From owner-freebsd-users-jp@FreeBSD.ORG  Thu Mar 26 17:07:35 2015
Return-Path: <owner-freebsd-users-jp@FreeBSD.ORG>
Delivered-To: freebsd-users-jp@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 7AB36875
 for <freebsd-users-jp@FreeBSD.org>; Thu, 26 Mar 2015 17:07:35 +0000 (UTC)
Received: from montes3.cim.es (m225.cim.es [89.17.211.119])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 123C58F7
 for <freebsd-users-jp@FreeBSD.org>; Thu, 26 Mar 2015 17:07:34 +0000 (UTC)
Received: from proxy4.ayto-ciudadreal.es (aytoib4.ayto-ciudadreal.es
 [149.12.68.131])
 by montes3.cim.es (8.14.9/8.13.5) with ESMTP id t2QH6naf000450
 for <freebsd-users-jp@FreeBSD.org>; Thu, 26 Mar 2015 18:06:50 +0100
Received: from TWMDM01 (60-249-226-209.HINET-IP.hinet.net [60.249.226.209])
 (authenticated bits=0)
 by proxy4.ayto-ciudadreal.es (8.14.8/8.13.5) with ESMTP id t2QErRoU000685
 for <freebsd-users-jp@FreeBSD.org>; Thu, 26 Mar 2015 18:05:44 +0100
Message-Id: <201503261705.t2QErRoU000685@proxy4.ayto-ciudadreal.es>
From: "Jorge Kiong" <j.kiong@gmail.com>
To: freebsd-users-jp@FreeBSD.org
MIME-Version: 1.0
Reply-To: j.kiong@aol.com
Date: Fri, 27 Mar 2015 01:07:29 +0800
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1
Subject: [FreeBSD-users-jp 95492] Thu 3/26/15
X-BeenThere: freebsd-users-jp@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Discussion relevant to FreeBSD communities in Japan
 <freebsd-users-jp.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-users-jp>, 
 <mailto:freebsd-users-jp-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-users-jp/>
List-Post: <mailto:freebsd-users-jp@freebsd.org>
List-Help: <mailto:freebsd-users-jp-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-users-jp>, 
 <mailto:freebsd-users-jp-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Mar 2015 17:07:35 -0000

 - This mail is in HTML. Some elements may be ommited in plain text. -

Sir,
I am the Head of Finance at Finance One Hong Kong Limited, a leading f=
inancial and asset Management Company here in Hong Kong.
I am in control of funds from a consortium of Private Investors  for l=
ong term investments.

If you are in need of funds to expand existing businesses or to start =
up a new project, then look no further as we would be more than deligh=
ted to work with you.
We are driven by a project's credibility to yield investment returns a=
nd should we ascertain your project as such, we will engage our funds =
at guaranteed 3% Fixed Interest Rate per annum but strictly in form of=
 Loans.
Regards,
Jorge Kiong
Finance One Hong Kong Limited

From owner-freebsd-users-jp@FreeBSD.ORG  Fri Mar 27 13:37:36 2015
Return-Path: <owner-freebsd-users-jp@FreeBSD.ORG>
Delivered-To: freebsd-users-jp@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id A677327B
 for <freebsd-users-jp@freebsd.org>; Fri, 27 Mar 2015 13:37:36 +0000 (UTC)
Received: from msa04a.plala.or.jp (msa04.plala.or.jp [58.93.240.4])
 by mx1.freebsd.org (Postfix) with ESMTP id 1F82032A
 for <freebsd-users-jp@freebsd.org>; Fri, 27 Mar 2015 13:37:35 +0000 (UTC)
Received: from msc01.plala.or.jp ([172.23.12.31]) by msa04b.plala.or.jp
 with ESMTP
 id <20150327133638.QGIT25829.msa04b.plala.or.jp@msc01.plala.or.jp>
 for <freebsd-users-jp@freebsd.org>; Fri, 27 Mar 2015 22:36:38 +0900
Received: from [192.168.11.2] (really [219.119.3.41]) by msc01.plala.or.jp
 with ESMTP
 id <20150327133638.IQFN18231.msc01.plala.or.jp@[192.168.11.2]>
 for <freebsd-users-jp@freebsd.org>; Fri, 27 Mar 2015 22:36:38 +0900
Date: Fri, 27 Mar 2015 22:36:32 +0900
From: Tetsuya Ito <chaltier@agate.plala.or.jp>
To: freebsd-users-jp@freebsd.org
Message-Id: <20150327223631.CC77.A7D5A726@agate.plala.or.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
X-Mailer: Becky! ver. 2.64.06 [ja]
X-VirusScan: Outbound; msa04m; Fri, 27 Mar 2015 22:36:39 +0900
Subject: [FreeBSD-users-jp 95493]
 =?iso-2022-jp?b?aXBmdxskQiRHRkNEahsoQklQGyRCMEozMCROQFxCMyRyGyhC?=
 =?iso-2022-jp?b?GyRCRT5BdyQ3JD8kJBsoQg==?=
X-BeenThere: freebsd-users-jp@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Discussion relevant to FreeBSD communities in Japan
 <freebsd-users-jp.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-users-jp>, 
 <mailto:freebsd-users-jp-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-users-jp/>
List-Post: <mailto:freebsd-users-jp@freebsd.org>
List-Help: <mailto:freebsd-users-jp-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-users-jp>, 
 <mailto:freebsd-users-jp-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Mar 2015 13:37:36 -0000

伊藤です。

ipfwを利用して、特定IP以外からのssh(22/tcp)アクセスは
違うポート(2222/tcp)に転送したいと考えています。

特定IPから22/tcpで接続した場合は普通にsshに接続されるが、
それ以外からの22/tcp接続は、kippo(2222/tcp)へ接続させたいと考えています。

そこで、ipfwの設定ファイルに下記の記載をしてみました。

add 1001 fwd 127.0.0.1,2222 log tcp from not <特定IP> to me 22

接続テストをしたところ、2222に接続せず、そのまま22/tcpのsshに
接続されました。

/var/log/securityには下記の出力がありましたので、
追加したルールには該当しているようです。

kernel: ipfw: 1001 Forward to 127.0.0.1:2222 TCP 192.168.11.2:50373
192.168.11.3:22 in via sk0

この要件を満たす事はipfwのfwdでは実現できないのでしょうか。
お知恵をお貸し頂けませんでしょうか。