Site Navigation

Date:      Mon, 29 Mar 2021 04:23:29 +0900 (JST)
From:      WATANABE Takeo <take@kasaneiro.jp>
To:        hiroo@oikumene.net
Cc:        freebsd-users-jp@freebsd.org
Subject:   [FreeBSD-users-jp 96745] Re:  =?iso-2022-jp?b?GyRCIVYbKEJ2NhskQiVXJWklORsoQiAbJEI4R0RqGyhC?= =?iso-2022-jp?b?SVAbJEIlNSE8JVMlOSFXJEckThsoQklQSVAbJEIlSCVzJU0layROGyhC?= =?iso-2022-jp?b?GyRCQF9EaiROO0VKfRsoQg==?=
Message-ID:  <20210329.042329.1073458416831780696.take@kasaneiro.jp>
In-Reply-To: <053ea883-44d7-4902-842d-b532058b72e7@oikumene.net>
References:  <174cacff-14ec-4869-9bf4-e4425ae2f8fc@oikumene.net> <20210323.233316.247152144653522045.take@kasaneiro.jp> <053ea883-44d7-4902-842d-b532058b72e7@oikumene.net>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

----Next_Part(Mon_Mar_29_04_23_29_2021_705)--
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit

$BEOIt$G$9!#(B
$B$*@$OC$K$J$j$^$9!#(B


on Sun, 28 Mar 2021 16:13:22 +0900
Hiroo Ono <hiroo@oikumene.net> wrote: 

>> $B$H$3$m$G!$(Bgif $B%H%s%M%k$rD%$C$F$$$k>uBV$G!$(B
>>
>> dhcp6c -dD -i ixl0
>>
>> $B$N7k2L$,=PNO$5$l$J$$$N$O!$$*$+$7$$$3$H$G$7$g$&$+!#(B
> 
> DHCPv6-PD $B4D6-$r$5$o$C$?$3$H$,$J$$$N$G<ALd$J$s$G$9$,!"$3$l$G0\>y$5$l$k(B
> prefix $B$N>pJs$,=P$F$3$J$$$N$O$=$&$$$&$b$N$J$s$G$7$g$&$+(B?
> $B$=$3$,5$$K$J$C$F!"$O$?$7$F$A$c$s$HF0$$$F$$$k$N$+$o$+$i$J$/$J$C$F$7$^$C(B
> $B$F$$$^$9!#(B

dhcp6c $B$r;_$a$k$H!$(BDNS/Searh Domain/NTP $B$N>pJs$,F@$i$l$^$9$N$G!$(B
$B$=$N$h$&$J;EMM$J$N$@$+9M$($F$$$^$9!#(B

ISP$B$NC4Ev<T[)$/(BDHCPv6-PD$B$O!$(B
$B0\>y$5$l$k%"%I%l%9>pJs$O%/%i%$%"%s%HB&$+$i<h$j$K$$$+$J$$$H!$(B
(ISP$B$+$i$N@_Dj>pJs$r85$K!$(Bifconfig $B$K=q$-9~$`(B)
$B<hF@$G$-$J$$$=$&$G$9!#(B

>> $B$5$F!$8=>u$r$^$H$a$^$9$H!$0J2<$N$h$&$K$J$C$F$$$^$9!#(B
>>
>> 1.  $B%H%s%M%k$rD%$kA0(B
>>     $B!&BP8~$N(B BR $B$K$O(B ping $B$,DL$k!#(B
> 
> ping $B$,DL$j$^$9$+(B? ping6 $B$G$J$/(B?

ping6 $B$N4V0c$$$G$9!#$9$_$^$;$s!#(B

>> 2.  $B%H%s%M%k$rD%$j!$(Blo0 $B$K(B v4 $B%"%I%l%9$r3d$jEv$F$?8e(B
>>     $B!&(Bv4 $B$G!$(B8.8.8.8 $B$K(B ping $B$,DL$k!#(B
> 
> $B$3$l$O%k!<%?!<$K$7$F$$$k%[%9%H$+$i$H$$$&$3$H$G$"$C$F$$$^$9$+(B?

$B$O$$!$$=$&$G$9!#(B

$B$J$*!$$$$^$O$^$?(Bv4$B$GABDL$,$G$-$J$/$J$j$^$7$?!#(B

>> 3. dhcp6c, rtarvd, unbound, dhcpd $B$r:F5/F0!#(B
>>     $B!&(Bping6 www.google.com $B$,DL$k!#(B
> 
> $B$3$l$O%k!<%?!<$K$7$F$$$k%[%9%H$+$i$G$9$+(B? LAN$BFb$N$[$+$N%[%9%H$+$i$bDL(B
> $B$j$^$9$+(B?

$B$O$$!$$=$&$G$9!#(BLAN$BFb$N$[$+$N%[%9%H$+$i$OABDL$G$-$^$;$s!#(B

> dhcpd $B$O(B v4 $B$N!J%W%i%$%Y!<%H!K%"%I%l%9$rG[$k@_Dj$H$$$&$3$H$G$"$C$F$$$^(B
> $B$9$+(B?

$B$O$$!#(BOpenBSD dhcpd /usr/ports/net/dhcpd $B$H$$$&$b$N$r;H$C$F$$$^$9!#(B

>> pf $B$O!$<!$N9T$,9=J8%(%i!<(B(?) rule expands to no valid conbinations $B$G!$(B
>> $B5/F0$G$-$^$;$s!#(B
>>
>> net log on $wan inet from ! $wan to any -> ($wan)
>>
>> $B$3$l$O7o$N5-;vDL$j$J$N$G!$$I$&D>$;$P$h$$$N$G$7$g$&$+!#(B
>> $B$^$?!$(Bpf $B$,F0$+$J$$$H!$(BLAN$B$X$O(B v6 $B$N%"%I%l%9$J$I$,9-9p$5$l$J$$$N$G$9$M!#(B
> 
> pf $B$O;H$C$F$$$J$$$N$G!"$9$_$^$;$s$,A4A3$o$+$j$^$;$s!#$3(B
> ipfw $B$GNI$1$l$P$?$V$sF1Ey$N%k!<%k$r$I$&=q$1$P$h$$$+$O=P$;$k$H;W$$$^$9(B
> $B$,!#(B

$B8=:_$N(B pf.conf $B$N@_Dj$OE:IU$N$H$*$j$G$9!#(B
$B$*<j?t$r$*$+$1$7$^$9$,!$(Bipfw $B$N@_Dj;vNc$r=q$$$FD:$1$^$;$s$G$7$g$&$+!#(B

$B$I$&$+!$59$7$/$*4j$$CW$7$^$9!#(B

---
WATANABE, Takeo
take@kasaneiro.jp



----Next_Part(Mon_Mar_29_04_23_29_2021_705)--
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; filename="pf.conf"

wan = "ixl0"
lan = "ixl1"

scrub inall

# IPv4 NAT
nat on $wan inet from 192.168.131.64/27 to any -> 106.185.148.119/32

# Block and log add packets from outside
block in log all

# Allow Local loop back
set skip on lo0

# Allow DHCP6
pass in log on $wan inet6 proto udp from any to ($wan) port dhcpv6-client keep state
pass out log on $wan inet6 proto udp from any to ($wan) port dhcpv6-server keep state

pass log inet6 proto icmp6 all icmp6-type {neighbradv, neighbrsol, routersol, routeradv}

# allow DNS packets
pass in log on $wan inet6 proto tcp from any to ($wan) port 53
pass in log on $wan inet6 proto udp from any to ($wan) port 53
pass in log on $wan inet proto tcp from any to ($wan) port 53
pass in log on $wan inet proto udp from any to ($wan) port 53

# Allow all packets to go out, snd keep state of them
pass out all keep state

# Allow SSH packets
pass in log on $wan inet proto tcp from any to 106.185.148.119 port 2222 
pass out log on $lan inet proto tcp from 192.168.131.64/27 to 106.185.148.119 port 2222

----Next_Part(Mon_Mar_29_04_23_29_2021_705)----

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20210329.042329.1073458416831780696.take>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact