svn commit: r47749 - head/ja_JP.eucJP/books/handbook/security

Ryusuke SUZUKI ryusuke at FreeBSD.org
Fri Nov 6 15:50:27 UTC 2015 

Author: ryusuke
Date: Fri Nov  6 15:50:25 2015
New Revision: 47749
URL: https://svnweb.freebsd.org/changeset/doc/47749

Log:
  - Merge the following from the English version:
  
  	r15428 -> r15536	head/ja_JP.eucJP/books/handbook/security/chapter.xml

Modified:
  head/ja_JP.eucJP/books/handbook/security/chapter.xml

Modified: head/ja_JP.eucJP/books/handbook/security/chapter.xml
==============================================================================
--- head/ja_JP.eucJP/books/handbook/security/chapter.xml	Fri Nov  6 15:43:29 2015	(r47748)
+++ head/ja_JP.eucJP/books/handbook/security/chapter.xml	Fri Nov  6 15:50:25 2015	(r47749)
@@ -3,7 +3,7 @@
      The FreeBSD Documentation Project
      The FreeBSD Japanese Documentation Project
 
-     Original revision: r15428
+     Original revision: r15536
      Translation note: "fs-acl" section added in rev.1.118 is moved to
 	handbook/basics in rev.1.134 and moved back to this file in
 	rev.1.150. The traslation is already done in handbook/basics, so we
@@ -2293,9 +2293,32 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
 	¡Ö¥«¡¼¥Í¥ë¤Î¥³¥ó¥Õ¥£¥°¥ì¡¼¥·¥ç¥ó¡×(<xref linkend="kernelconfig"/>)
 	¤ò¤´Í÷¤¯¤À¤µ¤¤¡£</para>
 
+      <warning>
+	<para>IPFW ¤Î¥Ç¥Õ¥©¥ë¥È¤Î¥Ý¥ê¥·¡¼¤Ï <literal>deny ip from any to
+	  any</literal> ¤Ç¤¹¡£
+	  ¥¹¥¿¡¼¥È¥¢¥Ã¥×»þ¤Ë¥¢¥¯¥»¥¹¤òµö²Ä¤¹¤ë¤è¤¦¤Ê¥ë¡¼¥ë¤òÄɲ䷤Ƥ¤¤Ê¤¤¤È¡¢
+	  ¥µ¡¼¥Ð¤¬¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤ÎÍ­¸ú¤Ê¥«¡¼¥Í¥ë¤ÇºÆµ¯Æ°¤·¤¿¸å¡¢
+	  <emphasis>¼«Ê¬¼«¿È¤ò¥í¥Ã¥¯¥¢¥¦¥È</emphasis> ¤·¤Æ¤·¤Þ¤¤¤Þ¤¹¡£
+	  ¤³¤Îµ¡Ç½¤ò½é¤á¤Æ»È¤¦¤È¤­¤Ë¤Ï¡¢
+	  <filename>/etc/rc.conf</filename> ¥Õ¥¡¥¤¥ë¤Ë¤ª¤¤¤Æ¡¢
+	  <literal>firewall_type=open</literal> ¤ÈÀßÄꤹ¤ë¤ÈÎɤ¤¤Ç¤·¤ç¤¦¡£
+	  ¿·¤·¤¤¥«¡¼¥Í¥ë¤Îµ¡Ç½¤¬Å¬Àڤ˵¡Ç½¤·¤Æ¤¤¤ë¤³¤È¤ò³Îǧ¸å¡¢
+	  <filename>/etc/rc.firewall</filename>
+	  ¤Î¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Î¥ë¡¼¥ë¤òÀßÄꤷ¤Æ¤¯¤À¤µ¤¤¡£
+	  ¤â¤·¤â¤Î¤È¤­¤Î¤¿¤á¤Ë¡¢
+	  ºÇ½é¤Î¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤ÎÀßÄê¤ò <application>ssh</application>
+	  ¤Ç¤Ï¤Ê¤¯¡¢¥í¡¼¥«¥ë¤Î¥³¥ó¥½¡¼¥ë¤Ç¹Ô¤¦¤ÈÎɤ¤¤Ç¤·¤ç¤¦¡£
+	  ¾¤ÎÊýË¡¤Ï¡¢¥«¡¼¥Í¥ë¤ò <literal>IPFIREWALL</literal> ¤ª¤è¤Ó
+	  <literal>IPFIREWALL_DEFAULT_TO_ACCEPT</literal>
+	  ¥ª¥×¥·¥ç¥ó¤Ç¹½ÃÛ¤¹¤ë¤³¤È¤Ç¤¹¡£
+	  ¤³¤ì¤Ë¤è¤ê IPFW ¤Î¥Ç¥Õ¥©¥ë¥È¥ë¡¼¥ë¤Ï¡¢
+	  <literal>allow ip from any to any</literal> ¤È¤Ê¤ê¡¢
+	  ¥í¥Ã¥¯¥¢¥¦¥È¤Î²ÄǽÀ­¤¬Ä㤯¤Ê¤ê¤Þ¤¹¡£</para>
+      </warning>
+
       <para>¸½ºß¡¢IPFW
 	¤Ë´Ø·¸¤¹¤ë¥«¡¼¥Í¥ë¥³¥ó¥Õ¥£¥°¥ì¡¼¥·¥ç¥ó¥ª¥×¥·¥ç¥ó¤Ï
-	»°¤Ä¤¢¤ê¤Þ¤¹¡£</para>
+	4 ¤Ä¤¢¤ê¤Þ¤¹¡£</para>
 
       <variablelist>
 	<varlistentry><term><literal>options IPFIREWALL</literal></term>
@@ -2340,6 +2363,26 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
 	      ¥í¥°¼è¤ê¤ò³¹Ô¤·¤¿¤¤¥Á¥§¡¼¥ó¥¨¥ó¥È¥ê¤ÎÈÖ¹æ¤Ç¤¹¡£</para>
 	  </listitem>
 	</varlistentry>
+
+	<varlistentry>
+	  <term><literal>options IPFIREWALL_DEFAULT_TO_ACCEPT</literal></term>
+
+	  <listitem>
+	    <para>¤³¤Î¥ª¥×¥·¥ç¥ó¤Ï¡¢¥Ç¥Õ¥©¥ë¥È¤Î¥ë¡¼¥ë¤ò <quote>deny</quote>
+	      ¤«¤é <quote>allow</quote> ¤Ø¤ÈÊѹ¹¤·¤Þ¤¹¡£
+	      ¤³¤Î¥ª¥×¥·¥ç¥ó¤ò»ØÄꤹ¤ë¤³¤È¤Ç¡¢
+	      ¥«¡¼¥Í¥ë¤Ë <literal>IPFIREWALL</literal>
+	      ¤Î¥µ¥Ý¡¼¥È¤òÁȤ߹þ¤ó¤À¸å¡¢¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤òÀßÄꤷ¤Æ¤¤¤Ê¤¯¤È¤â¡¢
+	      ¼«Ê¬¼«¿È¤ò¥í¥Ã¥¯¤·¤Æ¤·¤Þ¤¦¤³¤È¤òÈò¤±¤é¤ì¤Þ¤¹¡£
+	      ¤¢¤ëÆÃÄê¤ÎÌäÂê¤ò¥Õ¥£¥ë¥¿¥ê¥ó¥°¤¹¤ë¤¿¤á¤Ë
+	      &man.ipfw.8; ¤òÎɤ¯»È¤¦¤Î¤Ç¤¢¤ì¤Ð¡¢
+	      ¤³¤Î¥ª¥×¥·¥ç¥ó¤ÏÈó¾ï¤ËÍ­ÍѤǤ¹¡£
+	      ¤³¤Î¥ª¥×¥·¥ç¥ó¤Ï¡¢¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤ò³«¤­¡¢
+	      ¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Î¿¶¤ëÉñ¤¤¤ò¤³¤ì¤Þ¤Ç¤ÈÊѤ¨¤Æ¤·¤Þ¤¦¤Î¤Ç¡¢
+	      Ãí°Õ¿¼¤¯»È¤Ã¤Æ¤¯¤À¤µ¤¤¡£</para>
+
+	  </listitem>
+	</varlistentry>
       </variablelist>
 
       <note><para>°ÊÁ°¤Î¥Ð¡¼¥¸¥ç¥ó¤Î FreeBSD ¤Ï

More information about the svn-doc-head mailing list