&os; ¾å¤Ç IPsec ¤òÀßÄê¤¹¤ë¡£

From owner-svn-doc-all@freebsd.org Sun Feb 25 00:19:06 2018 Return-Path: Delivered-To: svn-doc-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 07490F2F8FA; Sun, 25 Feb 2018 00:19:06 +0000 (UTC) (envelope-from ryusuke@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A8CDB7F0D7; Sun, 25 Feb 2018 00:19:05 +0000 (UTC) (envelope-from ryusuke@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 839C12CBFB; Sun, 25 Feb 2018 00:19:05 +0000 (UTC) (envelope-from ryusuke@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w1P0J5g6099679; Sun, 25 Feb 2018 00:19:05 GMT (envelope-from ryusuke@FreeBSD.org) Received: (from ryusuke@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w1P0J5kF099678; Sun, 25 Feb 2018 00:19:05 GMT (envelope-from ryusuke@FreeBSD.org) Message-Id: <201802250019.w1P0J5kF099678@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ryusuke set sender to ryusuke@FreeBSD.org using -f From: Ryusuke SUZUKI Date: Sun, 25 Feb 2018 00:19:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r51445 - head/ja_JP.eucJP/books/handbook/security X-SVN-Group: doc-head X-SVN-Commit-Author: ryusuke X-SVN-Commit-Paths: head/ja_JP.eucJP/books/handbook/security X-SVN-Commit-Revision: 51445 X-SVN-Commit-Repository: doc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "SVN commit messages for the entire doc trees $except for " user" , " projects" , and " translations" $" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Feb 2018 00:19:06 -0000 Author: ryusuke Date: Sun Feb 25 00:19:05 2018 New Revision: 51445 URL: https://svnweb.freebsd.org/changeset/doc/51445 Log: - Merge the following from the English version: r42266 -> r42267 head/ja_JP.eucJP/books/handbook/security/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/security/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/security/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/security/chapter.xml Sat Feb 24 08:34:51 2018 (r51444) +++ head/ja_JP.eucJP/books/handbook/security/chapter.xml Sun Feb 25 00:19:05 2018 (r51445) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r42266 + Original revision: r42267 $FreeBSD$ --> @@ -2705,61 +2705,63 @@ device crypto - - &os; ¾å¤Ç IPsec ¤òÀßÄê¤¹¤ë¡£ - - - - Tom - Rhodes - - -

trhodes@FreeBSD.org

- - ´ó¹Æ: - - - + + + &os; ¾å¤Ç IPsec ¤òÀßÄê¤¹¤ë¡£ + + + + Tom + Rhodes + + +

trhodes@FreeBSD.org

+ + ´ó¹Æ: + + + - ºÇ½é¤Ë Ports Collection ¤«¤é - security/ipsec-tools - ¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤Æ¤¯¤À¤µ¤¤¡£ - ¤³¤Î¥½¥Õ¥È¥¦¥§¥¢¤Ï¡¢ - ÀßÄê¤ò¥µ¥Ý¡¼¥È¤¹¤ë¿ôÂ¿¤¯¤Î¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤òÄó¶¡¤·¤Þ¤¹¡£ + ºÇ½é¤Ë Ports Collection ¤«¤é + security/ipsec-tools + ¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤Æ¤¯¤À¤µ¤¤¡£ + ¤³¤Î¥½¥Õ¥È¥¦¥§¥¢¤Ï¡¢ + ÀßÄê¤ò¥µ¥Ý¡¼¥È¤¹¤ë¿ôÂ¿¤¯¤Î¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤òÄó¶¡¤·¤Þ¤¹¡£ - ¼¡¤Ë¡¢¥Ñ¥±¥Ã¥È¤ò¥È¥ó¥Í¥ê¥ó¥°¤·¡¢ - Î¾Êý¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤¬Å¬ÀÚ¤ËÄÌ¿®¤¹¤ë¤è¤¦¤Ë¡¢ - 2 ¤Ä¤Î &man.gif.4; µ¿»÷¥Ç¥Ð¥¤¥¹¤òºîÀ®¤·¤Þ¤¹¡£ - root - ¸¢¸Â¤Ç°Ê²¼¤Î¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤·¤Æ¤¯¤À¤µ¤¤¡£ - ¤¿¤À¤·¡¢¼Â¹Ô¤¹¤ëºÝ¤Ë¤Ï¡¢°Ê²¼¤Î¥³¥Þ¥ó¥É¤ÎÃæ¤Î - internal ¤ª¤è¤Ó - external ¤ò¡¢ - 2 ¤Ä¤Î¥²¡¼¥È¥¦¥§¥¤¤ÎÆâÉô¤ª¤è¤Ó³°Éô¥¤¥ó¥¿¥Õ¥§¡¼¥¹¤Î¼ÂºÝ¤Î - IP ¥¢¥É¥ì¥¹¤ËÃÖ¤´¹¤¨¤Æ¤¯¤À¤µ¤¤¡£ + ¼¡¤Ë¡¢¥Ñ¥±¥Ã¥È¤ò¥È¥ó¥Í¥ê¥ó¥°¤·¡¢ + Î¾Êý¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤¬Å¬ÀÚ¤ËÄÌ¿®¤¹¤ë¤è¤¦¤Ë¡¢ + 2 ¤Ä¤Î &man.gif.4; µ¿»÷¥Ç¥Ð¥¤¥¹¤òºîÀ®¤·¤Þ¤¹¡£ + root + ¸¢¸Â¤Ç°Ê²¼¤Î¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤·¤Æ¤¯¤À¤µ¤¤¡£ + ¤¿¤À¤·¡¢¼Â¹Ô¤¹¤ëºÝ¤Ë¤Ï¡¢°Ê²¼¤Î¥³¥Þ¥ó¥É¤ÎÃæ¤Î + internal ¤ª¤è¤Ó + external ¤ò¡¢ + 2 ¤Ä¤Î¥²¡¼¥È¥¦¥§¥¤¤ÎÆâÉô¤ª¤è¤Ó³°Éô¥¤¥ó¥¿¥Õ¥§¡¼¥¹¤Î¼ÂºÝ¤Î + IP ¥¢¥É¥ì¥¹¤ËÃÖ¤´¹¤¨¤Æ¤¯¤À¤µ¤¤¡£ - &prompt.root; ifconfig gif0 create + &prompt.root; ifconfig gif0 create - &prompt.root; ifconfig gif0 internal1 internal2 + &prompt.root; ifconfig gif0 internal1 internal2 - &prompt.root; ifconfig gif0 tunnel external1 external2 + &prompt.root; ifconfig gif0 tunnel external1 external2 - ¤³¤ÎÎã¤Ç¤Ï¡¢²ñ¼Ò¤Î LAN ¤Î³°Éô - IP ¥¢¥É¥ì¥¹¤ò - 172.16.5.4¡¢ - ÆâÉô IP ¥¢¥É¥ì¥¹¤ò - 10.246.38.1 - ¤È¤·¤Þ¤¹¡£¤Þ¤¿¡¢²ÈÄí - LAN ¤Î³°Éô IP ¥¢¥É¥ì¥¹¤ò - 192.168.1.12¡¢ - ÆâÉô¤Î¥×¥é¥¤¥Ù¡¼¥È IP ¥¢¥É¥ì¥¹¤ò - 10.0.0.5 - ¤È¤·¤Þ¤¹¡£ + ¤³¤ÎÎã¤Ç¤Ï¡¢²ñ¼Ò¤Î LAN ¤Î³°Éô + IP ¥¢¥É¥ì¥¹¤ò + 172.16.5.4¡¢ + ÆâÉô IP ¥¢¥É¥ì¥¹¤ò + 10.246.38.1 + ¤È¤·¤Þ¤¹¡£¤Þ¤¿¡¢²ÈÄí + LAN ¤Î³°Éô IP ¥¢¥É¥ì¥¹¤ò + 192.168.1.12¡¢ + ÆâÉô¤Î¥×¥é¥¤¥Ù¡¼¥È IP ¥¢¥É¥ì¥¹¤ò + 10.0.0.5 + ¤È¤·¤Þ¤¹¡£ - ¤³¤ÎÀâÌÀ¤ÇÊ¬¤«¤ê¤Ë¤¯¤¤¾ì¹ç¤Ï¡¢°Ê²¼¤Î - &man.ifconfig.8; ¥³¥Þ¥ó¥É¤Î½ÐÎÏÎã¤ò¤´Í÷¤¯¤À¤µ¤¤¡£ + ¤³¤ÎÀâÌÀ¤ÇÊ¬¤«¤ê¤Ë¤¯¤¤¾ì¹ç¤Ï¡¢°Ê²¼¤Î + &man.ifconfig.8; ¥³¥Þ¥ó¥É¤Î½ÐÎÏÎã¤ò¤´Í÷¤¯¤À¤µ¤¤¡£ - Gateway 1: + Gateway 1: + gif0: flags=8051 mtu 1280 tunnel inet 172.16.5.4 --> 192.168.1.12 inet6 fe80::2e0:81ff:fe02:5881%gif0 prefixlen 64 scopeid 0x6 @@ -2772,11 +2774,11 @@ tunnel inet 192.168.1.12 --> 172.16.5.4 inet 10.0.0.5 --> 10.246.38.1 netmask 0xffffff00 inet6 fe80::250:bfff:fe3a:c1f%gif0 prefixlen 64 scopeid 0x4 - ÀßÄê¤¬´°Î»¤·¤¿¤é¡¢Î¾Êý¤ÎÆâÉô IP - ¥¢¥É¥ì¥¹¤Ï¡¢&man.ping.8; - ¤ÇÅþÃ£¤Ç¤¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤Ï¤º¤Ç¤¹¡£ + ÀßÄê¤¬´°Î»¤·¤¿¤é¡¢Î¾Êý¤ÎÆâÉô IP + ¥¢¥É¥ì¥¹¤Ï¡¢&man.ping.8; + ¤ÇÅþÃ£¤Ç¤¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤Ï¤º¤Ç¤¹¡£ - priv-net# ping 10.0.0.5 + priv-net# ping 10.0.0.5 PING 10.0.0.5 (10.0.0.5): 56 data bytes 64 bytes from 10.0.0.5: icmp_seq=0 ttl=64 time=42.786 ms 64 bytes from 10.0.0.5: icmp_seq=1 ttl=64 time=19.255 ms @@ -2797,27 +2799,26 @@ PING 10.246.38.1 (10.246.38.1): 56 data bytes 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 28.106/94.594/154.524/49.814 ms - Í½ÁÛÄÌ¤ê¡¢¥×¥é¥¤¥Ù¡¼¥È¥¢¥É¥ì¥¹¤ò»È¤Ã¤Æ¡¢ - Î¾Êý¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤«¤é ICMP - ¥Ñ¥±¥Ã¥È¤òÁ÷¼õ¿®¤Ç¤¤Þ¤¹¡£ - ¼¡¤Ë¡¢¤É¤Á¤é¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤«¤é¤â¥á¥Ã¥»¡¼¥¸¤òÁ÷¿®¤Ç¤¤ë¤è¤¦¤Ë¡¢ - ¥Ñ¥±¥Ã¥È¤Î¥ë¡¼¥Æ¥£¥ó¥°¾ðÊó¤ò - Î¾Êý¤Î¥²¡¼¥È¥¦¥§¥¤¤ËÀßÄê¤¹¤ëÉ¬Í×¤¬¤¢¤ê¤Þ¤¹¡£ - ¤³¤ì¤Ï°Ê²¼¤Î¥³¥Þ¥ó¥É¤ÇÀßÄê¤Ç¤¤Þ¤¹¡£ + Í½ÁÛÄÌ¤ê¡¢¥×¥é¥¤¥Ù¡¼¥È¥¢¥É¥ì¥¹¤ò»È¤Ã¤Æ¡¢ + Î¾Êý¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤«¤é ICMP + ¥Ñ¥±¥Ã¥È¤òÁ÷¼õ¿®¤Ç¤¤Þ¤¹¡£ + ¼¡¤Ë¡¢¤É¤Á¤é¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤«¤é¤â¥á¥Ã¥»¡¼¥¸¤òÁ÷¿®¤Ç¤¤ë¤è¤¦¤Ë¡¢ + ¥Ñ¥±¥Ã¥È¤Î¥ë¡¼¥Æ¥£¥ó¥°¾ðÊó¤òÎ¾Êý¤Î¥²¡¼¥È¥¦¥§¥¤¤ËÀßÄê¤¹¤ëÉ¬Í×¤¬¤¢¤ê¤Þ¤¹¡£ + ¤³¤ì¤Ï°Ê²¼¤Î¥³¥Þ¥ó¥É¤ÇÀßÄê¤Ç¤¤Þ¤¹¡£ - &prompt.root; corp-net# route add 10.0.0.0 10.0.0.5 255.255.255.0 + &prompt.root; corp-net# route add 10.0.0.0 10.0.0.5 255.255.255.0 - &prompt.root; corp-net# route add net 10.0.0.0: gateway 10.0.0.5 + &prompt.root; corp-net# route add net 10.0.0.0: gateway 10.0.0.5 - &prompt.root; priv-net# route add 10.246.38.0 10.246.38.1 255.255.255.0 + &prompt.root; priv-net# route add 10.246.38.0 10.246.38.1 255.255.255.0 - &prompt.root; priv-net# route add host 10.246.38.0: gateway 10.246.38.1 + &prompt.root; priv-net# route add host 10.246.38.0: gateway 10.246.38.1 - ¤³¤ì¤Ç¡¢¥Í¥Ã¥È¥ï¡¼¥¯Æâ¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Ï¡¢ - ¥²¡¼¥È¥¦¥§¥¤¤ª¤è¤Ó¥²¡¼¥È¥¦¥§¥¤¤Î±ü¤Î¥³¥ó¥Ô¥å¡¼¥¿¤«¤éÅþÃ£²ÄÇ½¤È¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£ - ¤â¤¦°ìÅÙ &man.ping.8; ¤Ç³ÎÇ§¤·¤Æ¤¯¤À¤µ¤¤¡£ + ¤³¤ì¤Ç¡¢¥Í¥Ã¥È¥ï¡¼¥¯Æâ¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Ï¡¢ + ¥²¡¼¥È¥¦¥§¥¤¤ª¤è¤Ó¥²¡¼¥È¥¦¥§¥¤¤Î±ü¤Î¥³¥ó¥Ô¥å¡¼¥¿¤«¤éÅþÃ£²ÄÇ½¤È¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£ + ¤â¤¦°ìÅÙ &man.ping.8; ¤Ç³ÎÇ§¤·¤Æ¤¯¤À¤µ¤¤¡£ - corp-net# ping 10.0.0.8 + corp-net# ping 10.0.0.8 PING 10.0.0.8 (10.0.0.8): 56 data bytes 64 bytes from 10.0.0.8: icmp_seq=0 ttl=63 time=92.391 ms 64 bytes from 10.0.0.8: icmp_seq=1 ttl=63 time=21.870 ms @@ -2839,15 +2840,15 @@ PING 10.246.38.1 (10.246.38.107): 56 data bytes 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 21.145/31.721/53.491/12.179 ms - ¥È¥ó¥Í¥ê¥ó¥°¤ÎÀßÄê¤Ï°Ê¾å¤Î¤è¤¦¤Ë´ÊÃ±¤Ç¤¹¤¬¡¢ - ¥ê¥ó¥¯¤ò°ÂÁ´¤Ë¤¹¤ë¤Ë¤Ï¡¢¤â¤¦¾¯¤··¡¤ê²¼¤²¤¿ÀßÄê¤¬É¬Í×¤È¤Ê¤ê¤Þ¤¹¡£ - °Ê²¼¤ÎÀßÄê¤Ç¤Ï¡¢»öÁ°¶¦Í (PSK) - RSA ¸°¤ò»È¤¤¤Þ¤¹¡£ - IP ¥¢¥É¥ì¥¹¤ò½ü¤±¤Ð¡¢Î¾Êý¤Î¥²¡¼¥È¥¦¥§¥¤¤Î - /usr/local/etc/racoon/racoon.conf - ¤ÏÆ±¤¸¤Ç¡¢°Ê²¼¤Î¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£ + ¥È¥ó¥Í¥ê¥ó¥°¤ÎÀßÄê¤Ï°Ê¾å¤Î¤è¤¦¤Ë´ÊÃ±¤Ç¤¹¤¬¡¢ + ¥ê¥ó¥¯¤ò°ÂÁ´¤Ë¤¹¤ë¤Ë¤Ï¡¢¤â¤¦¾¯¤··¡¤ê²¼¤²¤¿ÀßÄê¤¬É¬Í×¤È¤Ê¤ê¤Þ¤¹¡£ + °Ê²¼¤ÎÀßÄê¤Ç¤Ï¡¢»öÁ°¶¦Í (PSK) + RSA ¸°¤ò»È¤¤¤Þ¤¹¡£ + IP ¥¢¥É¥ì¥¹¤ò½ü¤±¤Ð¡¢Î¾Êý¤Î¥²¡¼¥È¥¦¥§¥¤¤Î + /usr/local/etc/racoon/racoon.conf + ¤ÏÆ±¤¸¤Ç¡¢°Ê²¼¤Î¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£ - path pre_shared_key "/usr/local/etc/racoon/psk.txt"; #location of pre-shared key file + path pre_shared_key "/usr/local/etc/racoon/psk.txt"; #location of pre-shared key file log debug; #log verbosity setting: set to 'notify' when testing and debugging is complete padding # options are not to be changed @@ -2905,37 +2906,37 @@ sainfo (address 10.246.38.0/24 any address 10.0.0.0/2 compression_algorithm deflate; } - ÍøÍÑ²ÄÇ½¤Ê¥ª¥×¥·¥ç¥ó¤ÎÀâÌÀ¤Ë¤Ä¤¤¤Æ¤Ï¡¢ - racoon - ¤Î¥Þ¥Ë¥å¥¢¥ë¥Ú¡¼¥¸¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£ + ÍøÍÑ²ÄÇ½¤Ê¥ª¥×¥·¥ç¥ó¤ÎÀâÌÀ¤Ë¤Ä¤¤¤Æ¤Ï¡¢ + racoon + ¤Î¥Þ¥Ë¥å¥¢¥ë¥Ú¡¼¥¸¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£ - &os; ¤ª¤è¤Ó racoon - ¤¬¥Û¥¹¥È´Ö¤Î¥Í¥Ã¥È¥ï¡¼¥¯¥È¥é¥Õ¥£¥Ã¥¯¤ò°Å¹æ²½¡¢ - Éü¹æ²½¤Ç¤¤ë¤è¤¦¤Ë¤¹¤ë¤Ë¤Ï¡¢ - Security Policy Database (SPD) - ¤ÎÀßÄê¤¬É¬Í×¤Ç¤¹¡£ + &os; ¤ª¤è¤Ó racoon + ¤¬¥Û¥¹¥È´Ö¤Î¥Í¥Ã¥È¥ï¡¼¥¯¥È¥é¥Õ¥£¥Ã¥¯¤ò°Å¹æ²½¡¢ + Éü¹æ²½¤Ç¤¤ë¤è¤¦¤Ë¤¹¤ë¤Ë¤Ï¡¢ + Security Policy Database (SPD) + ¤ÎÀßÄê¤¬É¬Í×¤Ç¤¹¡£ - ¤³¤ì¤Ï¡¢²ñ¼Ò¤Î¥²¡¼¥È¥¦¥§¥¤¾å¤Ç¡¢ - °Ê²¼¤Î¤è¤¦¤Ê¥·¥§¥ë¥¹¥¯¥ê¥×¥È¤ÇÀßÄê¤Ç¤¤Þ¤¹¡£ - ¤³¤Î¥Õ¥¡¥¤¥ë¤ò¥·¥¹¥Æ¥à¤Î½é´ü²½Ãæ¤Ë»È¤ï¤ì¤ë¤è¤¦¤Ë¤¹¤ë¤Ë¤Ï¡¢ - /usr/local/etc/racoon/setkey.conf - ¤ËÊÝÂ¸¤¹¤ëÉ¬Í×¤¬¤¢¤ê¤Þ¤¹¡£ + ¤³¤ì¤Ï¡¢²ñ¼Ò¤Î¥²¡¼¥È¥¦¥§¥¤¾å¤Ç¡¢ + °Ê²¼¤Î¤è¤¦¤Ê¥·¥§¥ë¥¹¥¯¥ê¥×¥È¤ÇÀßÄê¤Ç¤¤Þ¤¹¡£ + ¤³¤Î¥Õ¥¡¥¤¥ë¤ò¥·¥¹¥Æ¥à¤Î½é´ü²½Ãæ¤Ë»È¤ï¤ì¤ë¤è¤¦¤Ë¤¹¤ë¤Ë¤Ï¡¢ + /usr/local/etc/racoon/setkey.conf + ¤ËÊÝÂ¸¤¹¤ëÉ¬Í×¤¬¤¢¤ê¤Þ¤¹¡£ - flush; + flush; spdflush; # To the home network spdadd 10.246.38.0/24 10.0.0.0/24 any -P out ipsec esp/tunnel/172.16.5.4-192.168.1.12/use; spdadd 10.0.0.0/24 10.246.38.0/24 any -P in ipsec esp/tunnel/192.168.1.12-172.16.5.4/use; - ÀßÄê¥Õ¥¡¥¤¥ë¤òÅ¬ÀÚ¤ËÃÖ¤¯¤È¡¢°Ê²¼¤Î¥³¥Þ¥ó¥É¤Ë¤è¤ê¡¢ - Î¾Êý¤Î¥²¡¼¥È¥¦¥§¥¤¾å¤Ç racoon - ¤òµ¯Æ°¤Ç¤¤Þ¤¹¡£ + ÀßÄê¥Õ¥¡¥¤¥ë¤òÅ¬ÀÚ¤ËÃÖ¤¯¤È¡¢°Ê²¼¤Î¥³¥Þ¥ó¥É¤Ë¤è¤ê¡¢ + Î¾Êý¤Î¥²¡¼¥È¥¦¥§¥¤¾å¤Ç racoon + ¤òµ¯Æ°¤Ç¤¤Þ¤¹¡£ - &prompt.root; /usr/local/sbin/racoon -F -f /usr/local/etc/racoon/racoon.conf -l /var/log/racoon.log + &prompt.root; /usr/local/sbin/racoon -F -f /usr/local/etc/racoon/racoon.conf -l /var/log/racoon.log - ½ÐÎÏ¤Ï°Ê²¼¤Î¤è¤¦¤Ë¤Ê¤ë¤Ç¤·¤ç¤¦¡£ + ½ÐÎÏ¤Ï°Ê²¼¤Î¤è¤¦¤Ë¤Ê¤ë¤Ç¤·¤ç¤¦¡£ - corp-net# /usr/local/sbin/racoon -F -f /usr/local/etc/racoon/racoon.conf + corp-net# /usr/local/sbin/racoon -F -f /usr/local/etc/racoon/racoon.conf Foreground mode. 2006-01-30 01:35:47: INFO: begin Identity Protection mode. 2006-01-30 01:35:48: INFO: received Vendor ID: KAME/racoon @@ -2948,45 +2949,45 @@ n2006-01-30 01:36:04: INFO: ISAKMP-SA established 172. 2006-01-30 01:36:18: INFO: IPsec-SA established: ESP/Tunnel 192.168.1.12[0]->172.16.5.4[0] spi=124397467(0x76a279b) 2006-01-30 01:36:18: INFO: IPsec-SA established: ESP/Tunnel 172.16.5.4[0]->192.168.1.12[0] spi=175852902(0xa7b4d66) - ¥È¥ó¥Í¥ê¥ó¥°¤¬Å¬ÀÚ¤Ë¹Ô¤ï¤ì¤Æ¤¤¤ë¤«¤É¤¦¤«¤ò³ÎÇ§¤¹¤ë¤¿¤á¡¢ - ÊÌ¤Î¥³¥ó¥½¡¼¥ë¾å¤Ç &man.tcpdump.1; ¤ò»È¤¤¡¢ - °Ê²¼¤Î¤è¤¦¤Ê¥³¥Þ¥ó¥É¤Ç¥Í¥Ã¥È¥ï¡¼¥¯¤ÎÄÌ¿®¤ò³ÎÇ§¤·¤Æ¤¯¤À¤µ¤¤¡£ - ¤¿¤À¤·¡¢°Ê²¼¤ÎÎã¤Î em0 ¤ÎÉôÊ¬¤Ï¡¢ - É¬Í×¤Ë±þ¤¸¤Æ»ÈÍÑ¤·¤Æ¤¤¤ë¥Í¥Ã¥È¥ï¡¼¥¯¥¤¥ó¥¿¥Õ¥§¡¼¥¹¤ËÃÖ¤´¹¤¨¤Æ¤¯¤À¤µ¤¤¡£ + ¥È¥ó¥Í¥ê¥ó¥°¤¬Å¬ÀÚ¤Ë¹Ô¤ï¤ì¤Æ¤¤¤ë¤«¤É¤¦¤«¤ò³ÎÇ§¤¹¤ë¤¿¤á¡¢ + ÊÌ¤Î¥³¥ó¥½¡¼¥ë¾å¤Ç &man.tcpdump.1; ¤ò»È¤¤¡¢ + °Ê²¼¤Î¤è¤¦¤Ê¥³¥Þ¥ó¥É¤Ç¥Í¥Ã¥È¥ï¡¼¥¯¤ÎÄÌ¿®¤ò³ÎÇ§¤·¤Æ¤¯¤À¤µ¤¤¡£ + ¤¿¤À¤·¡¢°Ê²¼¤ÎÎã¤Î em0 ¤ÎÉôÊ¬¤Ï¡¢ + É¬Í×¤Ë±þ¤¸¤Æ»ÈÍÑ¤·¤Æ¤¤¤ë¥Í¥Ã¥È¥ï¡¼¥¯¥¤¥ó¥¿¥Õ¥§¡¼¥¹¤ËÃÖ¤´¹¤¨¤Æ¤¯¤À¤µ¤¤¡£ - &prompt.root; tcpdump -i em0 host 172.16.5.4 and dst 192.168.1.12 + &prompt.root; tcpdump -i em0 host 172.16.5.4 and dst 192.168.1.12 - °Ê²¼¤Î¤è¤¦¤Ê¥Ç¡¼¥¿¤¬¥³¥ó¥½¡¼¥ë¤ËÉ½¼¨¤µ¤ì¤Þ¤¹¡£ - ¤â¤·¡¢É½¼¨¤µ¤ì¤Ê¤¤¾ì¹ç¤Ï¡¢ÀßÄê¤Ë²¿¤«ÌäÂê¤¬¤¢¤ë¤Î¤Ç¡¢ - É½¼¨¤µ¤ì¤ë¥Ç¡¼¥¿¤ò»È¤Ã¤Æ¥Ç¥Ð¥Ã¥°¤¹¤ëÉ¬Í×¤¬¤¢¤ê¤Þ¤¹¡£ + °Ê²¼¤Î¤è¤¦¤Ê¥Ç¡¼¥¿¤¬¥³¥ó¥½¡¼¥ë¤ËÉ½¼¨¤µ¤ì¤Þ¤¹¡£ + ¤â¤·¡¢É½¼¨¤µ¤ì¤Ê¤¤¾ì¹ç¤Ï¡¢ÀßÄê¤Ë²¿¤«ÌäÂê¤¬¤¢¤ë¤Î¤Ç¡¢ + É½¼¨¤µ¤ì¤ë¥Ç¡¼¥¿¤ò»È¤Ã¤Æ¥Ç¥Ð¥Ã¥°¤¹¤ëÉ¬Í×¤¬¤¢¤ê¤Þ¤¹¡£ - 01:47:32.021683 IP corporatenetwork.com > 192.168.1.12.privatenetwork.com: ESP(spi=0x02acbf9f,seq=0xa) + 01:47:32.021683 IP corporatenetwork.com > 192.168.1.12.privatenetwork.com: ESP(spi=0x02acbf9f,seq=0xa) 01:47:33.022442 IP corporatenetwork.com > 192.168.1.12.privatenetwork.com: ESP(spi=0x02acbf9f,seq=0xb) 01:47:34.024218 IP corporatenetwork.com > 192.168.1.12.privatenetwork.com: ESP(spi=0x02acbf9f,seq=0xc) - ¤³¤ì¤Ç 2 ¤Ä¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤Ï¡¢ - 1 ¤Ä¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤Î¤è¤¦¤ËÍøÍÑ¤Ç¤¤Þ¤¹¡£ - Â¿¤¯¤Î¾ì¹ç¡¢ - Î¾Êý¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤Ï¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Ë¤è¤êÊÝ¸î¤µ¤ì¤Æ¤¤¤Þ¤¹¡£ - Î¾Êý¤òÎ®¤ì¤ëÄÌ¿®¤òµö²Ä¤¹¤ë¤Ë¤Ï¡¢ - ¥Ñ¥±¥Ã¥È¤¬Î¾Êý¤ò¹Ô¤Íè¤Ç¤¤ë¤è¤¦¤Ë¥ë¡¼¥ë¤òÄÉ²Ã¤¹¤ëÉ¬Í×¤¬¤¢¤ê¤Þ¤¹¡£ - &man.ipfw.8; ¤ò»È¤Ã¤¿¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Î¾ì¹ç¤Ï¡¢ - ¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤Ë¡¢°Ê²¼¤Î¹Ô¤òÄÉ²Ã¤·¤Æ¤¯¤À¤µ¤¤¡£ + ¤³¤ì¤Ç 2 ¤Ä¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤Ï¡¢ + 1 ¤Ä¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤Î¤è¤¦¤ËÍøÍÑ¤Ç¤¤Þ¤¹¡£ + Â¿¤¯¤Î¾ì¹ç¡¢ + Î¾Êý¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤Ï¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Ë¤è¤êÊÝ¸î¤µ¤ì¤Æ¤¤¤Þ¤¹¡£ + Î¾Êý¤òÎ®¤ì¤ëÄÌ¿®¤òµö²Ä¤¹¤ë¤Ë¤Ï¡¢ + ¥Ñ¥±¥Ã¥È¤¬Î¾Êý¤ò¹Ô¤Íè¤Ç¤¤ë¤è¤¦¤Ë¥ë¡¼¥ë¤òÄÉ²Ã¤¹¤ëÉ¬Í×¤¬¤¢¤ê¤Þ¤¹¡£ + &man.ipfw.8; ¤ò»È¤Ã¤¿¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Î¾ì¹ç¤Ï¡¢ + ¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤Ë¡¢°Ê²¼¤Î¹Ô¤òÄÉ²Ã¤·¤Æ¤¯¤À¤µ¤¤¡£ - ipfw add 00201 allow log esp from any to any + ipfw add 00201 allow log esp from any to any ipfw add 00202 allow log ah from any to any ipfw add 00203 allow log ipencap from any to any ipfw add 00204 allow log udp from any 500 to any - - ¥ë¡¼¥ëÈÖ¹æ¤Ï¡¢ - ¸½ºß¤Î¥Û¥¹¥È¤ÎÀßÄê¤Ë¤è¤Ã¤Æ¤ÏÊÑ¹¹¤¹¤ëÉ¬Í×¤¬¤¢¤ë¤Ç¤·¤ç¤¦¡£ - + + ¥ë¡¼¥ëÈÖ¹æ¤Ï¡¢ + ¸½ºß¤Î¥Û¥¹¥È¤ÎÀßÄê¤Ë¤è¤Ã¤Æ¤ÏÊÑ¹¹¤¹¤ëÉ¬Í×¤¬¤¢¤ë¤Ç¤·¤ç¤¦¡£ + - &man.pf.4; ¤Þ¤¿¤Ï &man.ipf.8; ¤ò»ÈÍÑ¤·¤Æ¤¤¤ë¥·¥¹¥Æ¥à¤Ç¤Ï¡¢ - °Ê²¼¤Î¥ë¡¼¥ë¤Ç¾å¼ê¤¯¤¤¤¯¤Ç¤·¤ç¤¦¡£ + &man.pf.4; ¤Þ¤¿¤Ï &man.ipf.8; ¤ò»ÈÍÑ¤·¤Æ¤¤¤ë¥·¥¹¥Æ¥à¤Ç¤Ï¡¢ + °Ê²¼¤Î¥ë¡¼¥ë¤Ç¾å¼ê¤¯¤¤¤¯¤Ç¤·¤ç¤¦¡£ - pass in quick proto esp from any to any + pass in quick proto esp from any to any pass in quick proto ah from any to any pass in quick proto ipencap from any to any pass in quick proto udp from any port = 500 to any port = 500 @@ -2997,17 +2998,17 @@ pass out quick proto ipencap from any to any pass out quick proto udp from any port = 500 to any port = 500 pass out quick on gif0 from any to any - ºÇ¸å¤Ë¡¢¥·¥¹¥Æ¥à¤Î½é´ü²½Ãæ¤Ë VPN - ¤¬µ¯Æ°¤¹¤ë¤è¤¦¤Ë¡¢°Ê²¼¤Î¹Ô¤ò - /etc/rc.conf ¤ËÄÉ²Ã¤·¤Æ¤¯¤À¤µ¤¤¡£ + ºÇ¸å¤Ë¡¢¥·¥¹¥Æ¥à¤Î½é´ü²½Ãæ¤Ë VPN + ¤¬µ¯Æ°¤¹¤ë¤è¤¦¤Ë¡¢°Ê²¼¤Î¹Ô¤ò + /etc/rc.conf ¤ËÄÉ²Ã¤·¤Æ¤¯¤À¤µ¤¤¡£ - ipsec_enable="YES" + ipsec_enable="YES" ipsec_program="/usr/local/sbin/setkey" ipsec_file="/usr/local/etc/racoon/setkey.conf" # allows setting up spd policies on boot racoon_enable="yes" - - - + + + From owner-svn-doc-all@freebsd.org Mon Feb 26 12:56:08 2018 Return-Path: Delivered-To: svn-doc-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A526DF22121; Mon, 26 Feb 2018 12:56:08 +0000 (UTC) (envelope-from ryusuke@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5623D73E85; Mon, 26 Feb 2018 12:56:08 +0000 (UTC) (envelope-from ryusuke@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4C43E1BAB5; Mon, 26 Feb 2018 12:56:08 +0000 (UTC) (envelope-from ryusuke@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w1QCu8F5026111; Mon, 26 Feb 2018 12:56:08 GMT (envelope-from ryusuke@FreeBSD.org) Received: (from ryusuke@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w1QCu8w1026110; Mon, 26 Feb 2018 12:56:08 GMT (envelope-from ryusuke@FreeBSD.org) Message-Id: <201802261256.w1QCu8w1026110@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ryusuke set sender to ryusuke@FreeBSD.org using -f From: Ryusuke SUZUKI Date: Mon, 26 Feb 2018 12:56:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r51446 - head/ja_JP.eucJP/books/handbook/security X-SVN-Group: doc-head X-SVN-Commit-Author: ryusuke X-SVN-Commit-Paths: head/ja_JP.eucJP/books/handbook/security X-SVN-Commit-Revision: 51446 X-SVN-Commit-Repository: doc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "SVN commit messages for the entire doc trees $except for " user" , " projects" , and " translations" $" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Feb 2018 12:56:09 -0000 Author: ryusuke Date: Mon Feb 26 12:56:08 2018 New Revision: 51446 URL: https://svnweb.freebsd.org/changeset/doc/51446 Log: - Merge the following from the English version: r42267 -> r43278 head/ja_JP.eucJP/books/handbook/security/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/security/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/security/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/security/chapter.xml Sun Feb 25 00:19:05 2018 (r51445) +++ head/ja_JP.eucJP/books/handbook/security/chapter.xml Mon Feb 26 12:56:08 2018 (r51446) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r42267 + Original revision: r43278 $FreeBSD$ --> @@ -347,7 +347,7 @@ ¥¢¥«¥¦¥ó¥È¤ò´°Á´¤Ë¥í¥Ã¥¯¤¹¤ë¤Ë¤Ï¡¢ &man.pw.8; ¤ò»È¤Ã¤Æ¤¯¤À¤µ¤¤¡£ - &prompt.root; pw lock staff + &prompt.root; pw lock staff ¤³¤ì¤Ë¤è¤ê¡¢»ØÄê¤µ¤ì¤¿¥æ¡¼¥¶¤Ï¡¢&man.ssh.1; ¤ò´Þ¤à¤¤¤«¤Ê¤ëÊýË¡¤Ç¤â¥í¥°¥¤¥ó¤Ç¤¤Ê¤¯¤Ê¤ê¤Þ¤¹¡£ @@ -420,11 +420,9 @@ Â¾¤Î¥·¥¹¥Æ¥à¤ÎÀøºßÅª¤Ê¥»¥¥å¥ê¥Æ¥£¥Û¡¼¥ë¤Ë¤Ï¡¢ SUID-root ¤ª¤è¤Ó SGID ¥Ð¥¤¥Ê¥ê¤¬¤¢¤ê¤Þ¤¹¡£ ¤³¤ì¤é¤Î¥Ð¥¤¥Ê¥ê¤Ï¡¢ - &man.rlogin.1; ¤Î¤è¤¦¤Ë¡¢/bin, /sbin, /usr/bin ¤Þ¤¿¤Ï /usr/sbin + &man.rlogin.1; ¤Î¤è¤¦¤Ë¡¢/bin, + /sbin, /usr/bin + ¤Þ¤¿¤Ï /usr/sbin ¤ËÂ¸ºß¤¹¤ë¤â¤Î¤¬¤Û¤È¤ó¤É¤Ç¤¹¡£ 100% °ÂÁ´¤Ê¤â¤Î¤ÏÂ¸ºß¤·¤Ê¤¤¤È¤Ï¤¤¤¨¡¢ ¥·¥¹¥Æ¥à¥Ç¥Õ¥©¥ë¥È¤Î SUID/SGID ¥Ð¥¤¥Ê¥ê¤ÏÈæ³ÓÅª°ÂÁ´¤È¤¤¤¨¤Þ¤¹¡£ @@ -508,7 +506,7 @@ ¸½ºßÆ°¤¤¤Æ¤¤¤ë¥«¡¼¥Í¥ë¤Î¥»¥¥å¥ê¥Æ¥£¥ì¥Ù¥ë¤ò¹â¤á¤ëºÇ¤â´ÊÃ±¤ÊÊýË¡¤Ï¡¢ kern.securelevel ¤òÀßÄê¤¹¤ëÊýË¡¤Ç¤¹¡£ - &prompt.root; sysctl kern.securelevel=1 + &prompt.root; sysctl kern.securelevel=1 ¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¡¢&os; ¤Î¥«¡¼¥Í¥ë¤Ï¥»¥¥å¥ê¥Æ¥£¥ì¥Ù¥ë -1 ¤Çµ¯Æ°¤·¤Þ¤¹¡£ @@ -536,7 +534,7 @@ ¥»¥¥å¥ê¥Æ¥£¥ì¥Ù¥ë¤ò 1 °Ê¾å¤ËÀßÄê¤·¤¿¾ì¹ç¤Ë¤Ï¡¢ /dev/io ¤Ø¤Î¥¢¥¯¥»¥¹¤¬¥Ö¥í¥Ã¥¯¤µ¤ì¤ë¤¿¤á¡¢ &xorg; ¤ä¡¢ - installworld ¤Î¥×¥í¥»¥¹¤Ç¤Ï¡¢ + installworld ¤Î¥×¥í¥»¥¹¤Ç¤Ï¡¢ ¤¤¤¯¤Ä¤«¤Î¥Õ¥¡¥¤¥ë¤ÎÄÉ²ÃÀìÍÑ¤ª¤è¤ÓÊÑ¹¹ÉÔ²Ä¤Î¥Õ¥é¥°¤Ï°ì»þÅª¤Ë¥ê¥»¥Ã¥È¤µ¤ì¤ë¤¿¤á¡¢ ¥½¡¼¥¹¤«¤é &os; ¤ò¹½ÃÛ¤·¤Æ¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ë¤È¤¤Ê¤É¤ÇÌäÂê¤¬°ú¤µ¯¤³¤µ¤ì¤ë²ÄÇ½À¤¬¤¢¤ê¤Þ¤¹¡£ @@ -563,8 +561,7 @@ schg ¥Õ¥é¥°¤òÀßÄê¤·¤Ê¤¤¤È¤¤¤¦¤È¤³¤í¤ÇÂÅ¶¨¤¹¤ë¤È¤¤¤¦¼ê¤â¤¢¤ê¤Þ¤¹¡£ ¤â¤¦°ì¤Ä¤Î²ÄÇ½À¤È¤·¤Æ¤Ï¡¢Ã±½ã¤Ë - / ¤ª¤è¤Ó /usr + / ¤ª¤è¤Ó /usr ¤òÆÉ¤ß¹þ¤ßÀìÍÑ¤Ç¥Þ¥¦¥ó¥È¤¹¤ë¤³¤È¤Ç¤¹¡£ ¤³¤³¤ÇÆÃÉ®¤¹¤Ù¤¤³¤È¤Ï¡¢¥·¥¹¥Æ¥à¤ò¼é¤í¤¦¤È¤·¤Æ¸·¤·¤¯¤·¤¹¤®¤ë¤È¡¢ ¿¯Æþ¤ò¸¡½Ð¤¹¤ë¤³¤È¤¬¤Ç¤¤Ê¤¯¤Ê¤Ã¤Æ¤·¤Þ¤¦¤È¤¤¤¦¤³¤È¤Ç¤¹¡£ @@ -576,9 +573,8 @@ ¥·¥¹¥Æ¥à´ÉÍý¼Ô¤Ë¤Ç¤¤ë¤³¤È¤Ï¡¢ ÊØÍø¤µ¤È¤¤¤¦Í×ÁÇ¤¬¤½¤Î½¹¤¤Æ¬¤ò¾å¤²¤Ê¤¤ÄøÅÙ¤Ë¡¢ ¥³¥¢¥·¥¹¥Æ¥à¤ÎÀßÄê¤ÈÀ©¸æ¥Õ¥¡¥¤¥ë¤òËÉ¸æ¤¹¤ë¤³¤È¤À¤±¤Ç¤¹¡£ - ¤¿¤È¤¨¤Ð¡¢/ ¤ª¤è¤Ó /usr + ¤¿¤È¤¨¤Ð¡¢/ ¤ª¤è¤Ó + /usr ¤Ë¤¢¤ëÂçÉôÊ¬¤Î¥Õ¥¡¥¤¥ë¤Ë schg ¥Ó¥Ã¥È¤òÀßÄê¤¹¤ë¤¿¤á¤Ë &man.chflags.1; ¤ò»ÈÍÑ¤¹¤ë¤Î¤Ï¡¢¤ª¤½¤é¤¯µÕ¸ú²Ì¤Ç¤·¤ç¤¦¡£ @@ -620,16 +616,14 @@ ¤Ê¤É¤ÎÃ±½ã¤Ê¥·¥¹¥Æ¥à¥æ¡¼¥Æ¥£¥ê¥Æ¥£¤Ç¥¹¥¯¥ê¥×¥È¤ò½ñ¤¯¤³¤È¤¬¤Ç¤¤Þ¤¹¡£ ¾¯¤Ê¤¯¤È¤â 1 Æü 1 ²ó¡¢¥¯¥é¥¤¥¢¥ó¥È¤Î¥·¥¹¥Æ¥à¥Õ¥¡¥¤¥ë¤òÄ¾ÀÜ &man.md5.1; ¤Ë¤«¤±¡¢ - ¤µ¤é¤Ë¤â¤Ã¤ÈÉÑÈË¤Ë /etc ¤ª¤è¤Ó /usr/local/etc + ¤µ¤é¤Ë¤â¤Ã¤ÈÉÑÈË¤Ë /etc ¤ª¤è¤Ó + /usr/local/etc ¤Ë¤¢¤ë¤è¤¦¤Ê¥³¥ó¥È¥í¡¼¥ëÍÑ¥Õ¥¡¥¤¥ë¤ò»î¸³¤¹¤ë¤Î¤¬°ìÈÖ¤Ç¤¹¡£ ¥¢¥¯¥»¥¹À©¸Â¤µ¤ì¤¿¥Þ¥·¥ó¤¬Àµ¤·¤¤¤ÈÃÎ¤Ã¤Æ¤¤¤ë¡¢ ´ð¤È¤Ê¤ë md5 ¾ðÊó¤ÈÈæ¤Ù¤Æ°ã¤¤¤¬¸«¤Ä¤«¤Ã¤¿¾ì¹ç¡¢ ¥·¥¹¥Æ¥à´ÉÍý¼Ô¤Ë·Ù¹ð¤¹¤ë¤è¤¦¤Ë¤¹¤Ù¤¤Ç¤¹¡£ - Í¥¤ì¤¿¥»¥¥å¥ê¥Æ¥£ÍÑ¥¹¥¯¥ê¥×¥È¤Ï¡¢/ ¤ª¤è¤Ó /usr + Í¥¤ì¤¿¥»¥¥å¥ê¥Æ¥£ÍÑ¥¹¥¯¥ê¥×¥È¤Ï¡¢ + / ¤ª¤è¤Ó /usr ¤Ê¤É¤Î¥·¥¹¥Æ¥à¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¾å¤ÇÉÔÅ¬Åö¤Ë SUID ¤µ¤ì¤¿¥Ð¥¤¥Ê¥ê¤ä¡¢ ¿·¤¿¤ËºîÀ®¤µ¤ì¤¿¥Õ¥¡¥¤¥ë¤äºï½ü¤µ¤ì¤¿¥Õ¥¡¥¤¥ë¤¬¤Ê¤¤¤«¤É¤¦¤«¤òÄ´¤Ù¤ë¤Ç¤·¤ç¤¦¡£ @@ -911,7 +905,6 @@ - DES, Blowfish, MD5, SHA256, SHA512 ¤ª¤è¤Ó Crypt @@ -1358,7 +1351,7 @@ Enter secret pass phrase: <secret passwo ¸¡º÷¤Î¥×¥í¥»¥¹¤Ï½ªÎ»¤·¤Þ¤¹¡£ Îã¤È¤·¤Æ¡¢POP3 ¤ÎÀÜÂ³¤ò - mail/qpopper + mail/qpopper ¥Ç¡¼¥â¥ó·ÐÍ³¤Çµö²Ä¤¹¤ë¤Ë¤Ï¡¢°Ê²¼¤Î¹Ô¤ò hosts.allow ¤ËÄÉ²Ã¤·¤Æ¤¯¤À¤µ¤¤¡£ @@ -1588,7 +1581,7 @@ sendmail : PARANOID : deny ¥¢¥á¥ê¥«¹ç½°¹ñ ¤ÎÍ¢½Ðµ¬À©¤Ë¤è¤êÀ©¸Â¤µ¤ì¤Æ¤¤Þ¤·¤¿¡£ MIT ¤Ç¼ÂÁõ¤µ¤ì¤¿ Kerberos ¤Ï¡¢ - security/krb5 package ¤Þ¤¿¤Ï + security/krb5 package ¤Þ¤¿¤Ï port ¤«¤éÍøÍÑ¤Ç¤¤Þ¤¹¡£ ¥Ð¡¼¥¸¥ç¥ó 5 ¤Î¤â¤¦°ì¤Ä¤Î¼ÂÁõ¤¬¡¢ Heimdal Kerberos @@ -1596,7 +1589,7 @@ sendmail : PARANOID : deny ¤³¤Î¼ÂÁõ¤Ï¡¢¥¢¥á¥ê¥«¹ç½°¹ñ¤Î³°¤Ç³«È¯¤µ¤ì¤¿¤¿¤á¡¢ Í¢½Ð¤ÎÀ©¸Â¤òÈò¤±¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£ Heimdal Kerberos ¤Ï - security/heimdal + security/heimdal> package ¤Þ¤¿¤Ï port ¤«¤é¥¤¥ó¥¹¥È¡¼¥ë¤Ç¤¤Þ¤¹¤¬¡¢ºÇ¾®¹½À®¤Ï &os; ¤Î base ¥¤¥ó¥¹¥È¡¼¥ë¤Ë´Þ¤Þ¤ì¤Æ¤¤¤Þ¤¹¡£ @@ -1669,7 +1662,7 @@ kadmind5_server_enable="YES" default_realm = EXAMPLE.ORG ¤½¤·¤Æ¡¢kerberos.EXAMPLE.ORG + class="fqdomainname">example.org ¥¾¡¼¥ó¥Õ¥¡¥¤¥ë¤Ë¤Ï¡¢°Ê²¼¤Î¹Ô¤¬ÉÕ¤±²Ã¤¨¤é¤ì¤Þ¤¹¡£ _kerberos._udp IN SRV 01 00 88 kerberos.example.org. @@ -1726,9 +1719,9 @@ Master key: xxxxxxxx Verifying password - Master key: xxxxxxxx &prompt.root; kadmin -l -kadmin> init EXAMPLE.ORG +kadmin> init EXAMPLE.ORG Realm max ticket life [unlimited]: -kadmin> add tillman +kadmin> add tillman Max ticket life [unlimited]: Max renewable life [unlimited]: Attributes []: @@ -1744,7 +1737,7 @@ Verifying password - Password: xxxxxxxx - &prompt.user; kinit tillman + &prompt.user; kinit tillman tillman@EXAMPLE.ORG's Password: &prompt.user; klist @@ -1818,12 +1811,12 @@ Aug 27 15:37:58 Aug 28 01:37:58 krbtgt/EXAMPLE.ORG@E &prompt.root; kadmin -kadmin> add --random-key host/myserver.example.org +kadmin> add --random-key host/myserver.example.org Max ticket life [unlimited]: Max renewable life [unlimited]: Attributes []: -kadmin> ext host/myserver.example.org -kadmin> exit +kadmin> ext host/myserver.example.org +kadmin> exit ext ¤Ï¡¢¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¡¢Ãê½Ð¤µ¤ì¤¿¸°¤ò /etc/krb5.keytab ¤ËÊÝÂ¸¤·¤Þ¤¹¡£ @@ -1840,8 +1833,8 @@ kadmin> exit °ì»þ¥Õ¥¡¥¤¥ë¤ËÃê½Ð¤·¤Æ¤¯¤À¤µ¤¤¡£ &prompt.root; kadmin -kadmin> ext --keytab=/tmp/example.keytab host/myserver.example.org -kadmin> exit +kadmin> ext --keytab=/tmp/example.keytab host/myserver.example.org +kadmin> exit ¤½¤Î¸å¡¢&man.scp.1; ¤Þ¤¿¤Ï¥ê¥à¡¼¥Ð¥Ö¥ë¥Ç¥£¥¹¥¯¤ò»È¤Ã¤Æ¡¢ keytab ¤ò°ÂÁ´¤Ë¥µ¡¼¥Ð¥³¥ó¥Ô¥å¡¼¥¿¤Ë¥³¥Ô¡¼¤·¤Æ¤¯¤À¤µ¤¤¡£ @@ -1965,14 +1958,9 @@ jdoe@example.org Tips, Tricks, ¤ª¤è¤Ó¥È¥é¥Ö¥ë¥·¥å¡¼¥Æ¥£¥ó¥° - - Kerberos5 - ¥È¥é¥Ö¥ë¥·¥å¡¼¥Æ¥£¥ó¥° - - Heimdal ¤Þ¤¿¤Ï MIT - Kerberos ports + KerberosKerberos5troubleshooting ports ¤Î¤É¤Á¤é¤ò»È¤¦¾ì¹ç¤Ç¤â¡¢ PATH ¤Ï¡¢ Kerberos ÈÇ¤Î¥¯¥é¥¤¥¢¥ó¥È @@ -1997,7 +1985,7 @@ jdoe@example.org host/ ¥×¥ê¥ó¥·¥Ñ¥ë¤òÊÑ¹¹¤·¡¢keytab ¤ò¥¢¥Ã¥×¥Ç¡¼¥È¤¹¤ëÉ¬Í×¤¬¤¢¤ê¤Þ¤¹¡£ Apache ¤Î - www/mod_auth_kerb + www/mod_auth_kerb ¤Ç»È¤ï¤ì¤ë www/ ¥×¥ê¥ó¥·¥Ñ¥ë¤Î¤è¤¦¤ÊÆÃÊÌ¤Ê @@ -2132,15 +2120,14 @@ jdoe@example.org ¤Ë½ñ¤«¤ì¤Æ¤¤¤ë¥¬¥¤¥É¤Ë½¾¤¦¤³¤È¤¬¿ä¾©¤µ¤ì¤Þ¤¹¡£ path ¤ÎÌäÂê¤Ë¤Ä¤¤¤ÆÃí°Õ¤·¤Æ¤¯¤À¤µ¤¤¡£ MIT port ¤Ï¥Ç¥Õ¥©¥ë¥È¤Ç - /usr/local/ - ¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤·¤Þ¤¹¡£ + /usr/local/ ¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤·¤Þ¤¹¡£ ¤½¤Î¤¿¤á¡¢¤â¤· PATH ¤Ë¤ª¤¤¤Æ¥·¥¹¥Æ¥à¤Î¥Ç¥£¥ì¥¯¥È¤¬ºÇ½é¤Ë½ñ¤«¤ì¤Æ¤¤¤ë¾ì¹ç¤Ë¤Ï¡¢ MIT ÈÇ¤Ç¤Ï¤Ê¤¯¡¢ÄÌ¾ï¤Î ¥·¥¹¥Æ¥à¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤¬µ¯Æ°¤·¤Æ¤·¤Þ¤¤¤Þ¤¹¡£ &os; ¤Î MIT - security/krb5 port ¤Ë¤ª¤¤¤Æ¡¢ + security/krb5 port ¤Ë¤ª¤¤¤Æ¡¢ &man.telnetd.8; ¤ª¤è¤Ó klogind ·ÐÍ³¤Ç¤Î¥í¥°¥¤¥ó¤¬´ñÌ¯¤Ê¿¶¤ëÉñ¤¤¤ò¤¹¤ë¤³¤È¤òÍý²ò¤¹¤ë¤Ë¤Ï¡¢ port ¤«¤é¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤ë @@ -2157,12 +2144,13 @@ jdoe@example.org kerberos5_server="/usr/local/sbin/krb5kdc" kadmind5_server="/usr/local/sbin/kadmind" +kerberos5_server_flags="" kerberos5_server_enable="YES" kadmind5_server_enable="YES" ¤³¤ì¤ò¹Ô¤¦¤Î¤Ï¡¢ MIT Kerberos ¤Î¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤Ï¡¢ - /usr/local + /usr/local ¹½Â¤¤Î²¼¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤ë¤¿¤á¤Ç¤¹¡£ @@ -2197,7 +2185,7 @@ kadmind5_server_enable="YES" ¥Þ¥ë¥Á¥æ¡¼¥¶¤Î´Ä¶¤Ç¤Ï¡¢ Kerberos ¤Ï°ÂÁ´¤Ç¤Ï¤¢¤ê¤Þ¤»¤ó¡£ - ¥Á¥±¥Ã¥È¤Ï /tmp + ¥Á¥±¥Ã¥È¤Ï /tmp ¤ËÊÝ´É¤µ¤ì¡¢ ¤³¤Î¥Á¥±¥Ã¥È¤Ï¡¢¤¹¤Ù¤Æ¤Î¥æ¡¼¥¶¤¬ÆÉ¤à¤³¤È¤¬¤Ç¤¤ë¤¿¤á¤Ç¤¹¡£ ¤â¤·¡¢¥æ¡¼¥¶¤¬¥³¥ó¥Ô¥å¡¼¥¿¤òÂ¾¤Î¥æ¡¼¥¶¤ÈÆ±»þ¤Ë¶¦Í¤·¤Æ¤¤¤ë¤È¡¢ @@ -2252,7 +2240,7 @@ kadmind5_server_enable="YES" ¥Û¥¹¥È¤Þ¤¿¤Ï¥µ¡¼¥Ó¥¹¤È¤Î´Ö¤ÎÇ§¾Ú¤Î¥á¥«¥Ë¥º¥à¤ÏÄó¶¡¤·¤Þ¤»¤ó¡£ ¤³¤ì¤Ï¡¢¥È¥í¥¤¤ÎÌÚÇÏ¤Î &man.kinit.1; ¤¬¡¢ ¤¹¤Ù¤Æ¤Î¥æ¡¼¥¶Ì¾¤È¥Ñ¥¹¥ï¡¼¥É¤òµÏ¿¤Ç¤¤ë¤³¤È¤ò°ÕÌ£¤·¤Æ¤¤¤Þ¤¹¡£ - security/tripwire + security/tripwire ¤Î¤è¤¦¤Ê¡¢¥Õ¥¡¥¤¥ë¥·¥¹¥Æ¥à¤Î´°Á´À¤ò³ÎÇ§¤¹¤ë¤¿¤á¤Î¥Ä¡¼¥ë¤Ë¤è¤ê¡¢ ¤³¤Î´í¸±À¤ò·Ú¸º¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£ @@ -2330,17 +2318,17 @@ kadmind5_server_enable="YES" OpenSSL ¤Ï¡¢ ¥á¡¼¥ë¥¯¥é¥¤¥¢¥ó¥È¤Î°Å¹æ²½¤µ¤ì¤¿Ç§¾Ú¡¢ ¥¯¥ì¥¸¥Ã¥È¥«¡¼¥É¤Ç¤Î»ÙÊ§¤¤¤È¤¤¤Ã¤¿¥¦¥§¥Ö¥Ù¡¼¥¹¤Î¼è°ú¤Ê¤É¤Ç»È¤ï¤ì¤Þ¤¹¡£ - www/apache22 ¤ª¤è¤Ó - mail/claws-mail + www/apache22 ¤ª¤è¤Ó + mail/claws-mail ¤È¤¤¤Ã¤¿Â¿¤¯¤Î port ¤Ç¤Ï¡¢ OpenSSL ¤È¤È¤â¤Ë¹½ÃÛ¤¹¤ë¥³¥ó¥Ñ¥¤¥ë¤ËÂÐ±þ¤·¤Æ¤¤¤Þ¤¹¡£ Â¿¤¯¤Î¾ì¹ç¡¢Ports Collection ¤Ï¡¢ - make ¤Î WITH_OPENSSL_BASE ¤¬ÌÀ¼¨Åª¤Ë + make ¤Î WITH_OPENSSL_BASE ¤¬ÌÀ¼¨Åª¤Ë yes ¤ËÀßÄê¤µ¤ì¤Æ¤¤¤Ê¤¤¤È¡¢ - security/openssl port + security/openssl port ¤Î¹½ÃÛ¤ò»î¤ß¤Þ¤¹¡£ @@ -2357,7 +2345,7 @@ kadmind5_server_enable="YES" ¤â¤·»ÈÍÑ¤·¤¿¤¤¤Î¤Ç¤¢¤ì¤Ð¡¢¥é¥¤¥»¥ó¥¹¾ò¹à¤òÉ¬¤º³ÎÇ§¤·¡¢ ¥é¥¤¥»¥ó¥¹¾ò¹à¤Ë¹çÃ×¤¹¤ë¤Î¤Ç¤¢¤ì¤Ð¡¢ /etc/make.conf ¤Ë¤ª¤¤¤Æ - MAKE_IDEA ÊÑ¿ô¤òÀßÄê¤·¤Æ¤¯¤À¤µ¤¤¡£ + MAKE_IDEA ÊÑ¿ô¤òÀßÄê¤·¤Æ¤¯¤À¤µ¤¤¡£ ºÇ¤â°ìÈÌÅª¤Ê OpenSSL @@ -2400,18 +2388,18 @@ There are quite a few fields but you can leave some bl For some fields there will be a default value, If you enter '.', the field will be left blank. ----- -Country Name (2 letter code) [AU]:US -State or Province Name (full name) [Some-State]:PA -Locality Name (eg, city) []:Pittsburgh -Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company -Organizational Unit Name (eg, section) []:Systems Administrator -Common Name (eg, YOUR name) []:localhost.example.org -Email Address []:trhodes@FreeBSD.org +Country Name (2 letter code) [AU]:US +State or Province Name (full name) [Some-State]:PA +Locality Name (eg, city) []:Pittsburgh +Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company +Organizational Unit Name (eg, section) []:Systems Administrator +Common Name (eg, YOUR name) []:localhost.example.org +Email Address []:trhodes@FreeBSD.org Please enter the following 'extra' attributes to be sent with your certificate request -A challenge password []:SOME PASSWORD -An optional company name []:Another Name +A challenge password []:SOME PASSWORD +An optional company name []:Another Name Common Name ¥×¥í¥ó¥×¥ÈÄ¾¸å¤ËÉ½¼¨¤µ¤ì¤Æ¤¤¤ë¤Î¤Ï¡¢ ¥É¥á¥¤¥óÌ¾¤Ç¤¹¡£ @@ -2440,21 +2428,21 @@ An optional company name []:An ¼«¸Ê½ðÌ¾¾ÚÌÀ½ñ¤òºîÀ®¤Ç¤¤Þ¤¹¡£ ºÇ½é¤Ë RSA ¤Î¸°¤òÀ¸À®¤·¤Æ¤¯¤À¤µ¤¤¡£ - &prompt.root; openssl dsaparam -rand -genkey -out myRSA.key 1024 + &prompt.root; openssl dsaparam -rand -genkey -out myRSA.key 1024 ¼¡¤Ë¡¢CA ¸°¤òÀ¸À®¤·¤Æ¤¯¤À¤µ¤¤¡£ - &prompt.root; openssl gendsa -des3 -out myca.key myRSA.key + &prompt.root; openssl gendsa -des3 -out myca.key myRSA.key ¤³¤Î¸°¤ò»È¤Ã¤Æ¾ÚÌÀ½ñ¤òºîÀ®¤·¤Æ¤¯¤À¤µ¤¤¡£ - &prompt.root; openssl req -new -x509 -days 365 -key myca.key -out new.crt + &prompt.root; openssl req -new -x509 -days 365 -key myca.key -out new.crt ¿·¤·¤¯ 2 ¤Ä¤Î¥Õ¥¡¥¤¥ë¤¬¤³¤Î¥Ç¥£¥ì¥¯¥È¥ê¤ËºîÀ®¤µ¤ì¤Þ¤¹¡£ ¥×¥é¥¤¥Ù¡¼¥È¸° myca.key ¤ª¤è¤Ó ¾ÚÌÀ½ñ new.crt ¤Ç¤¹¡£ ¤³¤ì¤é¤Î¥Õ¥¡¥¤¥ë¤ò¡¢¹¥¤Þ¤·¤¯¤Ï - /etc °Ê²¼¤Ç¡¢ + /etc °Ê²¼¤Ç¡¢ root ¤Î¤ß¤¬ÆÉ¤à¤³¤È¤Î¤Ç¤¤ë¥Ç¥£¥ì¥¯¥È¥ê¤ËÃÖ¤¯É¬Í×¤¬¤¢¤ê¤Þ¤¹¡£ µö²ÄÂ°À¤Ï 0700 ¤¬Å¬ÀÚ¤Ç¤¹¡£ @@ -2491,14 +2479,13 @@ define(`confTLS_SRV_OPTIONS', `V')dnl ¤³¤ÎÎã¤Ç¤Ï¡¢ ¥í¡¼¥«¥ë¤Ç¾ÚÌÀ½ñ¤ª¤è¤Ó¸°¥Õ¥¡¥¤¥ë¤Ï¡¢¥í¡¼¥«¥ë¤Î - /etc/certs/ - ¤ËÃÖ¤«¤ì¤Æ¤¤¤Þ¤¹¡£ + /etc/certs/ ¤ËÃÖ¤«¤ì¤Æ¤¤¤Þ¤¹¡£ ¥Õ¥¡¥¤¥ë¤ÎÊÔ½¸¤òÊÝÂ¸¤·½ª¤ï¤Ã¤¿¤é¡¢ - /etc/mail ¤Ë¤ª¤¤¤Æ - make install + /etc/mail ¤Ë¤ª¤¤¤Æ + make install ¤ÈÆþÎÏ¤¹¤ë¤³¤È¤Ç¡¢¥í¡¼¥«¥ë¤Î .cf ¥Õ¥¡¥¤¥ë¤òºÆ¹½ÃÛ¤¹¤ëÉ¬Í×¤¬¤¢¤ê¤Þ¤¹¡£ - ¤½¤Î¸å¡¢make restart + ¤½¤Î¸å¡¢make restart ¤ÈÆþÎÏ¤·¤Æ¡¢Sendmail ¥Ç¡¼¥â¥ó¤òºÆµ¯Æ°¤·¤Æ¤¯¤À¤µ¤¤¡£ @@ -2511,12 +2498,12 @@ define(`confTLS_SRV_OPTIONS', `V')dnl °Ê²¼¤Ï´ÊÃ±¤Ê»î¸³¤ÎÎã¤Ç¡¢&man.telnet.1; ¤ò»È¤Ã¤Æ¡¢ ¥á¡¼¥ë¥µ¡¼¥Ð¤ËÀÜÂ³¤·¤Æ¤¤¤Þ¤¹¡£ - &prompt.root; telnet example.com 25 + &prompt.root; telnet example.com 25 Trying 192.0.34.166... -Connected to example.com +Connected to example.com Escape character is '^]'. -220 example.com ESMTP Sendmail 8.12.10/8.12.10; Tue, 31 Aug 2004 03:41:22 -0400 (EDT) -ehlo example.com +220 example.com ESMTP Sendmail 8.12.10/8.12.10; Tue, 31 Aug 2004 03:41:22 -0400 (EDT) +ehlo example.com 250-example.com Hello example.com [192.0.34.166], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING @@ -2529,7 +2516,7 @@ Escape character is '^]'. 250-DELIVERBY 250 HELP quit -221 2.0.0 example.com closing connection +221 2.0.0 example.com closing connection Connection closed by foreign host. ½ÐÎÏ¤Ë STARTTLS ¹Ô¤¬É½¼¨¤µ¤ì¤ì¤Ð¡¢ @@ -2723,7 +2710,7 @@ device crypto ºÇ½é¤Ë Ports Collection ¤«¤é - security/ipsec-tools + security/ipsec-tools ¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤Æ¤¯¤À¤µ¤¤¡£ ¤³¤Î¥½¥Õ¥È¥¦¥§¥¢¤Ï¡¢ ÀßÄê¤ò¥µ¥Ý¡¼¥È¤¹¤ë¿ôÂ¿¤¯¤Î¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤òÄó¶¡¤·¤Þ¤¹¡£ @@ -2741,9 +2728,9 @@ device crypto &prompt.root; ifconfig gif0 create - &prompt.root; ifconfig gif0 internal1 internal2 + &prompt.root; ifconfig gif0 internal1 internal2 - &prompt.root; ifconfig gif0 tunnel external1 external2 + &prompt.root; ifconfig gif0 tunnel external1 external2 ¤³¤ÎÎã¤Ç¤Ï¡¢²ñ¼Ò¤Î LAN ¤Î³°Éô IP ¥¢¥É¥ì¥¹¤ò @@ -2806,13 +2793,13 @@ round-trip min/avg/max/stddev = 28.106/94.594/154.524/ ¥Ñ¥±¥Ã¥È¤Î¥ë¡¼¥Æ¥£¥ó¥°¾ðÊó¤òÎ¾Êý¤Î¥²¡¼¥È¥¦¥§¥¤¤ËÀßÄê¤¹¤ëÉ¬Í×¤¬¤¢¤ê¤Þ¤¹¡£ ¤³¤ì¤Ï°Ê²¼¤Î¥³¥Þ¥ó¥É¤ÇÀßÄê¤Ç¤¤Þ¤¹¡£ - &prompt.root; corp-net# route add 10.0.0.0 10.0.0.5 255.255.255.0 + &prompt.root; corp-net# route add 10.0.0.0 10.0.0.5 255.255.255.0 - &prompt.root; corp-net# route add net 10.0.0.0: gateway 10.0.0.5 + &prompt.root; corp-net# route add net 10.0.0.0: gateway 10.0.0.5 - &prompt.root; priv-net# route add 10.246.38.0 10.246.38.1 255.255.255.0 + &prompt.root; priv-net# route add 10.246.38.0 10.246.38.1 255.255.255.0 - &prompt.root; priv-net# route add host 10.246.38.0: gateway 10.246.38.1 + &prompt.root; priv-net# route add host 10.246.38.0: gateway 10.246.38.1 ¤³¤ì¤Ç¡¢¥Í¥Ã¥È¥ï¡¼¥¯Æâ¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Ï¡¢ ¥²¡¼¥È¥¦¥§¥¤¤ª¤è¤Ó¥²¡¼¥È¥¦¥§¥¤¤Î±ü¤Î¥³¥ó¥Ô¥å¡¼¥¿¤«¤éÅþÃ£²ÄÇ½¤È¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£ @@ -2869,7 +2856,7 @@ timer # timing options. change as needed phase2 15 sec; } -listen # address [port] that racoon will listening on +listen # address [port] that racoon will listen on { isakmp 172.16.5.4 [500]; isakmp_natt 172.16.5.4 [4500]; @@ -2955,7 +2942,7 @@ n2006-01-30 01:36:04: INFO: ISAKMP-SA established 172. ¤¿¤À¤·¡¢°Ê²¼¤ÎÎã¤Î em0 ¤ÎÉôÊ¬¤Ï¡¢ É¬Í×¤Ë±þ¤¸¤Æ»ÈÍÑ¤·¤Æ¤¤¤ë¥Í¥Ã¥È¥ï¡¼¥¯¥¤¥ó¥¿¥Õ¥§¡¼¥¹¤ËÃÖ¤´¹¤¨¤Æ¤¯¤À¤µ¤¤¡£ - &prompt.root; tcpdump -i em0 host 172.16.5.4 and dst 192.168.1.12 + &prompt.root; tcpdump -i em0 host 172.16.5.4 and dst 192.168.1.12 °Ê²¼¤Î¤è¤¦¤Ê¥Ç¡¼¥¿¤¬¥³¥ó¥½¡¼¥ë¤ËÉ½¼¨¤µ¤ì¤Þ¤¹¡£ ¤â¤·¡¢É½¼¨¤µ¤ì¤Ê¤¤¾ì¹ç¤Ï¡¢ÀßÄê¤Ë²¿¤«ÌäÂê¤¬¤¢¤ë¤Î¤Ç¡¢ @@ -3165,7 +3152,7 @@ COPYRIGHT 100% |*************************** ¥·¥¹¥Æ¥àÁ´ÂÎ¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤Ï¡¢OpenSSH ¥Ç¡¼¥â¥ó¡¢¥¯¥é¥¤¥¢¥ó¥È¤ÎÎ¾Êý¤È¤â - /etc/ssh ¤Ë¤¢¤ê¤Þ¤¹¡£ + /etc/ssh ¤Ë¤¢¤ê¤Þ¤¹¡£ ssh_config ¤Ï¥¯¥é¥¤¥¢¥ó¥È¤ÎÆ°ºîÀßÄê¡¢ sshd_config @@ -3181,7 +3168,7 @@ COPYRIGHT 100% |*************************** ¤ò»È¤Ã¤Æ¥æ¡¼¥¶¤ÎÇ§¾ÚÍÑ¤Î DSA ¤Þ¤¿¤Ï RSA °Å¹æ¸°¤òºî¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£ - &prompt.user; ssh-keygen -t dsa + &prompt.user; ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/user/.ssh/id_dsa): Created directory '/home/user/.ssh'. @@ -3388,7 +3375,6 @@ Identity added: /home/user/.ssh/id_dsa (/home/user/.ss &man.ssh.1; ¤òÍÑ¤¤¤¿ SMTP ÍÑ¤Î°ÂÁ´¤Ê¥È¥ó¥Í¥ë¤ÎºîÀ® &prompt.user; ssh -2 -N -f -L 5025:localhost:25 user@mailserver.example.com - user@mailserver.example.com's password: ***** &prompt.user; telnet localhost 5025 Trying 127.0.0.1... @@ -3444,7 +3430,7 @@ user@ssh-server.example.com's password: *** SSH ÀÜÂ³¤ò¹Ô¤¤¡¢ ´õË¾¤¹¤ë¥µ¡¼¥Ó¥¹¤Ø¤Î¥È¥ó¥Í¥ë¤ËÍøÍÑ¤¹¤ë¤³¤È¤Ç¤¹¡£ - &prompt.user; ssh -2 -N -f -L 8888:music.example.com:8000 user@unfirewalled-system.example.org + &prompt.user; ssh -2 -N -f -L 8888:music.example.com:8000 user@unfirewalled-system.example.org user@unfirewalled-system.example.org's password: ******* ¤³¤ÎÎã¤Ç¤Ï¡¢¥¹¥È¥ê¡¼¥ß¥ó¥° Ogg Vorbis ¥¯¥é¥¤¥¢¥ó¥È¤ò @@ -3604,11 +3590,11 @@ drwxrwx---+ 2 robert robert 512 Dec 27 11:57 directo drwxr-xr-x 2 robert robert 512 Nov 10 11:54 public_html ¤³¤ÎÎã¤Ç¤Ï¡¢¥Ç¥£¥ì¥¯¥È¥ê - directory1, - directory2 ¤ª¤è¤Ó - directory3 + directory1, + directory2 ¤ª¤è¤Ó + directory3 ¤Î¤¹¤Ù¤Æ¤Ç ACL ¤¬Æ¯¤¤¤Æ¤¤¤Þ¤¹¡£ - °ìÊý public_html + °ìÊý public_html ¤ÏÂÐ¾Ý³°¤Ç¤¹¡£ @@ -3620,7 +3606,7 @@ drwxr-xr-x 2 robert robert 512 Nov 10 11:54 public_ ACL ÀßÄê¤òÉ½¼¨¤¹¤ë¤Ë¤Ï¡¢ °Ê²¼¤Î¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤·¤Æ¤¯¤À¤µ¤¤¡£ - &prompt.user; getfacl test + &prompt.user; getfacl test #file:test #owner:1001 #group:1001 @@ -3631,7 +3617,7 @@ drwxr-xr-x 2 robert robert 512 Nov 10 11:54 public_ ¤³¤Î¥Õ¥¡¥¤¥ë¤Î ACL ÀßÄê¤òÊÑ¹¹¤¹¤ë¤Ë¤Ï¡¢ &man.setfacl.1; ¤ò»ÈÍÑ¤·¤Æ¤¯¤À¤µ¤¤¡£ - &prompt.user; setfacl -k test + &prompt.user; setfacl -k test ¥Õ¥¡¥¤¥ë¤Þ¤¿¤Ï¥Õ¥¡¥¤¥ë¥·¥¹¥Æ¥à¤«¤é¡¢ ¸½ºßÀßÄê¤µ¤ì¤Æ¤¤¤ë ACL @@ -3641,7 +3627,7 @@ drwxr-xr-x 2 robert robert 512 Nov 10 11:54 public_ ¤³¤Î¥ª¥×¥·¥ç¥ó¤ò»È¤¦¤È¡¢ACL ¤¬Æ°ºî¤¹¤ë¤Î¤ËÉ¬Í×¤Ê´ðËÜ¤Î¥Õ¥£¡¼¥ë¥É¤Ï»Ä¤ê¤Þ¤¹¡£ - &prompt.user; setfacl -m u:trhodes:rwx,group:web:r--,o::--- test + &prompt.user; setfacl -m u:trhodes:rwx,group:web:r--,o::--- test ¤³¤ÎÎã¤Ç¤Ï¡¢ ¤Ï¡¢¥Ç¥Õ¥©¥ë¥È ACL @@ -3691,7 +3677,7 @@ drwxr-xr-x 2 robert robert 512 Nov 10 11:54 public_ ¤³¤ÎÌÜÅª¤Î¤¿¤á¤ËÍÑ°Õ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£ - ports-mgmt/portaudit + ports-mgmt/portaudit port ¤Ï¡¢&os; ¥»¥¥å¥ê¥Æ¥£¥Á¡¼¥à¤ª¤è¤Ó ports ³«È¯¼Ô¤¬¥¢¥Ã¥×¥Ç¡¼¥È¤·¡¢´ÉÍý¤·¤Æ¤¤¤ë¡¢ ´ûÃÎ¤Î¥»¥¥å¥ê¥Æ¥£ÌäÂê¤ËÂÐ¤¹¤ë¥Ç¡¼¥¿¥Ù¡¼¥¹¤òÆþ¼ê¤·¤Þ¤¹¡£ @@ -3888,7 +3874,7 @@ VII. References &man.ident.1; ¤ò¼Â¹Ô¤¹¤ë¤È¡¢ ¤½¤Î½ÐÎÏ¤«¤é¥ê¥Ó¥¸¥ç¥ó¤ò´ÊÃ±¤Ë³ÎÇ§¤Ç¤¤Þ¤¹¡£ ports ¤Î¾ì¹ç¤Ë¤Ï¡¢ - /var/db/pkg + /var/db/pkg ¤Î port ¤ÎÌ¾Á°¤Î¸å¤Ë¡¢¥Ð¡¼¥¸¥ç¥óÈÖ¹æ¤¬¼¨¤µ¤ì¤Æ¤¤¤Þ¤¹¡£ ¤â¤·¡¢¥·¥¹¥Æ¥à¤¬ &os; Subversion ¥ê¥Ý¥¸¥È¥ê¤ÈÆ±´ü¤·¤Æ¤¤¤Ê¤«¤Ã¤¿¤ê¡¢ @@ -4007,12 +3993,11 @@ VII. References °Ê²¼¤Î¥³¥Þ¥ó¥É¤ò»È¤Ã¤Æ¡¢ ¥×¥í¥»¥¹¥¢¥«¥¦¥ó¥Æ¥£¥ó¥°¤òÍ¸ú¤Ë¤·¤Æ¤ª¤¯É¬Í×¤¬¤¢¤ê¤Þ¤¹¡£ - &prompt.root; touch /var/account/acct + &prompt.root; touch /var/account/acct +&prompt.root; chmod 600 /var/account/acct +&prompt.root; accton /var/account/acct +&prompt.root; echo 'accounting_enable="YES"' >> /etc/rc.conf -&prompt.root; accton /var/account/acct - -&prompt.root; echo 'accounting_enable="YES"' >> /etc/rc.conf - °ìÅÙÍ¸ú¤ËÀßÄê¤¹¤ë¤È¡¢¥¢¥«¥¦¥ó¥Æ¥£¥ó¥°¤Ï¡¢ CPU ¤ÎÅý·×¡¢ ¼Â¹Ô¤µ¤ì¤¿¥³¥Þ¥ó¥É¤Î¾ðÊó¤ÎÄÉÀ×¤ò³«»Ï¤·¤Þ¤¹¡£ @@ -4033,8 +4018,7 @@ VII. References ¤¬¼Â¹Ô¤·¤¿ &man.ls.1; ¤Î»ÈÍÑ¤Ë¤Ä¤¤¤Æ¡¢µÏ¿¤µ¤ì¤Æ¤¤¤ë¤¹¤Ù¤Æ¼¨¤·¤Þ¤¹¡£ - &prompt.root; lastcomm ls - trhodes ttyp1 + &prompt.root; lastcomm ls trhodes ttyp1 Â¾¤Ë¤âÍÍÑ¤Ê¥ª¥×¥·¥ç¥ó¤¬Â¿¤¯¤¢¤ê¡¢ &man.lastcomm.1;, &man.acct.5; ¤ª¤è¤Ó &man.sa.8; @@ -4073,7 +4057,7 @@ VII. References ¥Ñ¥¹¥ï¡¼¥É¥Ç¡¼¥¿¥Ù¡¼¥¹¤ËÂÐ¤·¤Æ¤âÊÑ¹¹¤¬É¬Í×¤È¤Ê¤ê¤Þ¤¹¡£ ÀøºßÅª¤Ë¡¢¤è¤êÂ¿¤¯¤ÎÀ©¸Â¤ò²Ã¤¨¤é¤ì¤¿¥æ¡¼¥¶ÂÐ¤·¤Æ¤Ï¥é¥Ù¥ë¤ÎÄÉ²Ã¤ä¡¢ cap_mkdb - ¤ò»È¤Ã¤¿¥ê¥½¡¼¥¹¥Ç¡¼¥¿¥Ù¡¼¥¹¤Î¹½ÃÛ¡¢ + ¤ò»È¤Ã¤¿¥ê¥½¡¼¥¹¥Ç¡¼¥¿¥Ù¡¼¥¹¤ÎºÆ¹½ÃÛ¡¢ /etc/master.passwd ¤Ø¤ÎÊÑ¹¹¤¬É¬Í×¤È¤Ê¤ê¤Þ¤¹¡£ ¤µ¤é¤Ë¡¢¥Ñ¥¹¥ï¡¼¥É¥Ç¡¼¥¿¥Ù¡¼¥¹¤Ï¡¢ From owner-svn-doc-all@freebsd.org Mon Feb 26 16:36:07 2018 Return-Path: Delivered-To: svn-doc-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D3FA4F31A9A; Mon, 26 Feb 2018 16:36:07 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8595B7D2F2; Mon, 26 Feb 2018 16:36:07 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 807201DE98; Mon, 26 Feb 2018 16:36:07 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w1QGa7i7043665; Mon, 26 Feb 2018 16:36:07 GMT (envelope-from emaste@FreeBSD.org) Received: (from emaste@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w1QGa7sM043664; Mon, 26 Feb 2018 16:36:07 GMT (envelope-from emaste@FreeBSD.org) Message-Id: <201802261636.w1QGa7sM043664@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: emaste set sender to emaste@FreeBSD.org using -f From: Ed Maste Date: Mon, 26 Feb 2018 16:36:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r51447 - head/en_US.ISO8859-1/books/handbook/jails X-SVN-Group: doc-head X-SVN-Commit-Author: emaste X-SVN-Commit-Paths: head/en_US.ISO8859-1/books/handbook/jails X-SVN-Commit-Revision: 51447 X-SVN-Commit-Repository: doc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "SVN commit messages for the entire doc trees $except for " user" , " projects" , and " translations" $" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Feb 2018 16:36:08 -0000 Author: emaste (src committer) Date: Mon Feb 26 16:36:07 2018 New Revision: 51447 URL: https://svnweb.freebsd.org/changeset/doc/51447 Log: Fix command to extract multiple sets for jail creation In the example for extracting multiple distribution sets the path and case was incorrect. There's still more adjustment to be made here: not all sets are listed, and one of the unlisted ones (lib32) does not exist on all archs, but at least the example command should work. Reviewed by: gjb Approved by: gjb Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D14517 Modified: head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/jails/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Mon Feb 26 12:56:08 2018 (r51446) +++ head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Mon Feb 26 16:36:07 2018 (r51447) @@ -227,7 +227,7 @@ To install everything except the kernel: - &prompt.root; for sets in BASE PORTS; do tar -xf /mnt/FREEBSD_INSTALL/USR/FREEBSD_DIST/$sets.TXZ -C $DESTDIR ; done + &prompt.root; for set in base ports; do tar -xf /mnt/usr/freebsd-dist/$set.txz -C $DESTDIR ; done The &man.jail.8; manual page explains the procedure for building a jail: From owner-svn-doc-all@freebsd.org Tue Feb 27 09:12:42 2018 Return-Path: Delivered-To: svn-doc-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 89A4AF32FC5; Tue, 27 Feb 2018 09:12:42 +0000 (UTC) (envelope-from ryusuke@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3A0E56B140; Tue, 27 Feb 2018 09:12:42 +0000 (UTC) (envelope-from ryusuke@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 350A1619; Tue, 27 Feb 2018 09:12:42 +0000 (UTC) (envelope-from ryusuke@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w1R9Cgpd048964; Tue, 27 Feb 2018 09:12:42 GMT (envelope-from ryusuke@FreeBSD.org) Received: (from ryusuke@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w1R9CgeL048963; Tue, 27 Feb 2018 09:12:42 GMT (envelope-from ryusuke@FreeBSD.org) Message-Id: <201802270912.w1R9CgeL048963@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ryusuke set sender to ryusuke@FreeBSD.org using -f From: Ryusuke SUZUKI Date: Tue, 27 Feb 2018 09:12:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r51448 - head/ja_JP.eucJP/share/xml X-SVN-Group: doc-head X-SVN-Commit-Author: ryusuke X-SVN-Commit-Paths: head/ja_JP.eucJP/share/xml X-SVN-Commit-Revision: 51448 X-SVN-Commit-Repository: doc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "SVN commit messages for the entire doc trees $except for " user" , " projects" , and " translations" $" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Feb 2018 09:12:42 -0000 Author: ryusuke Date: Tue Feb 27 09:12:41 2018 New Revision: 51448 URL: https://svnweb.freebsd.org/changeset/doc/51448 Log: - Merge the following from the English version: r51381 -> r51424 head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml ============================================================================== --- head/ja_JP.eucJP/share/xml/news.xml Mon Feb 26 16:36:07 2018 (r51447) +++ head/ja_JP.eucJP/share/xml/news.xml Tue Feb 27 09:12:41 2018 (r51448) @@ -23,7 +23,7 @@ would like to work on. *** $FreeBSD$ - Original revision: r51381 + Original revision: r51424 --> @@ -32,6 +32,40 @@ 2018 + + 2 + + 14 + + + FreeBSD ¥×¥í¥¸¥§¥¯¥È¤Ï¡¢Google Summer of Code 2018 + ¤Ë»²²Ã¤·¤Þ¤¹ + +

FreeBSD ¥×¥í¥¸¥§¥¯¥È¤Ï Google's 2018 Summer of Code + ¥×¥í¥°¥é¥à¤Ë»²²Ã¤·¤Þ¤¹¡£ + ¤³¤ì¤Ï²Æ¤Î´Ö¤Ë¾©³Ø¶â¤òÄó¶¡¤·¡¢ + ¥ª¡¼¥×¥ó¥½¡¼¥¹¥×¥í¥¸¥§¥¯¥È¤Ë»²²Ã¤¹¤ë³ØÀ¸¤ò»Ù±ç¤¹¤ë¥×¥í¥°¥é¥à¤Ç¤¹¡£ + FreeBSD ¥×¥í¥¸¥§¥¯¥È¤Î»²²Ã¤Ïº£Ç¯¤Ç 14 Ç¯ÌÜ¤Ë¤Ê¤ê¤Þ¤¹¡£ + 2005 Ç¯¤«¤é 2017 Ç¯¤Î´Ö¤Ë¡¢ + Ä¹¤¤²Æ¤Î´ü´Ö¤Î¥³¡¼¥Ç¥£¥ó¥°¥×¥í¥¸¥§¥¯¥È¤òÄÌ¤·¤Æ + 210 ¿Í¤ò±Û¤¨¤ë³ØÀ¸¤Î»ØÆ³¤ËÀ®¸ù¤·¤Æ¤¤Þ¤·¤¿¡£

+ +

¤³¤ì¤Þ¤Ç¤ËÀ®¸ù¤·¤¿¥×¥í¥¸¥§¥¯¥È¤Ë¤Ï¡¢ + Linux ABI ¸ß´¹µ¡Ç½¤Î²þÁ±¡¢NFSv4 ACLs, TCP ¥ì¥°¥ì¥Ã¥·¥ç¥ó¥Æ¥¹¥È¡¢ + FUSE ¥Õ¥¡¥¤¥ë¥·¥¹¥Æ¥à¤Ø¤ÎÂÐ±þ¤Ê¤É¡¢ + ¤½¤ÎÂ¾¤Ë¤â¿ô¤¨ÀÚ¤ì¤Ê¤¤¥×¥í¥¸¥§¥¯¥È¤¬¤¢¤ê¤Þ¤¹¡£ + Â¿¤¯¤Î³ØÀ¸¤Ï FreeBSD ¤Î³«È¯¼Ô¤Ë¤Ê¤Ã¤¿¤ê¡¢ + FreeBSD Foundation ¤Î·ÑÂ³Åª¤Ê»Ù±ç¤òÄÌ¤¸¤Æ¡¢À¤³¦Ãæ¤Ç³«ºÅ¤µ¤ì¤Æ¤¤¤ë + FreeBSD ¤Î³«È¯¼Ô¤Î¥¤¥Ù¥ó¥È¤Ë»²²Ã¤·¤Æ¤¤¤Þ¤¹¡£

+ +

²æ¤³¤½¤Ï¡¢¤È»×¤¦Êý¤Ï¤¼¤Ò¤È¤â±þÊç¤·¤Æ¤¯¤À¤µ¤¤! + ¿½¤·¹þ¤ß¤äÄù¤áÀÚ¤ê¤Ê¤É¡¢¾ÜºÙ¤Ë¤Ä¤¤¤Æ¤Ï FreeBSD + Summer Projects ¥Ú¡¼¥¸ ¤ò¤´Í÷¤¯¤À¤µ¤¤¡£

+ + + + 1 From owner-svn-doc-all@freebsd.org Tue Feb 27 09:22:08 2018 Return-Path: Delivered-To: svn-doc-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C9D60F33C11; Tue, 27 Feb 2018 09:22:07 +0000 (UTC) (envelope-from eadler@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 76F036B6E8; Tue, 27 Feb 2018 09:22:07 +0000 (UTC) (envelope-from eadler@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5839A791; Tue, 27 Feb 2018 09:22:07 +0000 (UTC) (envelope-from eadler@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w1R9M7r8054087; Tue, 27 Feb 2018 09:22:07 GMT (envelope-from eadler@FreeBSD.org) Received: (from eadler@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w1R9M7Ns054085; Tue, 27 Feb 2018 09:22:07 GMT (envelope-from eadler@FreeBSD.org) Message-Id: <201802270922.w1R9M7Ns054085@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: eadler set sender to eadler@FreeBSD.org using -f From: Eitan Adler Date: Tue, 27 Feb 2018 09:22:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r51449 - head/en_US.ISO8859-1/htdocs/gnome X-SVN-Group: doc-head X-SVN-Commit-Author: eadler X-SVN-Commit-Paths: head/en_US.ISO8859-1/htdocs/gnome X-SVN-Commit-Revision: 51449 X-SVN-Commit-Repository: doc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "SVN commit messages for the entire doc trees $except for " user" , " projects" , and " translations" $" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Feb 2018 09:22:08 -0000 Author: eadler Date: Tue Feb 27 09:22:06 2018 New Revision: 51449 URL: https://svnweb.freebsd.org/changeset/doc/51449 Log: gnome: prefer https where possible Where URLs resolve with HTTPS, use that. For URLs in these files that are untouched I could not verify that they resolve correctly. Modified: head/en_US.ISO8859-1/htdocs/gnome/index.xsl head/en_US.ISO8859-1/htdocs/gnome/news.xml Modified: head/en_US.ISO8859-1/htdocs/gnome/index.xsl ============================================================================== --- head/en_US.ISO8859-1/htdocs/gnome/index.xsl Tue Feb 27 09:12:41 2018 (r51448) +++ head/en_US.ISO8859-1/htdocs/gnome/index.xsl Tue Feb 27 09:22:06 2018 (r51449) @@ -126,22 +126,19 @@ for how to geting stuff -->

Resources

Related Projects

Modified: head/en_US.ISO8859-1/htdocs/gnome/news.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/gnome/news.xml Tue Feb 27 09:12:41 2018 (r51448) +++ head/en_US.ISO8859-1/htdocs/gnome/news.xml Tue Feb 27 09:22:06 2018 (r51449) @@ -106,7 +106,7 @@

Presenting the MATE 1.10.0 Desktop Environment for FreeBSD. The official release notes for this release can be found at - http://mate-desktop.org/blog/2015-06-11-mate-1-10-released/

+ https://mate-desktop.org/blog/2015-06-11-mate-1-10-released/

This version of MATE is still built on the GTK+ 2 toolkit.

From owner-svn-doc-all@freebsd.org Tue Feb 27 17:10:13 2018 Return-Path: Delivered-To: svn-doc-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3B002F37DBF; Tue, 27 Feb 2018 17:10:13 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E26D08397D; Tue, 27 Feb 2018 17:10:12 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DD085572A; Tue, 27 Feb 2018 17:10:12 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w1RHAClU087404; Tue, 27 Feb 2018 17:10:12 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w1RHACfI087402; Tue, 27 Feb 2018 17:10:12 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201802271710.w1RHACfI087402@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Tue, 27 Feb 2018 17:10:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r51450 - in head: en_US.ISO8859-1/htdocs/releng share/xml X-SVN-Group: doc-head X-SVN-Commit-Author: gjb X-SVN-Commit-Paths: in head: en_US.ISO8859-1/htdocs/releng share/xml X-SVN-Commit-Revision: 51450 X-SVN-Commit-Repository: doc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "SVN commit messages for the entire doc trees $except for " user" , " projects" , and " translations" $" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Feb 2018 17:10:13 -0000 Author: gjb Date: Tue Feb 27 17:10:12 2018 New Revision: 51450 URL: https://svnweb.freebsd.org/changeset/doc/51450 Log: Belatedly add the 11.2-RELEASE schedule to the index page. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releng/index.xml head/share/xml/release.ent Modified: head/en_US.ISO8859-1/htdocs/releng/index.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releng/index.xml Tue Feb 27 09:22:06 2018 (r51449) +++ head/en_US.ISO8859-1/htdocs/releng/index.xml Tue Feb 27 17:10:12 2018 (r51450) @@ -44,15 +44,22 @@

As of 2017-10-03, the next release has not yet been announced.

Code-Freeze Status

Modified: head/share/xml/release.ent ============================================================================== --- head/share/xml/release.ent Tue Feb 27 09:22:06 2018 (r51449) +++ head/share/xml/release.ent Tue Feb 27 17:10:12 2018 (r51450) @@ -34,14 +34,14 @@ below to "IGNORE". If we do, use "INCLUDE". --> - + - - + +