<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
<TITLE>Linux IPCHAINS-HOWTO: �$BIUO?�(B: ipchains �$B$H�(B ipfwadm �$B$H$N0c$$�(B</TITLE>
<LINK HREF="IPCHAINS-HOWTO-9.html" REL=next>
<LINK HREF="IPCHAINS-HOWTO-7.html" REL=previous>
<LINK HREF="IPCHAINS-HOWTO.html#toc8" REL=contents>
</HEAD>
<BODY>
<A HREF="IPCHAINS-HOWTO-9.html">�$B<!$N%Z!<%8�(B</A>
<A HREF="IPCHAINS-HOWTO-7.html">�$BA0$N%Z!<%8�(B</A>
<A HREF="IPCHAINS-HOWTO.html#toc8">�$BL\<!$X�(B</A>
<HR>
<H2><A NAME="ipfwadm-diff"></A> <A NAME="s8">8. �$BIUO?�(B: ipchains �$B$H�(B ipfwadm �$B$H$N0c$$�(B</A></H2>
<P>�$B$3$l$i$NJQ99$N4v$D$+$O%+!<%M%k$NJQ99$N7k2L$G$"$j!"$^$?4v$D$+$O�(B <CODE>ipchains</CODE> �$B$H�(B <CODE>ipfwadm</CODE> �$B$H$N0c$$$N7k2L$G$9!#�(B
<P>
<P>
<OL>
<LI> �$BB?$/$N0z?t$O:FG[CV$5$l$^$7$?�(B:
�$B8=:_!"BgJ8;z$O%3%^%s%I$r<($7!">.J8;z$O%*%W%7%g%s$r<($7$^$9!#�(B
</LI>
<LI> �$BG$0U$N%A%'%$%s$,%5%]!<%H$5$l$^$7$?$N$G!"AH$_9~$_%A%'%$%s$bF1MM$K%U%i%0$G$O$J$/%U%k%M!<%`$G5-:\$9$kI,MW$,$"$j$^$9!#�(B
(�$BNc�(B. `-I' �$B$G$O$J$/�(B `input' �$B$H5-:\$7$^$9�(B).
</LI>
<LI> `-k' �$B%*%W%7%g%s$O$J$/$J$j$^$7$?!#�(B `! -y' �$B$r;H$C$F2<$5$$!#�(B
</LI>
<LI> `-b' �$B%*%W%7%g%s$O!"C10l$N�(B `�$BAPJ}8~�(B' �$B%k!<%k$H$$$&$h$j$b!"$`$7$m<B:]$K$O�(B2�$B$D$N%k!<%k$KBP$7$FA^F~�(B/�$BDI2C�(B/�$B:o=|$r9T$$$^$9!#�(B
</LI>
<LI> `-b' �$B%*%W%7%g%s$O�(B 2�$B$D$N%A%'%C%/$r9T$&$?$a$K!"�(B `-C' �$B%*%W%7%g%s$K$FL58z2=$5$l$^$9!#�(B(�$B3F!9$NJ}8~$N�(B1�$B$D�(B)
</LI>
<LI> `-l' �$B$KBP$9$k�(B `-x' �$B%*%W%7%g%s$O�(B `-v' �$B$KJQ99$5$l$^$7$?!#�(B
</LI>
<LI> �$B$b$&!"J#?t$NAw?.B&$H<u?.B&$N%]!<%H$O%5%]!<%H$5$l$^$;$s!#�(B
�$BK>$^$7$/$O!"%]!<%HI}$rH]Dj$G$-$k$3$H$G!"B?>/$O$=$NL\E*$rJd$&$G$7$g$&!#�(B
</LI>
<LI> �$B%$%s%?!<%U%'!<%9$O�(B(�$B%"%I%l%9$G$J$/�(B)�$BL>A0$K$h$C$F$N$_;XDj$G$-$^$9!#�(B
�$B$^$!!"$I$N$_$A!"0JA0$N0UL#IU$1$O�(B 2.1 �$B%+!<%M%k%7%j!<%:$G@E$+$KJQ99$5$l$?$3$H$G$9$7!#�(B
</LI>
<LI> �$B%Q%1%C%H$NCGJR2=$O8!::$5$l$^$9$N$G!"<+F0E*$K$OAGDL$j$7$^$;$s!#�(B
</LI>
<LI> �$BL@<(E*$J7W?t%A%'%$%s$OGQ;_$5$l$^$7$?!#�(B
</LI>
<LI> IP�$B>e$NG$0U$N%W%m%H%3%k$,%F%9%H$G$-$^$9!#�(B
</LI>
<LI> SYN �$B$H�(B ACK �$B$NAH9g$;$KBP$9$k0JA0$N?6Iq$$�(B (�$B0JA0$OHs�(B TCP �$B%Q%1%C%H$OL5;k$7$F$$$^$7$?�(B) �$B$OJQ99$5$l$^$7$?�(B;
SYN �$B%*%W%7%g%s$O!"Hs�(B TCP �$BFHFC$N%k!<%k$KBP$7$F$OL58z$G$9!#�(B
</LI>
<LI> �$B8=:_!"�(B32�$B%S%C%H%^%7%s>e$N%+%&%s%?$O�(B 64�$B%S%C%H$G$"$j!"�(B32�$B%S%C%H$G$O$"$j$^$;$s!#�(B
</LI>
<LI> �$B8=:_!"H?E>%*%W%7%g%s$,%5%]!<%H$5$l$F$$$^$9!#�(B
</LI>
<LI> �$B8=:_!"�(B ICMP �$B%3!<%I$,%5%]!<%H$5$l$F$$$^$9!#�(B
</LI>
<LI> �$B8=:_!"%o%$%k%I%+!<%I%$%s%?!<%U%'!<%9$,%5%]!<%H$5$l$F$$$^$9!#�(B
</LI>
<LI> �$B8=:_!"�(BTOS �$BA`:n$OJ,JL%A%'%C%/$5$l$^$9�(B:
�$B8E$$%+!<%M%k%3!<%I$O�(B `�$B%<%m$G$J$1$l$P$J$i$J$$�(B' TOS �$B%S%C%H$r�(B(�$BITEv$K�(B)�$BA`:n$5$l$k$3$H$G!"@E$+$K;_$^$C$F$7$^$C$F$$$^$7$?�(B;
�$B8=:_!"�(B ipchains �$B$O�(B �$B$=$N$h$&$J;n$_$KBP$7$F!"B>$NITEv$J>l9g$HF1MM$K%(%i!<$rJV$7$^$9!#�(B
</LI>
</OL>
<P>
<H2><A NAME="ss8.1">8.1 �$B%/%#%C%/%j%U%!%l%s%90lMw�(B</A>
</H2>
<P>[ �$B<g$K!"%3%^%s%I0z?t$OBgJ8;z$G!"%*%W%7%g%s0z?t$O>.J8;z$G$9!#�(B]
<P>
<P>�$BCm0U$9$Y$-0lE@$H$7$F!"�(B �$B%^%9%+%l!<%G%#%s%0$O�(B `-j MASQ' �$B$H5-:\$7$^$9�(B;
�$B$3$l$O�(B `-j ACCEPT' �$B$HA4$/0[$J$j!"$^$?�(B <CODE>ipfwadm</CODE> �$B$N$h$&$JI{<!E*8z2L$H$7$F$O<h$j07$$$^$;$s!#�(B
<P>
<P>
<PRE>
================================================================
| ipfwadm | ipchains | �$BCm0U�(B
----------------------------------------------------------------
| -A [both] | -N acct | `acct' �$B%A%'%$%s$r@8@.$7!"�(B
| |& -I 1 input -j acct | �$B=PNO$HF~NO%Q%1%C%H$r$=$l�(B
| |& -I 1 output -j acct | �$B$KDL2a$5$;$^$9!#�(B
| |& acct |
----------------------------------------------------------------
| -A in | input | �$B%?!<%2%C%H$J$7$N%k!<%k�(B
----------------------------------------------------------------
| -A out | output | �$B%?!<%2%C%H$J$7$N%k!<%k�(B
----------------------------------------------------------------
| -F | forward | [�$B%A%'%$%s�(B]�$B$H$7$FMQ$$$^$9!#�(B
----------------------------------------------------------------
| -I | input | [�$B%A%'%$%s�(B]�$B$H$7$FMQ$$$^$9!#�(B
----------------------------------------------------------------
| -O | output | [�$B%A%'%$%s�(B]�$B$H$7$FMQ$$$^$9!#�(B
----------------------------------------------------------------
| -M -l | -M -L |
----------------------------------------------------------------
| -M -s | -M -S |
----------------------------------------------------------------
| -a policy | -A [chain] -j POLICY | (�$B$G$b�(B -r �$B$H�(B -m �$B$b8+$F2<�(B
| | | �$B$5$$�(B).
----------------------------------------------------------------
| -d policy | -D [chain] -j POLICY | (�$B$G$b�(B -r �$B$H�(B -m �$B$b8+$F2<�(B
| | | �$B$5$$�(B).
----------------------------------------------------------------
| -i policy | -I 1 [chain] -j POLICY| (�$B$G$b�(B -r �$B$H�(B -m �$B$b8+$F2<�(B
| | | �$B$5$$�(B).
----------------------------------------------------------------
| -l | -L |
----------------------------------------------------------------
| -z | -Z |
----------------------------------------------------------------
| -f | -F |
----------------------------------------------------------------
| -p | -P |
----------------------------------------------------------------
| -c | -C |
----------------------------------------------------------------
| -P | -p |
----------------------------------------------------------------
| -S | -s | 1�$B%]!<%H$^$?$O%l%s%8$KBP�(B
| | | �$B$7$F$N$_5!G=$7!"J#?t$G�(B
| | | �$B$O$"$j$^$;$s!#�(B
----------------------------------------------------------------
| -D | -d | 1�$B%]!<%H$^$?$O%l%s%8$KBP�(B
| | | �$B$7$F$N$_5!G=$7!"J#?t$G�(B
| | | �$B$O$"$j$^$;$s!#�(B
----------------------------------------------------------------
| -V | <none> | -i [�$BL>A0�(B] �$B$GMQ$$$^$9!#�(B
----------------------------------------------------------------
| -W | -i |
----------------------------------------------------------------
| -b | -b | �$B8=:_!"<B:]$K$O�(B2�$B%k!<%k$r�(B
| | | �$B:n@.$7$^$9!#�(B
----------------------------------------------------------------
| -e | -v |
----------------------------------------------------------------
| -k | ! -y | -p tcp �$B$H6&$K;XDj$7$J$$�(B
| | | �$B$H5!G=$7$^$;$s!#�(B
----------------------------------------------------------------
| -m | -j MASQ |
----------------------------------------------------------------
| -n | -n |
----------------------------------------------------------------
| -o | -l |
----------------------------------------------------------------
| -r [redirpt] | -j REDIRECT [redirpt] |
----------------------------------------------------------------
| -t | -t |
----------------------------------------------------------------
| -v | -v |
----------------------------------------------------------------
| -x | -x |
----------------------------------------------------------------
| -y | -y | -p tcp �$B$H6&$K;XDj$7$J$$�(B
| | | �$B$H5!G=$7$^$;$s!#�(B
----------------------------------------------------------------
</PRE>
<P>
<H2><A NAME="ss8.2">8.2 ipfwadm �$B%3%^%s%I$NJQ49Nc�(B</A>
</H2>
<P>�$B5l%3%^%s%I�(B: ipfwadm -F -p deny
<P>�$B?7%3%^%s%I�(B: ipchains -P forward DENY
<P>
<P>�$B5l%3%^%s%I�(B: ipfwadm -F -a m -S 192.168.0.0/24 -D 0.0.0.0/0
<P>�$B?7%3%^%s%I�(B: ipchains -A forward -j MASQ -s 192.168.0.0/24 -d 0.0.0.0/0
<P>
<P>�$B5l%3%^%s%I�(B: ipfwadm -I -a accept -V 10.1.2.1 -S 10.0.0.0/8 -D 0.0.0.0/0
<P>�$B?7%3%^%s%I�(B: ipchains -A input -j ACCEPT -i eth0 -s 10.0.0.0/8 -d 0.0.0.0/0
<P>(�$B%$%s%?!<%U%'!<%9$r%"%I%l%9$K$h$C$F;XDj$9$k$N$H$O0c$&$3$H$KCm0U$7$F2<$5$$�(B:
�$B%$%s%?!<%U%'!<%9L>$rMQ$$$F2<$5$$!#�(B
�$B$3$N%^%7%s>e$G$O!"�(B 10.1.2.1 �$B$O�(B eth0 �$B$KAjEv$7$^$9�(B)�$B!#�(B
<P>
<HR>
<A HREF="IPCHAINS-HOWTO-9.html">�$B<!$N%Z!<%8�(B</A>
<A HREF="IPCHAINS-HOWTO-7.html">�$BA0$N%Z!<%8�(B</A>
<A HREF="IPCHAINS-HOWTO.html#toc8">�$BL\<!$X�(B</A>
</BODY>
</HTML>
