FreeBSD/PPPOE の変更点

追加された行はこの色です。
削除された行はこの色です。
FreeBSD/PPPOE へ行く。
*''&SIZE(15){PPPOE};'' [#lfb7868f]

+[[''カーネル再構築''>#A]]
+[[''/etc/ppp/ppp.confの編集''>#B]]
+[[''/etc/rc.confの編集''>#C]]
+[[''/etc/rc.ipfwの編集''>#D]]
+[[''/etc/natd.conf''>#E]]
+[[''再起動''>#F]]

**''カーネル再構築''&aname(A); [#oc2393b1]
下記のオプションを加えカーネル再構築を行います。~
[[カーネル再構築はこちら参照>FreeBSD/カーネル再構築]]~
 -----------------------------------
 # PPPoE
 options    NETGRAPH
 options    NETGRAPH_ETHER
 options    NETGRAPH_PPPOE
 options    NETGRAPH_SOCKET
 # NAT
 options    IPDIVERT                        #NATを使う場合
 # FIREWALL
 options    IPFIREWALL
 options    IPFIREWALL_VERBOSE              #ipfwでログを取る場合
 options    IPFIREWALL_VERBOSE_LIMIT=50000
 -----------------------------------

**''/etc/ppp/ppp.confの編集''&aname(B); [#ed6f58b3]
ppp.confを編集し、プロバイダからもらっているIDとPasswordを記述する。~
 default:
  set log Phase Chat IPCP CCP tun command
  ident user-ppp VERSION (built COMPILATIONDATE)
 
  set device PPPoE:rl1
  set MRU 1492
  set MTU 1454
 
  accept CHAP
  accept lqr
  enable lqr
 
  set timeout 0
 
 biglobe:
  set authname <ログインID>        #プロバイダからもらったID
  set authkey <パスワード>         #プロバイダからもらったパスワード
  add default HISADDR

**''/etc/rc.confの編集''&aname(C); [#z458a17f]
 # vi /etc/rc.conf
 ----------------------------------------
 ppp_enable="YES"
 ppp_mode="ddial"
 ppp_nat="NO"                      #pppによるNATを禁止する
 ppp_profile="biglobe"
 firewall_enable="YES"
 firewall_script="/etc/ipfw.conf"
 natd_enable="YES"                 #natdによるNATを使用する
 natd_interface="tun0"
 natd_flags="-f /etc/natd.conf"
 ----------------------------------------

**''/etc/ipfw.confの編集''&aname(D);((中国からのアクセス拒否、参考にしたサイト：[[がとらほ ipfwによるIPパケットフィルタリング>http://www.intaa.net/~gato/ipfw.html#denycn]])) [#o17f75bb]
ファイアーフォールの設定ファイルを作成する~
 ### 基本設定
 IPFW="/sbin/ipfw"      # ipfw のフルパス
 #ALLOW="allow log"     # allow 指定時の文字列．log を付け足すことでロギングも出来る．
 ALLOW="allow"
 DENY="deny log"                # deny 指定時の文字列．log を付け足すことでロギングも出来る．
 #DENY="deny"
 
 ### まずは初期定義を初期化
 ipfw -q -f flush
 
 ### 韓国からのアクセス拒否 to any
 ${IPFW} 010 add deny ip from 61.32.0.0/13 to any
 ${IPFW} 010 add deny ip from 61.40.0.0/14 to any
 ${IPFW} 010 add deny ip from 61.72.0.0/13 to any
 ${IPFW} 010 add deny ip from 61.80.0.0/14 to any
 ${IPFW} 010 add deny ip from 61.84.0.0/15 to any
 ${IPFW} 010 add deny ip from 61.96.0.0/12 to any
 ${IPFW} 010 add deny ip from 61.248.0.0/13 to any
 ${IPFW} 010 add deny ip from 128.134.0.0/16 to any
 ${IPFW} 010 add deny ip from 129.254.0.0/16 to any
 ${IPFW} 010 add deny ip from 134.75.0.0/16 to any
 ${IPFW} 010 add deny ip from 137.68.0.0/16 to any
 ${IPFW} 010 add deny ip from 141.223.0.0/16 to any
 ${IPFW} 010 add deny ip from 143.248.0.0/16 to any
 ${IPFW} 010 add deny ip from 147.6.0.0/16 to any
 ${IPFW} 010 add deny ip from 147.43.0.0/16 to any
 ${IPFW} 010 add deny ip from 147.46.0.0/15 to any
 ${IPFW} 010 add deny ip from 150.150.0.0/16 to any
 ${IPFW} 010 add deny ip from 150.183.0.0/16 to any
 ${IPFW} 010 add deny ip from 152.99.0.0/16 to any
 ${IPFW} 010 add deny ip from 152.149.0.0/16 to any
 ${IPFW} 010 add deny ip from 154.10.0.0/16 to any
 ${IPFW} 010 add deny ip from 155.230.0.0/16 to any
 ${IPFW} 010 add deny ip from 156.147.0.0/16 to any
 ${IPFW} 010 add deny ip from 157.197.0.0/16 to any
 ${IPFW} 010 add deny ip from 158.44.0.0/16 to any
 ${IPFW} 010 add deny ip from 161.122.0.0/16 to any
 ${IPFW} 010 add deny ip from 163.152.0.0/16 to any
 ${IPFW} 010 add deny ip from 163.180.0.0/16 to any
 ${IPFW} 010 add deny ip from 163.239.0.0/16 to any
 ${IPFW} 010 add deny ip from 164.124.0.0/15 to any
 ${IPFW} 010 add deny ip from 165.132.0.0/15 to any
 ${IPFW} 010 add deny ip from 165.141.0.0/16 to any
 ${IPFW} 010 add deny ip from 165.186.0.0/16 to any
 ${IPFW} 010 add deny ip from 165.194.0.0/16 to any
 ${IPFW} 010 add deny ip from 165.213.0.0/16 to any
 ${IPFW} 010 add deny ip from 165.229.0.0/16 to any
 ${IPFW} 010 add deny ip from 165.243.0.0/15 to any
 ${IPFW} 010 add deny ip from 165.244.0.0/16 to any
 ${IPFW} 010 add deny ip from 165.246.0.0/16 to any
 ${IPFW} 010 add deny ip from 166.79.0.0/16 to any
 ${IPFW} 010 add deny ip from 166.103.0.0/16 to any
 ${IPFW} 010 add deny ip from 166.104.0.0/16 to any
 ${IPFW} 010 add deny ip from 166.125.0.0/16 to any
 ${IPFW} 010 add deny ip from 168.78.0.0/16 to any
 ${IPFW} 010 add deny ip from 168.115.0.0/16 to any
 ${IPFW} 010 add deny ip from 168.126.0.0/16 to any
 ${IPFW} 010 add deny ip from 168.131.0.0/16 to any
 ${IPFW} 010 add deny ip from 168.154.0.0/16 to any
 ${IPFW} 010 add deny ip from 168.188.0.0/16 to any
 ${IPFW} 010 add deny ip from 168.219.0.0/16 to any
 ${IPFW} 010 add deny ip from 168.248.0.0/15 to any
 ${IPFW} 010 add deny ip from 169.140.0.0/16 to any
 ${IPFW} 010 add deny ip from 192.5.90.0/24 to any
 ${IPFW} 010 add deny ip from 192.100.2.0/24 to any
 ${IPFW} 010 add deny ip from 192.104.15.0/24 to any
 ${IPFW} 010 add deny ip from 192.132.15.0/24 to any
 ${IPFW} 010 add deny ip from 192.132.247.0/24 to any
 ${IPFW} 010 add deny ip from 192.132.248.0/22 to any
 ${IPFW} 010 add deny ip from 192.195.39.0/24 to any
 ${IPFW} 010 add deny ip from 192.195.40.0/24 to any
 ${IPFW} 010 add deny ip from 192.203.138.0/24 to any
 ${IPFW} 010 add deny ip from 192.203.139.0/24 to any
 ${IPFW} 010 add deny ip from 192.203.140.0/22 to any
 ${IPFW} 010 add deny ip from 192.203.144.0/23 to any
 ${IPFW} 010 add deny ip from 192.203.146.0/24 to any
 ${IPFW} 010 add deny ip from 192.245.249.0/24 to any
 ${IPFW} 010 add deny ip from 192.245.250.0/23 to any
 ${IPFW} 010 add deny ip from 192.249.16.0/20 to any
 ${IPFW} 010 add deny ip from 198.178.187.0/24 to any
 ${IPFW} 010 add deny ip from 202.6.95.0/24 to any
 ${IPFW} 010 add deny ip from 202.14.103.0/24 to any
 ${IPFW} 010 add deny ip from 202.14.165.0/24 to any
 ${IPFW} 010 add deny ip from 202.20.82.0/23 to any
 ${IPFW} 010 add deny ip from 202.20.84.0/23 to any
 ${IPFW} 010 add deny ip from 202.20.86.0/24 to any
 ${IPFW} 010 add deny ip from 202.20.99.0/24 to any
 ${IPFW} 010 add deny ip from 202.20.119.0/24 to any
 ${IPFW} 010 add deny ip from 202.20.128.0/17 to any
 ${IPFW} 010 add deny ip from 202.21.0.0/21 to any
 ${IPFW} 010 add deny ip from 202.30.0.0/15 to any
 ${IPFW} 010 add deny ip from 202.189.128.0/20 to any
 ${IPFW} 010 add deny ip from 203.224.0.0/11 to any
 ${IPFW} 010 add deny ip from 210.80.96.0/19 to any
 ${IPFW} 010 add deny ip from 210.90.0.0/15 to any
 ${IPFW} 010 add deny ip from 210.92.0.0/14 to any
 ${IPFW} 010 add deny ip from 210.96.0.0/11 to any
 ${IPFW} 010 add deny ip from 210.178.0.0/15 to any
 ${IPFW} 010 add deny ip from 210.180.0.0/14 to any
 ${IPFW} 010 add deny ip from 210.204.0.0/14 to any
 ${IPFW} 010 add deny ip from 210.216.0.0/13 to any
 ${IPFW} 010 add deny ip from 211.32.0.0/11 to any
 ${IPFW} 010 add deny ip from 211.104.0.0/13 to any
 ${IPFW} 010 add deny ip from 211.112.0.0/13 to any
 ${IPFW} 010 add deny ip from 211.168.0.0/13 to any
 ${IPFW} 010 add deny ip from 211.176.0.0/12 to any
 ${IPFW} 010 add deny ip from 211.192.0.0/10 to any
 ${IPFW} 010 add deny ip from 218.36.0.0/14 to any
 ${IPFW} 010 add deny ip from 218.48.0.0/13 to any
 ${IPFW} 010 add deny ip from 218.144.0.0/12 to any
 ${IPFW} 010 add deny ip from 218.232.0.0/13 to any
 ${IPFW} 010 add deny ip from 219.240.0.0/15 to any
 ${IPFW} 010 add deny ip from 219.248.0.0/13 to any
 ${IPFW} 010 add deny ip from 220.64.0.0/11 to any
 ${IPFW} 010 add deny ip from 220.116.0.0/14 to any
 ${IPFW} 010 add deny ip from 220.120.0.0/13 to any
 ${IPFW} 010 add deny ip from 221.138.0.0/15 to any
 ${IPFW} 010 add deny ip from 221.140.0.0/14 to any
 ${IPFW} 010 add deny ip from 221.144.0.0/12 to any
 ${IPFW} 010 add deny ip from 221.160.0.0/13 to any
 ${IPFW} 010 add deny ip from 221.168.0.0/16 to any
 ${IPFW} 010 add deny ip from 222.96.0.0/12 to any
 ${IPFW} 010 add deny ip from 222.112.0.0/13 to any
 ${IPFW} 010 add deny ip from 222.120.0.0/15 to any
 ${IPFW} 010 add deny ip from 222.122.0.0/16 to any
 ${IPFW} 010 add deny ip from 222.232.0.0/13 to any
 
 ### 中国からのアクセス拒否 to any
 ${IPFW} 010 add deny ip from 61.4.64.0/20 to any
 ${IPFW} 010 add deny ip from 61.28.0.0/17 to any
 ${IPFW} 010 add deny ip from 61.48.0.0/13 to any
 ${IPFW} 010 add deny ip from 61.128.0.0/13 to any
 ${IPFW} 010 add deny ip from 61.136.0.0/13 to any
 ${IPFW} 010 add deny ip from 61.144.0.0/12 to any
 ${IPFW} 010 add deny ip from 61.160.0.0/11 to any
 ${IPFW} 010 add deny ip from 61.232.0.0/14 to any
 ${IPFW} 010 add deny ip from 61.236.0.0/15 to any
 ${IPFW} 010 add deny ip from 61.240.0.0/14 to any
 ${IPFW} 010 add deny ip from 134.196.0.0/16 to any
 ${IPFW} 010 add deny ip from 159.226.0.0/16 to any
 ${IPFW} 010 add deny ip from 161.207.0.0/16 to any
 ${IPFW} 010 add deny ip from 162.105.0.0/16 to any
 ${IPFW} 010 add deny ip from 166.111.0.0/16 to any
 ${IPFW} 010 add deny ip from 167.139.0.0/16 to any
 ${IPFW} 010 add deny ip from 168.160.0.0/16 to any
 ${IPFW} 010 add deny ip from 192.83.122.0/24 to any
 ${IPFW} 010 add deny ip from 192.124.154.0/24 to any
 ${IPFW} 010 add deny ip from 192.188.170.0/24 to any
 ${IPFW} 010 add deny ip from 198.17.7.0/24 to any
 ${IPFW} 010 add deny ip from 198.97.132.0/24 to any
 ${IPFW} 010 add deny ip from 202.0.110.0/24 to any
 ${IPFW} 010 add deny ip from 202.0.160.0/20 to any
 ${IPFW} 010 add deny ip from 202.0.176.0/22 to any
 ${IPFW} 010 add deny ip from 202.3.77.0/24 to any
 ${IPFW} 010 add deny ip from 202.4.128.0/19 to any
 ${IPFW} 010 add deny ip from 202.14.88.0/24 to any
 ${IPFW} 010 add deny ip from 202.14.235.0/24 to any
 ${IPFW} 010 add deny ip from 202.14.236.0/23 to any
 ${IPFW} 010 add deny ip from 202.14.238.0/24 to any
 ${IPFW} 010 add deny ip from 202.20.120.0/24 to any
 ${IPFW} 010 add deny ip from 202.22.248.0/21 to any
 ${IPFW} 010 add deny ip from 202.38.0.0/20 to any
 ${IPFW} 010 add deny ip from 202.38.64.0/18 to any
 ${IPFW} 010 add deny ip from 202.38.128.0/21 to any
 ${IPFW} 010 add deny ip from 202.38.136.0/23 to any
 ${IPFW} 010 add deny ip from 202.38.138.0/24 to any
 ${IPFW} 010 add deny ip from 202.38.140.0/22 to any
 ${IPFW} 010 add deny ip from 202.38.144.0/22 to any
 ${IPFW} 010 add deny ip from 202.38.149.0/24 to any
 ${IPFW} 010 add deny ip from 202.38.150.0/23 to any
 ${IPFW} 010 add deny ip from 202.38.152.0/22 to any
 ${IPFW} 010 add deny ip from 202.38.156.0/24 to any
 ${IPFW} 010 add deny ip from 202.38.158.0/23 to any
 ${IPFW} 010 add deny ip from 202.38.160.0/23 to any
 ${IPFW} 010 add deny ip from 202.38.164.0/22 to any
 ${IPFW} 010 add deny ip from 202.38.168.0/21 to any
 ${IPFW} 010 add deny ip from 202.38.176.0/23 to any
 ${IPFW} 010 add deny ip from 202.38.184.0/21 to any
 ${IPFW} 010 add deny ip from 202.38.192.0/18 to any
 ${IPFW} 010 add deny ip from 202.90.0.0/22 to any
 ${IPFW} 010 add deny ip from 202.90.252.0/22 to any
 ${IPFW} 010 add deny ip from 202.91.0.0/22 to any
 ${IPFW} 010 add deny ip from 202.91.128.0/22 to any
 ${IPFW} 010 add deny ip from 202.92.0.0/22 to any
 ${IPFW} 010 add deny ip from 202.92.252.0/22 to any
 ${IPFW} 010 add deny ip from 202.93.0.0/22 to any
 ${IPFW} 010 add deny ip from 202.93.252.0/22 to any
 ${IPFW} 010 add deny ip from 202.94.0.0/19 to any
 ${IPFW} 010 add deny ip from 202.95.0.0/19 to any
 ${IPFW} 010 add deny ip from 202.95.252.0/22 to any
 ${IPFW} 010 add deny ip from 202.96.0.0/12 to any
 ${IPFW} 010 add deny ip from 202.112.0.0/13 to any
 ${IPFW} 010 add deny ip from 202.120.0.0/15 to any
 ${IPFW} 010 add deny ip from 202.122.0.0/21 to any
 ${IPFW} 010 add deny ip from 202.122.32.0/21 to any
 ${IPFW} 010 add deny ip from 202.122.128.0/24 to any
 ${IPFW} 010 add deny ip from 202.127.0.0/21 to any
 ${IPFW} 010 add deny ip from 202.127.12.0/22 to any
 ${IPFW} 010 add deny ip from 202.127.16.0/20 to any
 ${IPFW} 010 add deny ip from 202.127.40.0/21 to any
 ${IPFW} 010 add deny ip from 202.127.48.0/20 to any
 ${IPFW} 010 add deny ip from 202.127.128.0/19 to any
 ${IPFW} 010 add deny ip from 202.127.160.0/21 to any
 ${IPFW} 010 add deny ip from 202.127.192.0/21 to any
 ${IPFW} 010 add deny ip from 202.127.200.0/21 to any
 ${IPFW} 010 add deny ip from 202.127.208.0/20 to any
 ${IPFW} 010 add deny ip from 202.127.240.0/20 to any
 ${IPFW} 010 add deny ip from 202.130.0.0/19 to any
 ${IPFW} 010 add deny ip from 202.130.224.0/19 to any
 ${IPFW} 010 add deny ip from 202.131.208.0/20 to any
 ${IPFW} 010 add deny ip from 202.148.96.0/19 to any
 ${IPFW} 010 add deny ip from 202.168.160.0/20 to any
 ${IPFW} 010 add deny ip from 202.192.0.0/12 to any
 ${IPFW} 010 add deny ip from 203.79.0.0/20 to any
 ${IPFW} 010 add deny ip from 203.81.16.0/20 to any
 ${IPFW} 010 add deny ip from 203.87.224.0/19 to any
 ${IPFW} 010 add deny ip from 203.88.0.0/22 to any
 ${IPFW} 010 add deny ip from 203.89.0.0/22 to any
 ${IPFW} 010 add deny ip from 203.90.0.0/22 to any
 ${IPFW} 010 add deny ip from 203.92.0.0/22 to any
 ${IPFW} 010 add deny ip from 203.93.0.0/16 to any
 ${IPFW} 010 add deny ip from 203.94.0.0/19 to any
 ${IPFW} 010 add deny ip from 203.95.0.0/21 to any
 ${IPFW} 010 add deny ip from 203.128.128.0/19 to any
 ${IPFW} 010 add deny ip from 203.148.0.0/18 to any
 ${IPFW} 010 add deny ip from 203.175.128.0/19 to any
 ${IPFW} 010 add deny ip from 203.175.192.0/18 to any
 ${IPFW} 010 add deny ip from 203.192.0.0/19 to any
 ${IPFW} 010 add deny ip from 203.196.0.0/21 to any
 ${IPFW} 010 add deny ip from 203.207.64.0/18 to any
 ${IPFW} 010 add deny ip from 203.207.128.0/17 to any
 ${IPFW} 010 add deny ip from 203.208.0.0/20 to any
 ${IPFW} 010 add deny ip from 203.208.16.0/22 to any
 ${IPFW} 010 add deny ip from 203.212.0.0/20 to any
 ${IPFW} 010 add deny ip from 203.222.192.0/20 to any
 ${IPFW} 010 add deny ip from 203.223.0.0/20 to any
 ${IPFW} 010 add deny ip from 210.5.0.0/19 to any
 ${IPFW} 010 add deny ip from 210.5.128.0/20 to any
 ${IPFW} 010 add deny ip from 210.12.0.0/15 to any
 ${IPFW} 010 add deny ip from 210.14.64.0/19 to any
 ${IPFW} 010 add deny ip from 210.14.160.0/19 to any
 ${IPFW} 010 add deny ip from 210.14.192.0/18 to any
 ${IPFW} 010 add deny ip from 210.15.0.0/17 to any
 ${IPFW} 010 add deny ip from 210.15.128.0/18 to any
 ${IPFW} 010 add deny ip from 210.21.0.0/16 to any
 ${IPFW} 010 add deny ip from 210.22.0.0/16 to any
 ${IPFW} 010 add deny ip from 210.25.0.0/16 to any
 ${IPFW} 010 add deny ip from 210.26.0.0/15 to any
 ${IPFW} 010 add deny ip from 210.28.0.0/14 to any
 ${IPFW} 010 add deny ip from 210.32.0.0/12 to any
 ${IPFW} 010 add deny ip from 210.51.0.0/16 to any
 ${IPFW} 010 add deny ip from 210.52.0.0/15 to any
 ${IPFW} 010 add deny ip from 210.72.0.0/14 to any
 ${IPFW} 010 add deny ip from 210.76.0.0/15 to any
 ${IPFW} 010 add deny ip from 210.78.0.0/16 to any
 ${IPFW} 010 add deny ip from 210.79.224.0/19 to any
 ${IPFW} 010 add deny ip from 210.82.0.0/15 to any
 ${IPFW} 010 add deny ip from 210.87.128.0/20 to any
 ${IPFW} 010 add deny ip from 210.192.96.0/19 to any
 ${IPFW} 010 add deny ip from 210.211.0.0/20 to any
 ${IPFW} 010 add deny ip from 211.64.0.0/13 to any
 ${IPFW} 010 add deny ip from 211.80.0.0/13 to any
 ${IPFW} 010 add deny ip from 211.88.0.0/13 to any
 ${IPFW} 010 add deny ip from 211.96.0.0/13 to any
 ${IPFW} 010 add deny ip from 211.136.0.0/13 to any
 ${IPFW} 010 add deny ip from 211.144.0.0/12 to any
 ${IPFW} 010 add deny ip from 211.160.0.0/13 to any
 ${IPFW} 010 add deny ip from 218.0.0.0/13 to any
 ${IPFW} 010 add deny ip from 218.8.0.0/13 to any
 ${IPFW} 010 add deny ip from 218.16.0.0/12 to any
 ${IPFW} 010 add deny ip from 218.56.0.0/13 to any
 ${IPFW} 010 add deny ip from 218.64.0.0/11 to any
 ${IPFW} 010 add deny ip from 218.96.0.0/14 to any
 ${IPFW} 010 add deny ip from 218.104.0.0/14 to any
 ${IPFW} 010 add deny ip from 218.108.0.0/15 to any
 ${IPFW} 010 add deny ip from 218.192.0.0/12 to any
 ${IPFW} 010 add deny ip from 218.240.0.0/13 to any
 #2006/03/18追加
 ${IPFW} 010 add deny ip from 218.75.96.252/30 to any
 ${IPFW} 010 add deny ip from 219.72.0.0/16 to any
 ${IPFW} 010 add deny ip from 219.82.0.0/16 to any
 ${IPFW} 010 add deny ip from 219.128.0.0/11 to any
 ${IPFW} 010 add deny ip from 219.216.0.0/13 to any
 ${IPFW} 010 add deny ip from 219.224.0.0/12 to any
 ${IPFW} 010 add deny ip from 219.242.0.0/15 to any
 ${IPFW} 010 add deny ip from 219.244.0.0/14 to any
 ${IPFW} 010 add deny ip from 220.112.0.0/14 to any
 ${IPFW} 010 add deny ip from 220.160.0.0/11 to any
 ${IPFW} 010 add deny ip from 220.192.0.0/12 to any
 ${IPFW} 010 add deny ip from 220.248.0.0/14 to any
 ${IPFW} 010 add deny ip from 220.252.0.0/16 to any
 ${IPFW} 010 add deny ip from 221.0.0.0/14 to any
 ${IPFW} 010 add deny ip from 221.4.0.0/15 to any
 ${IPFW} 010 add deny ip from 221.6.0.0/16 to any
 ${IPFW} 010 add deny ip from 221.7.0.0/18 to any
 ${IPFW} 010 add deny ip from 221.7.64.0/19 to any
 ${IPFW} 010 add deny ip from 221.7.128.0/17 to any
 ${IPFW} 010 add deny ip from 221.8.0.0/15 to any
 ${IPFW} 010 add deny ip from 221.10.0.0/16 to any
 ${IPFW} 010 add deny ip from 221.11.0.0/17 to any
 ${IPFW} 010 add deny ip from 221.11.128.0/18 to any
 ${IPFW} 010 add deny ip from 221.11.192.0/19 to any
 ${IPFW} 010 add deny ip from 221.12.0.0/17 to any
 ${IPFW} 010 add deny ip from 221.12.128.0/18 to any
 ${IPFW} 010 add deny ip from 221.13.0.0/18 to any
 ${IPFW} 010 add deny ip from 221.13.64.0/19 to any
 ${IPFW} 010 add deny ip from 221.13.128.0/17 to any
 ${IPFW} 010 add deny ip from 221.14.0.0/15 to any
 ${IPFW} 010 add deny ip from 221.122.0.0/15 to any
 ${IPFW} 010 add deny ip from 221.129.0.0/16 to any
 ${IPFW} 010 add deny ip from 221.130.0.0/15 to any
 ${IPFW} 010 add deny ip from 221.136.0.0/15 to any
 ${IPFW} 010 add deny ip from 221.172.0.0/14 to any
 ${IPFW} 010 add deny ip from 221.176.0.0/13 to any
 ${IPFW} 010 add deny ip from 221.192.0.0/15 to any
 ${IPFW} 010 add deny ip from 221.194.0.0/16 to any
 ${IPFW} 010 add deny ip from 221.196.0.0/15 to any
 ${IPFW} 010 add deny ip from 221.198.0.0/16 to any
 ${IPFW} 010 add deny ip from 221.199.0.0/19 to any
 ${IPFW} 010 add deny ip from 221.199.32.0/20 to any
 ${IPFW} 010 add deny ip from 221.199.128.0/18 to any
 ${IPFW} 010 add deny ip from 221.199.192.0/20 to any
 ${IPFW} 010 add deny ip from 221.200.0.0/14 to any
 ${IPFW} 010 add deny ip from 221.204.0.0/15 to any
 ${IPFW} 010 add deny ip from 221.207.0.0/18 to any
 ${IPFW} 010 add deny ip from 221.208.0.0/14 to any
 ${IPFW} 010 add deny ip from 221.212.0.0/16 to any
 ${IPFW} 010 add deny ip from 221.214.0.0/15 to any
 ${IPFW} 010 add deny ip from 221.216.0.0/13 to any
 ${IPFW} 010 add deny ip from 221.224.0.0/12 to any
 ${IPFW} 010 add deny ip from 222.16.0.0/12 to any
 ${IPFW} 010 add deny ip from 222.32.0.0/11 to any
 ${IPFW} 010 add deny ip from 222.64.0.0/13 to any
 ${IPFW} 010 add deny ip from 222.72.0.0/15 to any
 ${IPFW} 010 add deny ip from 222.74.0.0/16 to any
 ${IPFW} 010 add deny ip from 222.76.0.0/14 to any
 ${IPFW} 010 add deny ip from 222.80.0.0/14 to any
 ${IPFW} 010 add deny ip from 222.84.0.0/16 to any
 ${IPFW} 010 add deny ip from 222.85.128.0/17 to any
 ${IPFW} 010 add deny ip from 222.86.0.0/15 to any
 ${IPFW} 010 add deny ip from 222.128.0.0/12 to any
 ${IPFW} 010 add deny ip from 222.160.0.0/15 to any
 ${IPFW} 010 add deny ip from 222.162.0.0/16 to any
 ${IPFW} 010 add deny ip from 222.163.0.0/19 to any
 ${IPFW} 010 add deny ip from 222.232.0.0/13 to any
 ${IPFW} 010 add deny ip from 222.240.0.0/13 to any
 ${IPFW} 010 add deny ip from 222.248.0.0/15 to any
 
 ### ICMP 用ルール - ADSL では ICMP をブロックしてはならない
 ${IPFW} 100 add ${ALLOW} icmp from any to any
 
 ### ループバックパケットの許可
 ${IPFW} 200 add ${ALLOW} ip from any to any via lo0
 
 ### 断片化されたパケットの破棄
 ${IPFW} 300 add ${DENY} ip from any to any via tun0 frag
 
 ### 内側のネットワークは制限無し
 ${IPFW} 400 add ${ALLOW} ip from 192.168.1.0/24 to any via rl1
 ${IPFW} 410 add ${ALLOW} ip from any to 192.168.1.0/24 via rl1
 
 ### アドレス詐称パケットの拒否
 ${IPFW} 500 add ${DENY} ip from 192.168.1.0/24 to any recv tun0
 ${IPFW} 510 add ${DENY} ip from 127.0.0.1 to any recv tun0
 ${IPFW} 520 add ${DENY} ip from any to 127.0.0.0/8
 ${IPFW} 530 add ${DENY} ip from 127.0.0.0/8 to any
 
 ### NetBIOS を破棄
 ${IPFW} 600 add deny tcp from any 137-139,445 to any
 ${IPFW} 610 add deny udp from any 137-139,445 to any
 ${IPFW} 620 add deny tcp from any to any 137-139,445
 ${IPFW} 630 add deny udp from any to any 137-139,445
 ${IPFW} 640 add deny tcp from any 135 to any
 ${IPFW} 650 add deny udp from any 135 to any
 ${IPFW} 660 add deny tcp from any to any 135
 ${IPFW} 670 add deny udp from any to any 135
 
 
 ### NAT 用
 ${IPFW} 900 add divert 8668 ip from any to any via tun0
 
 ### パケットが既に確立されているパケットを許可
 ${IPFW} 1000 add ${ALLOW} tcp from any to any established
 
 ### tun0 を通過する内部から外側へのすべてのパケット通過の許可
 ${IPFW} 1010 add ${ALLOW} ip from any to any out via tun0
 
 ### 外部 DNS 参照時の要求と返答を許可
 ${IPFW} 1300 add ${ALLOW} udp from any to any 53
 ${IPFW} 1310 add ${ALLOW} udp from any 53 to any
 
 ### 外からの HTTP(S) を許可
 ${IPFW} 1400 add ${ALLOW} tcp from any to 192.168.1.1 80 setup
 ${IPFW} 1410 add ${ALLOW} tcp from any to 192.168.1.1 443 setup
 
 ### 外からの SMTP を許可
 ${IPFW} 1500 add ${ALLOW} tcp from any to 192.168.1.1 25 setup
 
 ### NTP 返信を許可
 ${IPFW} 1600 add ${ALLOW} udp from any 123 to any
 
 ### SNMP 返信を許可
 ${IPFW} 1700 add ${ALLOW} udp from any 161 to any
 
 ### 外からの POP3 を許可
 ${IPFW} 1800 add ${ALLOW} tcp from any to 192.168.1.1 110 setup
 
 ### 外からの IMAP を許可
 ${IPFW} 1850 add ${ALLOW} tcp from any to 192.168.1.1 143 setup
 
 ### 外からの FTP を許可
 ${IPFW} 1900 add ${ALLOW} tcp from any to 192.168.1.1 20 setup
 ${IPFW} 1910 add ${ALLOW} udp from any to 192.168.1.1 20
 ${IPFW} 1920 add ${ALLOW} tcp from any to 192.168.1.1 21 setup
 ${IPFW} 1930 add ${ALLOW} udp from any to 192.168.1.1 21
 
 # PASV 用
 ${IPFW} 1940 add ${ALLOW} tcp from any to 192.168.1.1 7000-7030
 ${IPFW} 1950 add ${ALLOW} udp from any to 192.168.1.1 7000-7030
 
 # WinMX用
 ${IPFW} 1960 add ${ALLOW} tcp from any to 192.168.1.15 11624
 
 #MapleStory パッチ用
 ${IPFW} 1980 add ${ALLOW} tcp from any 20 to any
 
 #IDENTには答えない
 ${IPFW} 1985 add reset tcp from any to 192.168.1.1 113 in recv any
 
 ### ICQ を許可
 ${IPFW} 2000 add ${ALLOW} udp from any 4000 to any in recv tun0
 
 ### 外からの SSH を許可
 ${IPFW} 2100 add ${ALLOW} tcp from any to 192.168.1.11 22 setup
 
 ### それ以外はログを取って全て拒否
 ${IPFW} 9900 add ${DENY} tcp from any to any
 
 ### keep-state を使った、LAN から外部への UDP 通信の許可
 ${IPFW} 20000 add ${ALLOW} udp from any to any keep-state out via tun0
 ${IPFW} 20010 add check-state
 
 ### それ以外の UDP パケットの禁止
 ${IPFW} 20020 add ${DENY} udp from any to any
 
 ### Default setting. Don't chage! ##############
 #ipfw 65536 add deny ip any to any
 ################################################

**''再起動''&aname(F); [#m40da2f9]
ここまで設定できたら、再起動をかける~
 # reboot
ナビゲーション

検索

ツールボックス

最新の40件

FreeBSD/PPPOE の変更点
