall �$B$N%k!<%k%;%C%H$rJT=8$7=*$($?$i!"<B9T2DG=$K�(B
�$B$9$k$h$&$K�(B <CODE>chmod 700 /etc/rc.d/rc.firewall</CODE> �$B$rF~NO$7!"<B9T$7$F�(B
�$B$/$@$5$$!#�(B
<P>�$B$5$F!"%U%!%$%"%&%)!<%k$N%k!<%k%;%C%H$N=`Hw$,@0$$$^$7$?!#�(B
�$B$3$l$r%j%V!<%H8e$K<B9T$5$;$kI,MW$,$"$j$^$9!#�(B
�$B<B9T$K$O!"Kh2s<j$G9T$&J}K!�(B (�$B6lDK$G$9�(B) �$B$+!"%V!<%H%9%/%j%W%H$KDI2C$9$kJ}K!�(B
�$B$,$"$j$^$9!#�(B
�$B0J2<$K�(B 2�$B$D$NJ}K!$r5-$7$F$*$-$^$7$?�(B -
<P>
<UL>
<LI>Redhat �$B5Z$S�(B Redhat �$B$+$iGI@8$7$?%G%#%9%H%j%S%e!<%7%g%s�(B -
<P>
<UL>
<LI>�$B5/F0%9%/%j%W%H$N%m!<%I$K4X$7!"�(B Redhat �$B$K$O�(B 2�$B$D$NJ}K!$,$"$j$^$9�(B -
/etc/rc.d/rc.local �$B0?$O�(B /etc/rc.d/init.d/ �$B$NCf$K$"$k�(B init �$B%9%/%j%W%H$G$9!#�(B
�$BA0<T$NJ}K!$,:G$b4JC1$G$9!#$d$k$Y$-$3$H$O0J2<$N9T$r�(B /etc/rc.d/rc.local
�$B%U%!%$%k$N:G8e$KDI2C$9$k$3$H$G$9�(B -
<P>
<UL>
<LI>echo "Loading the rc.firewall ruleset.."
/etc/rc.d/rc.firewall</LI>
</UL>
</LI>
</UL>
<P>�$B$3$N<jK!$NLdBjE@$O!"6/8G$J%U%!%$%"%&%)!<%k$N%k!<%k%;%C%H$rF0:n$5$;$h$&$H�(B
�$B$9$k:]$K!"%U%!%$%"%&%)!<%k$O%V!<%H=*N;$K;j$k$^$G<B9T$5$l$J$$!"$H$$$&E@$K�(B
�$B$"$j$^$9!#�(B
�$B9%$^$7$$<jK!$H$7$F$O!"%M%C%H%o!<%/%5%V%7%9%F%`$N@_Dj$,%m!<%I$5$l$?D>8e$K!"�(B
�$B%U%!%$%"%&%)!<%k$N@_Dj$,%m!<%I$5$l$k$h$&$K$9$k$3$H$G$9!#�(B
�$B:#$N=j!"$3$N�(B HOWTO �$B$O�(B /etc/rc.d/rc.local �$B$N@_Dj$N$_$r07$C$F$$$^$9!#�(B
�$B$h$j6/8G$J%7%9%F%`$r$*K>$_$J$i!"$3$N�(B HOWTO �$B$N:G8e$N>O$K%j%s%/$,$"$k�(B
TrinityOS �$B$N�(B10�$B>O$r;2>H$9$k$3$H$r$*A&$a$7$^$9!#�(B
</LI>
</UL>
<P>
<P>
<UL>
<LI>Slackware:
<P>
<UL>
<LI>�$B5/F0%9%/%j%W%H$N%m!<%I$K4X$7!"�(B Slackware �$B$K$O�(B 2�$B$D$NJ}K!$,$"$j$^$9�(B -
/etc/rc.d/rc.local �$B0?$O�(B /etc/rc.d/rc.inet2 �$B%U%!%$%k$rJT=8$9$k$3$H$G$9!#�(B
�$BA0<T$NJ}K!$,:G$b4JC1$G$9!#$d$k$Y$-$3$H$O0J2<$N9T$r�(B /etc/rc.d/rc.local
�$B%U%!%$%k$N:G8e$KDI2C$9$k$3$H$G$9�(B -
<P>
<UL>
<LI>echo "Loading the rc.firewall ruleset.."<P>/etc/rc.d/rc.firewall
</LI>
</UL>
<P>�$B$3$N<jK!$NLdBjE@$O!"6/8G$J%U%!%$%"%&%)!<%k$N%k!<%k%;%C%H$rF0:n$5$;$h$&$H�(B
�$B$9$k:]$K!"%U%!%$%"%&%)!<%k$O%V!<%H=*N;$K;j$k$^$G<B9T$5$l$J$$!"$H$$$&E@$K�(B
�$B$"$j$^$9!#�(B
�$B9%$^$7$$<jK!$H$7$F$O!"%M%C%H%o!<%/%5%V%7%9%F%`$N@_Dj$,%m!<%I$5$l$?D>8e$K!"�(B
�$B%U%!%$%"%&%)!<%k$N@_Dj$,%m!<%I$5$l$k$h$&$K$9$k$3$H$G$9!#�(B
�$B:#$N=j!"$3$N�(B HOWTO �$B$O�(B /etc/rc.d/rc.local �$B$N@_Dj$N$_$r07$C$F$$$^$9!#�(B
�$B$h$j6/8G$J%7%9%F%`$r$*K>$_$J$i!"$3$N�(B HOWTO �$B$N:G8e$N>O$K%j%s%/$,$"$k�(B
TrinityOS �$B$N�(B10�$B>O$r;2>H$9$k$3$H$r$*A&$a$7$^$9!#�(B
</LI>
</UL>
</LI>
</UL>
<P>
<P><B>�$B>e=R$N%U%!%$%"%&%)!<%k$N%k!<%k%;%C%H$rJQ99$7$?$$%f!<%6$X$NCm0U�(B - </B>
<P>
�$B40A4$J�(B TCP/IP �$B%M%C%H%o!<%/$r<B8=$9$k>e=R$NJ}K!$NBe$o$j$K!"�(B*�$BC1BN$N%^%7%s�(B
�$B$@$1�(B*�$B$N�(B IP �$B%^%9%+%l!<%G%#%s%0$r<B8=$7$?$$$H;W$&J}$b$$$k$3$H$G$7$g$&!#�(B
�$BNc$($P!";d$O�(B 192.168.0.2 �$B$H�(B 192.168.0.8 �$B$N%[%9%H$@$1$r%$%s%?!<%M%C%H$X�(B
�$B@\B3$5$;$?$$$H$7$^$9!#$3$N;~FbIt%M%C%H%o!<%/>e$KB>$N%^%7%s$OB8:_$7$^$;$s!#�(B
�$B;d$O�(B (�$B>e=R$N�(B) "�$BC1=c$J�(B IP �$B%U%)%o!<%G%#%s%05Z$S%^%9%+%l!<%G%#%s%0$r<B8=$9$k�(B"
�$B$N>O$N!"�(B /etc/rc.d/rc.firewall �$B$N%k!<%k%;%C%H$r!"0J2<$N$h$&$K=q$-49$($^$9!#�(B
<P>
<BLOCKQUOTE><CODE>
<PRE>
#!/bin/sh
#
# �$BC1=c$J�(B IP �$B%U%)%o!<%G%#%s%05Z$S%^%9%+%l!<%G%#%s%0$rM-8z$K$7$^$9!#�(B
#
# �$BCm0U�(B - �$B0J2<$NNc$O�(B 192.168.0.x �$B$NFbIt�(B LAN �$B%"%I%l%9$G�(B 255.255.255.0 �$BKt$O�(B
# "24" �$B%S%C%H$N%5%V%M%C%H%^%9%/$h$j$J$k%M%C%H%o!<%/$,!"�(B eth0
# �$B%$%s%?!<%U%'!<%9$rDL$8$F%$%s%?!<%M%C%H$X@\B3$5$l$k>l9g$r5-$7$F�(B
# �$B$$$^$9!#�(B
#
# ** �$B$"$J$?$NFbIt�(B LAN �$B$N@_Dj$K9g$&$h$&$K!"%M%C%H%o!<%/HV9f!"�(B
# ** �$B%5%V%M%C%H%^%9%/5Z$S%$%s%?!<%M%C%H@\B3$N%$%s%?!<%U%'!<%9L>�(B
# ** �$B$rJQ99$7$F$/$@$5$$!#�(B
#
/sbin/ipfwadm -F -p deny
/sbin/ipfwadm -F -a m -W eth0 -S 192.168.0.2/32 -D 0.0.0.0/0
/sbin/ipfwadm -F -a m -W eth0 -S 192.168.0.8/32 -D 0.0.0.0/0
</PRE>
</CODE></BLOCKQUOTE>
<P>
<P><B>�$B$h$/$"$k4V0c$$�(B - </B>
<P>�$B=i4|CJ3,$N�(B IP Masq �$B%f!<%6$,HH$7$,$A$J$h$/$"$k4V0c$$$H$7$F!"�(B
�$B0J2<$N$h$&$J%3%^%s%I$,$"$j$^$9�(B -
<PRE>
ipfwadm -F -p masquerade
</PRE>
<P>�$B7h$7$F!"%G%U%)%k%H%]%j%7!<$r%^%9%+%l!<%G%#%s%0$K$7$F$O�(B<B>�$B$$$1$^$;$s�(B</B>�$B!#�(B
�$B$5$b$J$/$P!"7PO)%F!<%V%k$rA`:n$G$-$kC/$+$,$"$J$?$N%2!<%H%&%'%$%^%7%s$K�(B
�$B7j$r3+$1!"<+?H$N?H85$r%^%9%+%l!<%I$7$F$7$^$&$+$bCN$l$J$$$+$i$G$9�(B!
<P>
<P>�$B7+$jJV$7$^$9!"$3$l$i$N9T$O�(B <CODE>/etc/rc.d/rc.firewall</CODE> �$B%U%!%$%k$+!"�(B
�$B$"$J$?$,A*Br$9$kB>$N�(B rc �$B%U%!%$%k$N$&$A$N0l$D$KDI2C$G$-$k$+!"�(B
IP �$B%^%9%+%l!<%I$rI,MW$H$9$kEYKh$K<j:n6H$G<B9T$G$-$^$9!#�(B
<P>�$B$h$j6/8G$J�(B IPCHAINS �$B$H�(B IPFWADM �$B$N%k!<%k%;%C%H$NNc$N>\:Y$J<j0z$K4X$7$F$O!"�(B
<A HREF="IP-Masquerade-HOWTO-6.html#Strong-IPCHAINS-Rulesets">�$B6/$$�(B IPCHAINS �$B$N%k!<%k%;%C%H�(B</A> �$B$H�(B
<A HREF="IP-Masquerade-HOWTO-6.html#Strong-IPFWADM-Rulesets">�$B6/$$�(B IPFWADM �$B$N%k!<%k%;%C%H�(B</A> �$B$N�(B
�$B>O$r;2>H$7$F$/$@$5$$!#�(B
<P>
<HR>
<A HREF="IP-Masquerade-HOWTO-4.html">�$B<!$N%Z!<%8�(B</A>
<A HREF="IP-Masquerade-HOWTO-2.html">�$BA0$N%Z!<%8�(B</A>
<A HREF="IP-Masquerade-HOWTO.html#toc3">�$BL\<!$X�(B</A>
</BODY>
</HTML>
