This is an archive of past FreeBSD releases; it's part of the FreeBSD Documentation Archive.
| PPP - Pedantic PPP Primer | ||
|---|---|---|
| Prev | Chapter 6. Ç®¿´¤Ê³Ø½¬¼Ô¤Ø¤ÎÎý½¬ÌäÂê | |
PPP ¥×¥í¥°¥é¥à¤Ë¤Ï, PPP ·Ðͳ¤Î¥È¥é¥Õ¥£¥Ã¥¯¤ËÂФ·¤Æ, ÁªÂòŪ¤Ë¥Õ¥£¥ë¥¿¤ò¤«¤±¤ëǽÎϤ¬¤¢¤ê¤Þ¤¹. ¤³¤ì¤¬Àµ¼°¤Î¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Û¤É¥»¥¥å¥¢¡¼¤À¤È¤Ï¤È¤Æ¤â¸À¤¨¤Þ¤»¤ó¤¬, ¥ê¥ó¥¯¤Î»ÈÍѤˤĤ¤¤Æ¤¢¤ë¼ï¤Î¥¢¥¯¥»¥¹À©¸æ¤òÄ󶡤¹¤ë¤³¤È¤Ï¤Ç¤¤ë¤Î¤Ç¤¹.
(FreeBSD ¥·¥¹¥Æ¥à¤ò¤è¤ê¥»¥¥å¥¢¡¼¤Ë¤¹¤ëÊýË¡¤òÃΤꤿ¤¤Êý¤Ï 'man ipfw' ¤·¤Æ¤¯¤À¤µ¤¤)
PPP ²¼¤Ç»ÈÍѤǤ¤ëÍÍ¡¹¤Ê¥Õ¥£¥ë¥¿¤È¤½¤ÎÀ©¸æË¡¤Ë¤Ä¤¤¤Æ¤Î´°Á´¤ÊÀâÌÀ¤Ï PPP ¤Î man ¤Ë¤¢¤ê¤Þ¤¹.
PPP ¥×¥í¥°¥é¥à¤ËŬÍѤǤ¤ëÀ©¸æË¡¤Ë¤Ï»Í¤Ä¤Î¥¯¥é¥¹¤¬¤¢¤ê¤Þ¤¹.
afilter - ¥¢¥¯¥»¥¹¥«¥¦¥ó¥¿ (¤Þ¤¿¤Ï "Keep Alive") ¤Î¥Õ¥£¥ë¥¿
ÀßÄê¥Õ¥¡¥¤¥ëÃæ¤Î set timeout= ʸ¤Ë̵»ë¤µ¤ì¤ë¥¤¥Ù¥ó¥È¤Î¼ïÎà¤òÀ©¸æ¤·¤Þ¤¹.
dfilter - ¥À¥¤¥¢¥ê¥ó¥°¥Õ¥£¥ë¥¿
¥Ç¥Þ¥ó¥É¥À¥¤¥¢¥ë¥â¡¼¥É¤Î PPP ¤Ë̵»ë¤µ¤ì¤ë¥¤¥Ù¥ó¥È¤Î¼ïÎà¤òÀ©¸æ¤·¤Þ¤¹.
ifilter - ¥¤¥ó¥×¥Ã¥È¥Õ¥£¥ë¥¿
¥·¥¹¥Æ¥à¤ËÆþ¤Ã¤Æ¤¯¤ë¥Ñ¥±¥Ã¥È¤ò, ÇË´þ¤¹¤Ù¤¤â¤Î¤ÈÄ̲ᤷ¤Æ¤è¤¤¤â¤Î¤Ë»Åʬ¤±¤ë¤ä¤êÊý¤òÀ©¸æ¤·¤Þ¤¹.
ofilter - ¥¢¥¦¥È¥×¥Ã¥È¥Õ¥£¥ë¥¿
¥·¥¹¥Æ¥à¤«¤é½Ð¤Æ¤æ¤¯¥Ñ¥±¥Ã¥È¤ò, ÇË´þ¤¹¤Ù¤¤â¤Î¤ÈÄ̲ᤷ¤Æ¤è¤¤¤â¤Î¤Ë»Åʬ¤±¤ë¤ä¤êÊý¤òÀ©¸æ¤·¤Þ¤¹.
°Ê²¼¤Ï¼ÂºÝ¤Ë²ÔƯ¤·¤Æ¤¤¤ë¥ª¥Ú¥ì¡¼¥Æ¥£¥ó¥°¥·¥¹¥Æ¥à¤«¤é°ìÉôÇÒ¼Ú¤·¤ÆÍ褿¤â¤Î¤Ç¤¹. ¤³¤Î¥·¥¹¥Æ¥à¤Ï¡ÖÄ̾ï¤Î¡×¥¤¥ó¥¿¡¼¥Í¥Ã¥È¥ª¥Ú¥ì¡¼¥·¥ç¥ó¤Ë½½Ê¬¤ÊÁÇÃϤòÄ󶡤·¤Ä¤Ä, PPP ¤¬¤¹¤Ù¤Æ¤Î¥Ç¡¼¥¿¤ò¥À¥¤¥¢¥ë¥¢¥Ã¥×Àܳ±Û¤·¤Ë¤ä¤ê¼è¤ê¤¹¤ë¤³¤È¤Î¤Ê¤¤¤è¤¦¤Ë¤·¤Æ¤¤¤Þ¤¹. ³Æ¥ë¡¼¥ë¥»¥Ã¥È¤Î¥í¥¸¥Ã¥¯¤ò²òÀ⤹¤ë´Êñ¤Ê¥³¥á¥ó¥È¤ò¤Ä¤±¤Æ¤¢¤ê¤Þ¤¹.
#
# KeepAlive ¥Õ¥£¥ë¥¿
# ICMP,DNS ¤È RIP ¥Ñ¥±¥Ã¥È¤¬Î®¤ì¤Æ¤â¡ÖÄÌ¿®Ãæ¡×¤È¤Ï¤ß¤Ê¤µ¤Ê¤¤
#
set afilter 0 deny icmp
set afilter 1 deny udp src eq 53
set afilter 2 deny udp dst eq 53
set afilter 3 deny udp src eq 520
set afilter 4 deny udp dst eq 520
set afilter 5 permit 0/0 0/0
#
# ¥À¥¤¥¢¥ë¥Õ¥£¥ë¥¿
# Ãí°Õ: ¤³¤ÎÀßÄê¤Ç¤Ï ICMP ¤â¥À¥¤¥¢¥ë¥¢¥¦¥È¤Î¥È¥ê¥¬¤Ë¤Ê¤ë
#
set dfilter 0 permit 0/0 0/0
#
# ident ¥Ñ¥±¥Ã¥È¤ÎÄ̲á¤òµö²Ä¤¹¤ë
#
set ifilter 0 permit tcp dst eq 113
set ofilter 0 permit tcp src eq 113
#
# ¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Ø¤Î telnet Àܳ¤òµö²Ä¤¹¤ë
#
set ifilter 1 permit tcp src eq 23 estab
set ofilter 1 permit tcp dst eq 23
#
# ¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Ø¤Î ftp ¥¢¥¯¥»¥¹¤òµö²Ä¤¹¤ë
#
set ifilter 2 permit tcp src eq 21 estab
set ofilter 2 permit tcp dst eq 21
set ifilter 3 permit tcp src eq 20 dst gt 1023
set ofilter 3 permit tcp dst eq 20
#
# DNS ¤Ø¤ÎÌ䤤¹ç¤ï¤»¤òµö²Ä¤¹¤ë
#
set ifilter 4 permit udp src eq 53
set ofilter 4 permit udp dst eq 53
#
# DNS ¥¾¡¼¥óžÁ÷¤òµö²Ä¤¹¤ë
#
set ifilter 5 permit tcp src eq 53
set ofilter 5 permit tcp dst eq 53
#
# ¥í¡¼¥«¥ë¥Í¥Ã¥È¥ï¡¼¥¯¤«¤é / ¤Ø¤Î¥¢¥¯¥»¥¹¤òµö²Ä¤¹¤ë
#
set ifilter 6 permit 0/0 192.168.1.0/24
set ofilter 6 permit 192.168.1.0/24 0/0
#
# ping ¤È traceroute ¤Ø¤ÎÊÖÅú¤òµö²Ä¤¹¤ë
#
set ifilter 7 permit icmp
set ofilter 7 permit icmp
set ifilter 8 permit udp dst gt 33433
set ofilter 9 permit udp dst gt 33433
#
# cvsup ¤òµö²Ä¤¹¤ë
#
set ifilter 9 permit tcp src eq 5998
set ofilter 9 permit tcp dst eq 5998
set ifilter 10 permit tcp src eq 5999
set ofilter 10 permit tcp dst eq 5999
#
# »þ´Ö¤ÎƱ´ü¤Î¤¿¤á¤Ë NTP ¤òµö²Ä¤¹¤ë
#
set ifilter 11 permit tcp src eq 123 dst eq 123
set ofilter 11 permit tcp src eq 123 dst eq 123
set ifilter 12 permit udp src eq 123 dst eq 123
set ofilter 12 permit udp src eq 123 dst eq 123
#
# SMTP ¤â¤¤¤¤¤«¤â!
#
set ifilter 13 permit tcp src eq 25
set ofilter 13 permit tcp dst eq 25
#
#
# `whois` ¤ò¿ÍѤ¹¤ë¤Î¤Ç, ¤³¤ì¤âÄ̤¹
#
set ifilter 14 permit tcp src eq 43
set ofilter 14 permit tcp dst eq 43
set ifilter 15 permit udp src eq 43
set ofilter 15 permit udp dst eq 43
#
# ¾åµ¤Î¤É¤Î¥ë¡¼¥ë¤Ë¤â¥Þ¥Ã¥Á¤·¤Ê¤¤¾ì¹ç, ¥Ñ¥±¥Ã¥È¤Ï¥Ö¥í¥Ã¥¯¤µ¤ì¤ë.
#-------
¥Õ¥£¥ë¥¿¥¯¥é¥¹°ì¤Ä¤Ë¤Ä¤, 20 ¸Ä¤Þ¤Ç¤Î¥Õ¥£¥ë¥¿¥ê¥ó¥°¥ë¡¼¥ë¤òŬÍѤ¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹. ³Æ¥¯¥é¥¹¤Î¥ë¡¼¥ë¤Ï 0 ¤«¤é 20 ¤Þ¤Ç¤ÎϢ³¤·¤¿¿ô»ú¤Ç¤¢¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¤¬, ¤¢¤ë¥Õ¥£¥ë¥¿¥¯¥é¥¹¤ËÂФ¹¤ë¥ë¡¼¥ë¤Ï, ¥ë¡¼¥ë¥»¥Ã¥È '0' ¤¬ÄêµÁ¤µ¤ì¤ë¤Þ¤Ç¤Ï͸ú¤Ë¤Ê¤ê¤Þ¤»¤ó!
PPP ¤ÎÀßÄê¤Ç¥Õ¥£¥ë¥¿¥ê¥ó¥°¥ë¡¼¥ë¤ò»ÈÍѤ·¤Ê¤¤¾ì¹ç, ISP ¤Ø¤ÎÀܳÃæ¤Ï¤¹¤Ù¤Æ¤Î¥È¥é¥Õ¥£¥Ã¥¯¤¬¥·¥¹¥Æ¥à¤Ë½ÐÆþ¤ê¤¹¤ë¤³¤È¤Ë¤Ê¤ê¤Þ¤¹.
¥Õ¥£¥ë¥¿¥ê¥ó¥°¥ë¡¼¥ë¤ò»ÈÍѤ·¤¿¤¤¤Ê¤é, ¾åµ¤ÎÀßÄê¤ò /etc/ppp/ppp.conf ¥Õ¥¡¥¤¥ë¤Î "default:", "demand:", ¤Þ¤¿¤Ï "interactive:" ¥»¥¯¥·¥ç¥ó¤Î¤É¤ì¤« (¤¢¤ë¤¤¤Ï¤¹¤Ù¤Æ - Áª¤Ö¤Î¤Ï¤¢¤Ê¤¿¤Ç¤¹) ¤ËÄɲ䷤Ƥ¯¤À¤µ¤¤.