svn commit: r47786 - head/ja_JP.eucJP/books/handbook/security
Ryusuke SUZUKI
ryusuke at FreeBSD.org
Mon Nov 16 12:33:14 UTC 2015
Author: ryusuke
Date: Mon Nov 16 12:33:12 2015
New Revision: 47786
URL: https://svnweb.freebsd.org/changeset/doc/47786
Log:
- Merge the following from the English version:
r15536 -> r17060 head/ja_JP.eucJP/books/handbook/security/chapter.xml
Modified:
head/ja_JP.eucJP/books/handbook/security/chapter.xml
Modified: head/ja_JP.eucJP/books/handbook/security/chapter.xml
==============================================================================
--- head/ja_JP.eucJP/books/handbook/security/chapter.xml Sun Nov 15 17:53:50 2015 (r47785)
+++ head/ja_JP.eucJP/books/handbook/security/chapter.xml Mon Nov 16 12:33:12 2015 (r47786)
@@ -3,7 +3,7 @@
The FreeBSD Documentation Project
The FreeBSD Japanese Documentation Project
- Original revision: r15536
+ Original revision: r17060
Translation note: "fs-acl" section added in rev.1.118 is moved to
handbook/basics in rev.1.134 and moved back to this file in
rev.1.150. The traslation is already done in handbook/basics, so we
@@ -23,7 +23,7 @@
<para><emphasis>Ìõ: &a.jp.hino;¡¢(jpman ¥×¥í¥¸¥§¥¯¥È¤ÎÀ®²Ì¤òÍøÍѤµ¤»
¤Æ¤¤¤¿¤À¤¤Þ¤·¤¿)¡£</emphasis></para>
- <sect1>
+ <sect1 xml:id="security-synopsis">
<title>¤³¤Î¾Ï¤Ç¤Ï</title>
<para>¤³¤Î¾Ï¤Ç¤Ï¡¢´ðËÜŪ¤Ê¥·¥¹¥Æ¥à¥»¥¥å¥ê¥Æ¥£¤Î¹Í¤¨Êý¡¢
@@ -54,8 +54,7 @@
</listitem>
<listitem>
- <para>ÂåÂØǧ¾Ú¥·¥¹¥Æ¥à¤Ç¤¢¤ë¡¢
- ¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥Éǧ¾Ú¥·¥¹¥Æ¥à S/Key ¤ÎÀßÄêÊýË¡</para>
+ <para>¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥Éǧ¾Ú¤ÎÀßÄêÊýË¡</para>
</listitem>
<listitem>
@@ -305,7 +304,11 @@
</sect1>
<sect1 xml:id="securing-freebsd">
- <title>FreeBSD¤Î°ÂÁ´À¤ò¹â¤á¤ë</title>
+ <title>FreeBSD ¤Î°ÂÁ´À¤ò¹â¤á¤ë</title>
+ <indexterm>
+ <primary>¥»¥¥å¥ê¥Æ¥£</primary>
+ <secondary>FreeBSD ¤Î°ÂÁ´À¤ò¹â¤á¤ë</secondary>
+ </indexterm>
<note>
<title>¥³¥Þ¥ó¥ÉÂÐ¥×¥í¥È¥³¥ë</title>
@@ -1134,12 +1137,12 @@
</sect2>
</sect1>
- <sect1 xml:id="skey">
- <title>S/Key</title>
- <indexterm><primary>S/Key</primary></indexterm>
+ <sect1 xml:id="one-time-passwords">
+ <title>¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É</title>
+ <indexterm><primary>¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É</primary></indexterm>
<indexterm>
<primary>¥»¥¥å¥ê¥Æ¥£</primary>
- <secondary>S/Key</secondary>
+ <secondary>¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É</secondary>
</indexterm>
<para>S/Key ¤Ï°ìÊý¸þ¥Ï¥Ã¥·¥å´Ø¿ô¤ò´ð¤Ë¤·¤¿¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥ÉÊý¼°
@@ -1150,11 +1153,11 @@
Communications Research, Inc. ¤ÎÅÐÏ¿¾¦É¸¤Ç¤¹¡£</para>
<para>FreeBSD ¥Ð¡¼¥¸¥ç¥ó 5.0 °Ê¹ß¤Ç¤Ï¡¢S/Key
- ¤Ïµ¡Ç½Åª¤ËƱÅù¤Ê OPIE (Onetime Passwords In Everything)
+ ¤Ïµ¡Ç½Åª¤ËƱÅù¤Ê OPIE (One-time Passwords In Everything)
¤ÇÃÖ¤´¹¤¨¤é¤ì¤Þ¤·¤¿¡£OPIE ¤Ï¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï
MD5 ¥Ï¥Ã¥·¥å¤ò»ÈÍѤ·¤Þ¤¹¡£</para>
- <para>°Ê²¼¤ÎÀâÌÀ¤Ç¤Ï¡¢»°¼ïÎà¤Î°Û¤Ê¤ë¡Ö¥Ñ¥¹¥ï¡¼¥É¡×¤¬»È¤ï¤ì¤Þ¤¹¡£
+ <para>¤³¤³¤Ç¤Ï¡¢»°¼ïÎà¤Î°Û¤Ê¤ë¡Ö¥Ñ¥¹¥ï¡¼¥É¡×¤Ë¤Ä¤¤¤ÆÀâÌÀ¤·¤Þ¤¹¡£
¤Þ¤º°ì¤ÄÌܤϡ¢¤¢¤Ê¤¿¤¬ÉáÃʻȤäƤ¤¤ëÉáÄ̤Î
Unix ¥¹¥¿¥¤¥ë¤Î¡¢¤â¤·¤¯¤Ï Kerberos
¤Î¥Ñ¥¹¥ï¡¼¥É¤Ç¤¹¡£¤³¤³¤Ç¤Ï¤³¤ì¤ò
@@ -1476,11 +1479,13 @@ Last login: Tue Mar 21 11:56:41 from 10.
<sect2>
<title>Ê£¿ô¤Î¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É¤òÀ¸À®¤¹¤ë</title>
- <para>ÅÔ¹ç¤Ë¤è¤Ã¤Æ¤Ï¡¢¿®Íê¤Ç¤¤ë¥Þ¥·¥ó¤ä¿®Íê¤Ç¤¤ëÄÌ¿®Ï©¤¬°ìÀÚ³Î
- ÊݤǤ¤Ê¤¤¤è¤¦¤Ê¤È¤³¤í¤Ç S/Key ¤ò»È¤¦É¬Íפ¬¤¢¤ë¤Ç¤·¤ç¤¦¡£¤³¤Î
- ¤è¤¦¤Ê¾ì¹ç¤Ë¤Ï¡¢<command>key</command> ¥³¥Þ¥ó¥É¤ò»È¤Ã¤ÆÊ£¿ô¤Î
- ¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É¤ò¤¢¤é¤«¤¸¤á°ìµ¤¤ËÀ¸À®¤·¡¢»æ¤Ë°õºþ¤·¤Æ·ÈÂÓ
- ¤·¤Æ¤¤¤¯¤³¤È¤¬¤Ç¤¤Þ¤¹¡£¤¿¤È¤¨¤Ð</para>
+ <para>ÅÔ¹ç¤Ë¤è¤Ã¤Æ¤Ï¡¢
+ ¿®Íê¤Ç¤¤ë¥Þ¥·¥ó¤ä¿®Íê¤Ç¤¤ëÄÌ¿®Ï©¤¬°ìÀÚ³ÎÊݤǤ¤Ê¤¤¤è¤¦¤Ê¤È¤³¤í¤Ç
+ S/Key ¤ò»È¤¦É¬Íפ¬¤¢¤ë¤Ç¤·¤ç¤¦¡£
+ ¤³¤Î¤è¤¦¤Ê¾ì¹ç¤Ë¤Ï¡¢<command>key</command> ¤ª¤è¤Ó
+ <command>opiekey</command>
+ ¥³¥Þ¥ó¥É¤ò»È¤Ã¤ÆÊ£¿ô¤Î¥ï¥ó¥¿¥¤¥à¥Ñ¥¹¥ï¡¼¥É¤ò¤¢¤é¤«¤¸¤á°ìµ¤¤ËÀ¸À®¤·¡¢
+ »æ¤Ë°õºþ¤·¤Æ·ÈÂÓ¤·¤Æ¤¤¤¯¤³¤È¤¬¤Ç¤¤Þ¤¹¡£¤¿¤È¤¨¤Ð</para>
<screen>&prompt.user; <userinput>key -n 5 30 zz99999</userinput>
Reminder - Do not use this program while logged in via telnet or rlogin.
@@ -1491,6 +1496,18 @@ Enter secret password: <userinput><Èë
29: COT MASH BARR BRIM NAN FLAG
30: CAN KNEE CAST NAME FOLK BILK</screen>
+ <para>OPIE ¤Î¾ì¹ç¤Ë¤Ï°Ê²¼¤Î¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£</para>
+
+ <screen>&prompt.user; <userinput>opiekey -n 5 30 zz99999</userinput>
+Using the MD5 algorithm to compute response.
+Reminder: Don't use opiekey from telnet or dial-in sessions.
+Enter secret pass phrase: <userinput><secret password></userinput>
+26: JOAN BORE FOSS DES NAY QUIT
+27: LATE BIAS SLAY FOLK MUCH TRIG
+28: SALT TIN ANTI LOON NEAL USE
+29: RIO ODIN GO BYE FURY TIC
+30: GREW JIVE SAN GIRD BOIL PHI</screen>
+
<para><option>-n 5</option> ¤È¤¤¤¦°ú¿ô¤Ë¤è¤Ã¤Æ 5 ¸Ä¤Î¥ï¥ó¥¿¥¤¥à
¥Ñ¥¹¥ï¡¼¥É¤ò½ç¤ËÀ¸À®¤·¤Þ¤¹¡£¤³¤³¤Ç <option>30</option> ¤Ï¡¢ºÇ
¸å¤Î¥·¡¼¥±¥ó¥¹ÈÖ¹æ¤È¤Ê¤ë¤Ù¤¿ô»ú¤Ç¤¹¡£½ÐÎϤÏÉáÄ̤˻Ȥ¦½çÈ֤ȤÏ
@@ -1508,27 +1525,31 @@ Enter secret password: <userinput><Èë
<sect2>
<title>Unix ¥Ñ¥¹¥ï¡¼¥É¤ÎÍøÍѤòÀ©¸Â¤¹¤ë</title>
- <para>ÀßÄê¥Õ¥¡¥¤¥ë <filename>/etc/skey.access</filename>
- ¤ò»È¤Ã¤Æ Unix ¥Ñ¥¹¥ï¡¼¥É¤ÎÍøÍѤòÀ©¸Â¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
- ¤³¤Î¾ì¹ç¤ÎȽ
- ÃÇ´ð½à¤È¤·¤Æ¡¢¥í¥°¥¤¥ó¤ò¼õ¤±ÉÕ¤±¤ëºÝ¤Î¥Û¥¹¥È̾¡¢¥æ¡¼¥¶Ì¾¡¢Ã¼Ëö
- ¤Î¥Ý¡¼¥È¡¢IP ¥¢¥É¥ì¥¹¤Ê¤É¤¬ÍøÍѤǤ¤Þ¤¹¡£¤³¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤Î¾Ü
- ºÙ¤Ë´Ø¤·¤Æ¤Ï¥Þ¥Ë¥å¥¢¥ë &man.skey.access.5; ¤ò¤´Í÷¤¯¤À¤µ¤¤¡£¥Þ
- ¥Ë¥å¥¢¥ë¤Ë¤Ï¤³¤Îµ¡Ç½¤Ë´Ø¤ï¤ë¥»¥¥å¥ê¥Æ¥£¤Ë¤Ä¤¤¤Æ¡¢¤¤¤¯¤Ä¤«¤Î·Ù
- ¹ð¤¬µ½Ò¤·¤Æ¤¢¤ê¤Þ¤¹¡£¤³¤Îµ¡Ç½¤ò»È¤Ã¤Æ¥»¥¥å¥ê¥Æ¥£¤ò¹â¤á¤è¤¦¤È
- ¤¹¤ë¤Î¤Ê¤é¤ÐÀäÂФˤ³¤Î¥Þ¥Ë¥å¥¢¥ë¤òÆɤó¤Ç¤¯¤À¤µ¤¤¡£</para>
-
- <para>¤â¤· <filename>/etc/skey.access</filename> ¥Õ¥¡¥¤¥ë¤¬Â¸ºß
- ¤·¤Ê¤¤¤Ê¤é¤Ð (FreeBSD ¤Î¥Ç¥Õ¥©¥ë¥È¾õÂ֤ǤϤ½¤¦¤Ç¤¹)¡¢¤¹¤Ù¤Æ¤Î
- ¥æ¡¼¥¶¤¬ Unix ¥Ñ¥¹¥ï¡¼¥É¤òÍøÍѤ¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£µÕ¤Ë¡¢¤â¤·
- ¥Õ¥¡¥¤¥ë¤¬Â¸ºß¤¹¤ë¤Ê¤é¤Ð¡¢<filename>skey.access</filename> ¥Õ¥¡
- ¥¤¥ë¤ËÌÀ¼¨Åª¤Ëµ½Ò¤µ¤ì¤Æ¤¤¤Ê¤¤¸Â¤ê¡¢¤¹¤Ù¤Æ¤Î¥æ¡¼¥¶¤Ï S/Key ¤Î
- ÍøÍѤòÍ׵ᤵ¤ì¤Þ¤¹¡£¤É¤Á¤é¤Î¾ì¹ç¤Ë¤ª¤¤¤Æ¤â¡¢¤½¤Î¥Þ¥·¥ó¤Î¥³¥ó¥½¡¼
- ¥ë¤«¤é¤Ï¤¤¤Ä¤Ç¤â Unix ¥Ñ¥¹¥ï¡¼¥É¤ò»È¤Ã¤Æ¥í¥°¥¤¥ó¤¹¤ë¤³¤È¤¬²Äǽ
- ¤Ç¤¹¡£</para>
+ <para>S/Key ¤Ï¡¢¥í¥°¥¤¥ó¤ò¼õ¤±ÉÕ¤±¤ëºÝ¤Î¥Û¥¹¥È̾¡¢¥æ¡¼¥¶Ì¾¡¢
+ üËö¤Î¥Ý¡¼¥È¡¢IP ¥¢¥É¥ì¥¹¤Ê¤É¤òÍøÍѤ·¤Æ¡¢
+ Unix ¥Ñ¥¹¥ï¡¼¥É¤ÎÍøÍѤòÀ©¸Â¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
+ ÀßÄê¥Õ¥¡¥¤¥ë <filename>/etc/skey.access</filename> ¤Ë¡¢
+ À©¸Â¤¬µºÜ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
+ ¤³¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤Î¾ÜºÙ¤Ë´Ø¤·¤Æ¤Ï¥Þ¥Ë¥å¥¢¥ë &man.skey.access.5;
+ ¤ò¤´Í÷¤¯¤À¤µ¤¤¡£
+ ¥Þ¥Ë¥å¥¢¥ë¤Ë¤Ï¤³¤Îµ¡Ç½¤Ë´Ø¤ï¤ë¥»¥¥å¥ê¥Æ¥£¤Ë¤Ä¤¤¤Æ¡¢
+ ¤¤¤¯¤Ä¤«¤Î·Ù¹ð¤¬µ½Ò¤·¤Æ¤¢¤ê¤Þ¤¹¡£
+ ¤³¤Îµ¡Ç½¤ò»È¤Ã¤Æ¥»¥¥å¥ê¥Æ¥£¤ò¹â¤á¤è¤¦¤È¤¹¤ë¤Î¤Ê¤é¤Ð¡¢
+ ÀäÂФˤ³¤Î¥Þ¥Ë¥å¥¢¥ë¤òÆɤó¤Ç¤¯¤À¤µ¤¤¡£</para>
+
+ <para>¤â¤· <filename>/etc/skey.access</filename>
+ ¥Õ¥¡¥¤¥ë¤¬Â¸ºß¤·¤Ê¤¤¤Ê¤é¤Ð (FreeBSD 4.x
+ ¤Î¥Ç¥Õ¥©¥ë¥È¾õÂ֤ǤϤ½¤¦¤Ç¤¹)¡¢¤¹¤Ù¤Æ¤Î¥æ¡¼¥¶¤¬ Unix
+ ¥Ñ¥¹¥ï¡¼¥É¤òÍøÍѤ¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
+ µÕ¤Ë¡¢¤â¤·¥Õ¥¡¥¤¥ë¤¬Â¸ºß¤¹¤ë¤Ê¤é¤Ð¡¢
+ <filename>skey.access</filename>
+ ¥Õ¥¡¥¤¥ë¤ËÌÀ¼¨Åª¤Ëµ½Ò¤µ¤ì¤Æ¤¤¤Ê¤¤¸Â¤ê¡¢¤¹¤Ù¤Æ¤Î¥æ¡¼¥¶¤Ï S/Key
+ ¤ÎÍøÍѤòÍ׵ᤵ¤ì¤Þ¤¹¡£¤É¤Á¤é¤Î¾ì¹ç¤Ë¤ª¤¤¤Æ¤â¡¢
+ ¤½¤Î¥Þ¥·¥ó¤Î¥³¥ó¥½¡¼¥ë¤«¤é¤Ï¤¤¤Ä¤Ç¤â Unix
+ ¥Ñ¥¹¥ï¡¼¥É¤ò»È¤Ã¤Æ¥í¥°¥¤¥ó¤¹¤ë¤³¤È¤¬²Äǽ¤Ç¤¹¡£</para>
- <para>°Ê²¼¤Ë¤è¤¯»È¤ï¤ì¤ë¤Ç¤¢¤í¤¦»°¼ïÎà¤ÎÀßÄê¤ò´Þ¤àÀßÄê¥Õ¥¡¥¤¥ë¤Î
- Îã¤ò¼¨¤·¤Þ¤¹¡£</para>
+ <para>°Ê²¼¤Ë¤è¤¯»È¤ï¤ì¤ë¤Ç¤¢¤í¤¦»°¼ïÎà¤ÎÀßÄê¤ò´Þ¤àÀßÄê¥Õ¥¡¥¤¥ë
+ <filename>skey.access</filename> ¤ÎÎã¤ò¼¨¤·¤Þ¤¹¡£</para>
<programlisting>permit internet 192.168.0.0 255.255.0.0
permit user fnord
@@ -1557,8 +1578,28 @@ permit port ttyd0</programlisting>
<para>»°¹ÔÌÜ (<literal>permit port</literal>) ¤Ë¤è¤Ã¤Æ¡¢¤¢¤ëÆÃÄê
¤ÎüËö¥Ý¡¼¥È¤«¤é¥í¥°¥¤¥ó¤·¤è¤¦¤È¤¹¤ë¤¹¤Ù¤Æ¤Î¥æ¡¼¥¶¤ËÂФ·¤Æ
Unix ¥Ñ¥¹¥ï¡¼¥É¤ÎÍøÍѤòµö²Ä¤¹¤ë¤è¤¦¤Ë»ØÄꤷ¤Æ¤¤¤Þ¤¹¡£¤³¤ÎÀßÄê
- ¤Ï¥À¥¤¥ä¥ë¥¢¥Ã¥×²óÀþ¤ËÂФ¹¤ëÀßÄê¤È¤·¤ÆÍøÍѤǤ¤ë¤Ç¤·¤ç¤¦¡£
- </para>
+ ¤Ï¥À¥¤¥ä¥ë¥¢¥Ã¥×²óÀþ¤ËÂФ¹¤ëÀßÄê¤È¤·¤ÆÍøÍѤǤ¤ë¤Ç¤·¤ç¤¦¡£</para>
+
+ <para>OPIE ¤Ï S/Key ¤¬¹Ô¤¦¤è¤¦¤Ê¡¢¥í¥°¥¤¥ó¥»¥Ã¥·¥ç¥ó¤Î IP
+ ¥¢¥É¥ì¥¹¤ò¥Ù¡¼¥¹¤È¤·¤¿ Unix ¥Ñ¥¹¥ï¡¼¥É¤Î»ÈÍѤòÀ©¸Â¤Ç¤¤Þ¤¹¡£
+ ´ØÏ¢¥Õ¥¡¥¤¥ë¤Ï¡¢<filename>/etc/opieaccess</filename> ¤Ç¤¹¡£
+ FreeBSD 5.0 °Ê¹ß¤Î¥·¥¹¥Æ¥à¤Ç¤Ï¥Ç¥ª¥Õ¥©¥ë¥È¤ÇÍÑ°Õ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
+ ¤³¤Î¥Õ¥¡¥¤¥ë¤Î¾ÜºÙ¤ä¡¢
+ ¤³¤Î¥Õ¥¡¥¤¥ë¤ò»ÈÍѤ¹¤ëºÝ¤Ë¹Íθ¤¹¤Ù¤¥»¥¥å¥ê¥£¤Ë¤Ä¤¤¤Æ¤Ï
+ &man.opieaccess.5; ¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+
+ <para>°Ê²¼¤Ï <filename>opieaccess</filename> ¥Õ¥¡¥¤¥ë¤ÎÎã¤Ç¤¹¡£</para>
+
+ <programlisting>permit 192.168.0.0 255.255.0.0</programlisting>
+
+ <para>¤³¤Î¹Ô¤Ç¤Ï¡¢(¤Ê¤ê¤¹¤Þ¤·¤µ¤ì¤ä¤¹¤¤) IP ¥½¡¼¥¹¥¢¥É¥ì¥¹¤¬¡¢
+ ¤¢¤ëÃͤä¥Þ¥¹¥¯¤Ë¥Þ¥Ã¥Á¤¹¤ë¥æ¡¼¥¶¤ËÂФ·¤Æ¡¢
+ Unix ¥Ñ¥¹¥ï¡¼¥É¤ò¤¤¤Ä¤Ç¤âµö²Ä¤·¤Þ¤¹¡£</para>
+
+ <para>¤â¤· <filename>opieaccess</filename>
+ ¤Î¤É¤Î¥ë¡¼¥ë¤Ë¤â°ìÃפ·¤Ê¤±¤ì¤Ð¡¢
+ ¥Ç¥Õ¥©¥ë¥È¤Ç¤ÏÈó OPIE ¥í¥°¥¤¥ó¤Ï»È¤¨¤Þ¤»¤ó¡£</para>
+
</sect2>
</sect1>
@@ -2137,10 +2178,12 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
<para>¸½ºß¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ÇÉáÄ̤˻ÈÍѤµ¤ì¤Æ¤¤¤ë
¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Ë¤Ï Æó¤Ä¤Î°Û¤Ê¤ë¥¿¥¤¥×¤¬¤¢¤ê¤Þ¤¹¡£°ì¤Ä¤Ï¡¢
¸·Ì©¤Ë¤Ï <emphasis> ¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿¥ê¥ó¥°¥ë¡¼¥¿ </emphasis>
- ¤È ¸Æ¤Ð¤ì¤ë¥¿¥¤¥×¤Î¤â¤Î¤Ç¤¹¡£¤³¤ì¤Ï¥Þ¥ë¥Á¥Û¡¼¥à¤Î¥Û¥¹¥È¥Þ¥·¥ó
- (Ê£¿ô¤Î ¥Í¥Ã¥È¥ï¡¼¥¯¤ËÀܳ¤µ¤ì¤Æ¤¤¤ë¥Þ¥·¥ó) ¤Î¥«¡¼¥Í¥ë¤¬¡¢
- ¤¢¤ëµ¬Â§¤Ë¤·¤¿¤¬¤Ã¤Æ
- ¥Ñ¥±¥Ã¥È¤òžÁ÷¤·¤¿¤ê¥Ö¥í¥Ã¥¯¤·¤¿¤ê¤¹¤ë¤â¤Î¤Ç¤¹¡£¤â¤¦°ì¤Ä¤Ï¡¢
+ ¤È¸Æ¤Ð¤ì¤ë¥¿¥¤¥×¤Î¤â¤Î¤Ç¤¹¡£
+ ¤³¤Î¥¿¥¤¥×¤Î¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Ï¥Þ¥ë¥Á¥Û¡¼¥à¥Þ¥·¥ó¤ÇÍøÍѤµ¤ì¡¢
+ ¤¢¤ëµ¬Â§¤Ë¤·¤¿¤¬¤Ã¤Æ¥Ñ¥±¥Ã¥È¤òžÁ÷¤·¤¿¤ê¥Ö¥í¥Ã¥¯¤·¤¿¤ê¤¹¤ë¤â¤Î¤Ç¤¹¡£
+ ¥Þ¥ë¥Á¥Û¡¼¥à¥Þ¥·¥ó¤È¤Ï¡¢
+ Ê£¿ô¤Î¥Í¥Ã¥È¥ï¡¼¥¯¥¤¥ó¥¿¥Õ¥§¡¼¥¹¤ò»ý¤Ä¥³¥ó¥Ô¥å¡¼¥¿¤Î¤³¤È¤Ç¤¹¡£
+ ¤â¤¦°ì¤Ä¤Ï¡¢
<emphasis> proxy (ÂåÍý) ¥µ¡¼¥Ð </emphasis>
¤È¤·¤ÆÃΤé¤ì¤Æ¤¤¤ë¥¿¥¤¥×¤Î¤â¤Î¤Ç¤¹¡£¤³¤ì¤Ï¡¢
¤ª¤½¤é¤¯¤Ï¥Þ¥ë¥Á¥Û¡¼¥à¤Î¥Û¥¹¥È¥Þ¥·¥ó¾å¤Ç¡¢
@@ -2169,20 +2212,20 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
<title>¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿¥ê¥ó¥°¥ë¡¼¥¿</title>
<para>¥ë¡¼¥¿¤È¤Ï¡¢Æó¤Ä¤Þ¤¿¤Ï¤½¤ì°Ê¾å¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤Î´Ö¤Ç
- ¥Ñ¥±¥Ã¥È¤ÎžÁ÷¤ò¤ª¤³¤Ê¤¦ ¥Þ¥·¥ó¤Î¤³¤È¤Ç¤¹¡£
- ¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿¥ê¥ó¥°¥ë¡¼¥¿¤Ï¡¢¤½¤Î¥«¡¼¥Í¥ë¤ÎÆâÉô¤Ë¡¢
- °ì¤Ä°ì¤Ä¤Î¥Ñ¥±¥Ã¥È¤ò¥ë¡¼¥ë¥ê¥¹¥È¤ÈÈæ³Ó¤·¤Æ
- žÁ÷¤¹¤ë¤«¤·¤Ê¤¤¤«¤ò·è¤á¤ë ÆÃÊ̤ʥ³¡¼¥É¤ò»ý¤Ã¤Æ¤¤¤Þ¤¹¡£
- ºÇ¶á¤Î IP ¥ë¡¼¥Æ¥£¥ó¥°¥½¥Õ¥È¥¦¥§¥¢¤Î¤Û¤È¤ó¤É¤Ï¡¢ÆâÉô¤Ë
- ¥Ñ¥±¥Ã¥È¤Î¥Õ¥£¥ë¥¿¥ê¥ó¥°¤ò¤ª¤³¤Ê¤¦¤¿¤á¤Î¥³¡¼¥É¤ò»ý¤Ã¤Æ¤¤¤Æ¡¢
- ¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï ¤¹¤Ù¤Æ¤Î¥Ñ¥±¥Ã¥È¤òžÁ÷¤¹¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£
+ ¥Ñ¥±¥Ã¥È¤ÎžÁ÷¤ò¤ª¤³¤Ê¤¦¥Þ¥·¥ó¤Î¤³¤È¤Ç¤¹¡£
+ ¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿¥ê¥ó¥°¥ë¡¼¥¿¤Ï¡¢
+ °ì¤Ä°ì¤Ä¤Î¥Ñ¥±¥Ã¥È¤ò¥ë¡¼¥ë¥ê¥¹¥È¤ÈÈæ³Ó¤·¤Æ¡¢
+ žÁ÷¤¹¤ë¤«¤·¤Ê¤¤¤«¤ò·è¤á¤ë¤è¤¦¤Ë¥×¥í¥°¥é¥ß¥ó¥°¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
+ ºÇ¶á¤Î IP ¥ë¡¼¥Æ¥£¥ó¥°¥½¥Õ¥È¥¦¥§¥¢¤Î¤Û¤È¤ó¤É¤Ï¡¢
+ ÆâÉô¤Ë¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿¥ê¥ó¥°µ¡Ç½¤ò»ý¤Ã¤Æ¤¤¤Æ¡¢
+ ¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¤¹¤Ù¤Æ¤Î¥Ñ¥±¥Ã¥È¤òžÁ÷¤¹¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£
¤³¤Î¥Õ¥£¥ë¥¿¤ò͸ú¤Ë¤¹¤ë¤¿¤á¤Ë¤Ï¡¢
- ¥Ñ¥±¥Ã¥È¤ÎÄ̲á¤òµö¤¹¤Ù¤¤«¤É¤¦¤«¤ò·è¤á¤ë
- ¥ë¡¼¥ë¤ò¼«Ê¬¤ÇÄêµÁ¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£</para>
+ ¥ë¡¼¥ë¤òÄêµÁ¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£</para>
<para>¥Ñ¥±¥Ã¥È¤òÄ̤¹¤Ù¤¤«Ä̤¹¤Ù¤¤Ç¤Ê¤¤¤«¤ò·è¤á¤ë¤¿¤á¤Ë¡¢
- ¥Ñ¥±¥Ã¥È¥Ø¥Ã¥À¤ÎÆâÍƤ˥ޥåÁ¤¹¤ë¤â¤Î¤¬
- ¥ë¡¼¥ë¥ê¥¹¥È¤«¤éõ¤µ¤ì¤Þ¤¹¡£¥Þ¥Ã¥Á¤¹¤ë¥ë¡¼¥ë¤¬¸«¤Ä¤«¤ë¤È¡¢
+ ¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Ï¡¢
+ ¥ë¡¼¥ë¥ê¥¹¥È¤«¤é¥Ñ¥±¥Ã¥È¥Ø¥Ã¥À¤ÎÆâÍƤ˥ޥåÁ¤¹¤ë¥ë¡¼¥ë¤¬¤Ê¤¤¤«¤É¤¦¤«¤òÄ´¤Ù¤Þ¤¹¡£
+ ¥Þ¥Ã¥Á¤¹¤ë¥ë¡¼¥ë¤¬¸«¤Ä¤«¤ë¤È¡¢
¥ë¡¼¥ë¥¢¥¯¥·¥ç¥ó¤¬¼Â¹Ô¤µ¤ì¤Þ¤¹¡£¥ë¡¼¥ë¥¢¥¯¥·¥ç¥ó¤Ë¤Ï¡¢
¥Ñ¥±¥Ã¥È¤ò¼Î¤Æ¤ë¡¢¥Ñ¥±¥Ã¥È¤òžÁ÷¤¹¤ë¡¢
¤Þ¤¿¤Ï¥Ñ¥±¥Ã¥È¤Îȯ¿®¸µ¤Ë ICMP
@@ -2209,10 +2252,11 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
¤Ê¤É) ¤ò ÆÃÊ̤ʥµ¡¼¥Ð¤ÇÃÖ¤´¹¤¨¤¿¥Þ¥·¥ó¤Î¤³¤È¤Ç¤¹¡£
¤³¤ì¤é¤Î¥µ¡¼¥Ð¤Ï¡¢
Ä̾ï¤ÏÃæ·Ñ¤ò¤ª¤³¤Ê¤Ã¤ÆÆÃÄêÊý¸þ¤Ø¤ÎÀܳ¤À¤±¤òµö¤¹¤¿¤á¡¢
- <emphasis>proxy ¥µ¡¼¥Ð </emphasis> ¤È¸Æ¤Ð¤ì¤Þ¤¹¡£(¤¿¤È¤¨¤Ð)
- proxy telnet
+ <emphasis>proxy ¥µ¡¼¥Ð</emphasis> ¤È¸Æ¤Ð¤ì¤Þ¤¹¡£(¤¿¤È¤¨¤Ð)
+ proxy <application>telnet</application>
¥µ¡¼¥Ð¤ò¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¥Û¥¹¥È¤ÇÁö¤é¤»¤Æ¤ª¤¤Þ¤¹¡£
- ³°Éô¤«¤é¥æ¡¼¥¶¤¬¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤ËÂФ·¤Æ telnet
+ ³°Éô¤«¤é¥æ¡¼¥¶¤¬¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤ËÂФ·¤Æ
+ <application>telnet</application>
¤ò¼Â¹Ô¤¹¤ë¤È¡¢proxy telnet ¥µ¡¼¥Ð¤¬±þÅú¤·¤Æ¡¢
²¿¤é¤«¤Îǧ¾Úµ¡¹½¤ò¼Â¹Ô¤·¤Þ¤¹¡£¤³¤ì¤òÄ̲ᤷ¤¿¸å¤Ç¡¢
ÆâÉô¥Í¥Ã¥È¥ï¡¼¥¯¤Ø¤Î¥¢¥¯¥»¥¹¤¬¤ª¤³¤Ê¤¨¤ë¤è¤¦¤Ë ¤Ê¤ë¤Î¤Ç¤¹¡£
@@ -2226,7 +2270,7 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
<quote>»È¤¤¼Î¤Æ</quote>¥Ñ¥¹¥ï¡¼¥É¥·¥¹¥Æ¥à¤È¤Ï¡¢
¤É¤¦¤¤¤¦¤â¤Î¤Ê¤Î¤Ç¤·¤ç¤¦¤«¡£²¾¤Ë狼¤¬²¿¤é¤«¤ÎÊýË¡¤Ç¡¢
¤¢¤Ê¤¿¤¬»ÈÍѤ·¤¿¥Ñ¥¹¥ï¡¼¥É¤ò¼ê¤ËÆþ¤ì¤¿¤È¤·¤Þ¤¹¡£¤·¤«¤·¡¢
- °ìÅÙ»ÈÍѤ·¤¿¤³¤È¤Ç¡¢
+ ºÇ½é¤Ë»ÈÍѤ·¤¿Ä¾¸å¤Ë¡¢
¤½¤Î¥Ñ¥¹¥ï¡¼¥É¤Ï´û¤Ë̵¸ú¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤Î¤Ç¤¹¡£¤Ç¤¹¤«¤é¡¢
¤½¤Î¥Ñ¥¹¥ï¡¼¥É¤ò¤â¤¦°ìÅÙ»ÈÍѤ·¤¿¤È¤·¤Æ¤â¡¢¤¢¤Ê¤¿¤Î¥·¥¹¥Æ¥à¤Ø
¥¢¥¯¥»¥¹¤¹¤ë¤³¤È¤Ï¤Ç¤¤Ê¤¤¤È¤¤¤¦¤ï¤±¤Ç¤¹¡£
@@ -2238,11 +2282,10 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
¤è¤êº¤Æñ¤Ë¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£</para>
<para>proxy ¥µ¡¼¥Ð¤Ï¥¢¥¯¥»¥¹À©¸Â¤ÎÊýË¡¤ò¤¤¤¯¤Ä¤â»ý¤Ã¤Æ¤¤¤Æ¡¢
- ÆÃÄê¤Î¥Û¥¹¥È
- ¤À¤±¤¬¥µ¡¼¥Ð¤Ø¤Î¥¢¥¯¥»¥¹¸¢¤òÆÀ¤ë¤³¤È¤¬¤Ç¤¤ë¤è¤¦¤Ë
- ¤Ê¤Ã¤Æ¤¤¤ë¤³¤È¤¬¤¢¤ê¤Þ¤¹¡£
- ¤½¤·¤ÆÌÜŪ¤Î¥Þ¥·¥ó¤ÈÄÌ¿®¤Ç¤¤ë¥æ¡¼¥¶¤òÀ©¸Â¤¹¤ë¤è¤¦¤Ë
- ÀßÄꤹ¤ë¤³¤È¤â¤Ç¤¤Þ¤¹¡£¤â¤¦°ìÅÙ¸À¤¤¤Þ¤¹¤¬¡¢
+ ÆÃÄê¤Î¥Û¥¹¥È¤À¤±¤¬¥µ¡¼¥Ð¤Ø¤Î¥¢¥¯¥»¥¹¸¢¤òÆÀ¤ë¤³¤È¤¬¤Ç¤¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤³¤È¤¬¤¢¤ê¤Þ¤¹¡£
+ ¤½¤·¤Æ¡¢
+ ´ÉÍý¼Ô¤ÏÌÜŪ¤Î¥Þ¥·¥ó¤ÈÄÌ¿®¤Ç¤¤ë¥æ¡¼¥¶¤òÀ©¸Â¤¹¤ë¤è¤¦¤ËÀßÄê¤Ç¤¤Þ¤¹¡£
+ ¤â¤¦°ìÅÙ¸À¤¤¤Þ¤¹¤¬¡¢
¤É¤ó¤Ê¥Õ¥¡¥·¥ê¥Æ¥£ (µ¡Ç½) ¤¬»È¤¨¤ë¤«¤Ï¡¢¤É¤ó¤Ê proxy
¥µ¡¼¥Ó¥¹¤ò¤ª¤³¤Ê¤¦¥½¥Õ¥È¥¦¥§¥¢¤òÁª¤Ö¤«¤ËÂ礤¯
°Í¸¤·¤Þ¤¹¡£</para>
@@ -2259,17 +2302,16 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
¤ò´Þ¤ó¤Ç¤¤¤Þ¤¹¡£
¥ë¡¼¥Æ¥£¥ó¥°¤Î·èÄê¤ò¤ª¤³¤Ê¤¦ºÝ¤Ë¡¢¤³¤ì¤é¤Ï¸ß¤¤¤Ë¶¨ÎϤ·¤Æ¡¢
¥«¡¼¥Í¥ë¤Ç»ÈÍѤµ¤ì¤ë¥ë¡¼¥ë¤òÄêµÁ¤·¤¿¤ê¡¢
- ¸½ºß»ÈÍѤµ¤ì¤Æ¤¤¤ë¥ë¡¼¥ë¤òÌ䤤¹ç¤ï¤»¤¿¤ê¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£</para>
+ »ÈÍѤµ¤ì¤Æ¤¤¤ë¥ë¡¼¥ë¤òÌ䤤¹ç¤ï¤»¤¿¤ê¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£</para>
<para>IPFW ¤Ï¸ß¤¤¤Ë´ØÏ¢¤¹¤ëÆó¤Ä¤ÎÉôʬ¤«¤é¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£
- ¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¥»¥¯¥·¥ç¥ó¤Ï
- ¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿¥ê¥ó¥°¤ò¤ª¤³¤Ê¤¤¤Þ¤¹¡£¤Þ¤¿¡¢IP
- ¥¢¥«¥¦¥ó¥Æ¥£¥ó¥°¥»¥¯¥·¥ç¥ó¤Ï¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¥»¥¯¥·¥ç¥ó¤Î¤â¤Î¤È
- »÷¤¿¥ë¡¼¥ë¤Ë´ð¤Å¤¤¤Æ¥ë¡¼¥¿¤Î»ÈÍѤòÄÉÀפ·¤Þ¤¹¡£¤³¤ì¤Ë¤è¤ê¡¢
- (¤¿¤È¤¨¤Ð) ÆÃÄê¤Î¥Þ¥·¥ó¤«¤é¥ë¡¼¥¿¤Ø¤Î¥È¥é¥Õ¥£¥Ã¥¯¤¬¤É¤Î¤¯¤é¤¤
- ȯÀ¸¤·¤Æ¤¤¤ë¤«Ä´¤Ù¤¿¤ê¡¢¤É¤ì¤À¤±¤Î WWW (World Wide Web)
- ¥È¥é¥Õ¥£¥Ã¥¯¤¬
- ¥Õ¥©¥ï¡¼¥É¤µ¤ì¤Æ¤¤¤ë¤«¤òÃΤ뤳¤È¤¬¤Ç¤¤Þ¤¹¡£</para>
+ ¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¥»¥¯¥·¥ç¥ó¤Ï¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿¥ê¥ó¥°¤ò¤ª¤³¤Ê¤¤¤Þ¤¹¡£
+ ¤Þ¤¿¡¢IP ¥¢¥«¥¦¥ó¥Æ¥£¥ó¥°¥»¥¯¥·¥ç¥ó¤Ï¡¢
+ ¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¥»¥¯¥·¥ç¥ó¤Î¤â¤Î¤È»÷¤¿¥ë¡¼¥ë¤Ë´ð¤Å¤¤¤Æ¥ë¡¼¥¿¤Î»ÈÍѤòÄÉÀפ·¤Þ¤¹¡£
+ ¤³¤ì¤Ë¤è¤ê¡¢¤¿¤È¤¨¤Ð¡¢
+ ´ÉÍý¼Ô¤ÏÆÃÄê¤Î¥Þ¥·¥ó¤«¤é¥ë¡¼¥¿¤Ø¤Î¥È¥é¥Õ¥£¥Ã¥¯¤¬¤É¤Î¤¯¤é¤¤È¯À¸¤·¤Æ¤¤¤ë¤«¤òÄ´¤Ù¤¿¤ê¡¢
+ ¤É¤ì¤À¤±¤Î WWW
+ ¥È¥é¥Õ¥£¥Ã¥¯¤¬¥Õ¥©¥ï¡¼¥É¤µ¤ì¤Æ¤¤¤ë¤«¤òÃΤ뤳¤È¤¬¤Ç¤¤Þ¤¹¡£</para>
<para>IPFW ¤Ï¡¢
¥ë¡¼¥¿¤Ç¤Ï¤Ê¤¤¥Þ¥·¥ó¤Ë¤ª¤¤¤Æ¤âÆþ½ÐÎÏ¥³¥Í¥¯¥·¥ç¥ó¤Î
@@ -2498,7 +2540,8 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
<varlistentry><term>allow</term>
<listitem>
<para>Ä̾ïÄ̤ê¥Ñ¥±¥Ã¥È¤òÄ̲ᤵ¤»¤Þ¤¹¡£(ÊÌ̾:
- <literal>pass</literal> ¤ª¤è¤Ó
+ <literal>pass</literal>,
+ <literal>permit</literal> ¤ª¤è¤Ó
<literal>accept</literal>)</para>
</listitem>
</varlistentry>
@@ -2655,7 +2698,7 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
<para>IP ¥Ø¥Ã¥À¤¬ <replaceable>spec</replaceable>
¤Ë»ØÄꤵ¤ì¤¿ ¥«¥ó¥Þ¤Ç¶èÀÚ¤é¤ì¤¿
¥ª¥×¥·¥ç¥ó¤Î¥ê¥¹¥È¤ò´Þ¤ó¤Ç¤¤¤ì¤Ð¥Þ¥Ã¥Á¤·¤Þ¤¹¡£
- ¥µ¥Ý¡¼¥È¤µ¤ì¤Æ¤¤¤ë IP ¥ª¥×¥·¥ç¥ó¤Î¥ê¥¹¥È¤Ï:
+ ¥µ¥Ý¡¼¥È¤µ¤ì¤Æ¤¤¤ë IP ¥ª¥×¥·¥ç¥ó¤Ï¡¢
<literal>ssrr</literal> (¥¹¥È¥ê¥¯¥È¥½¡¼¥¹¥ë¡¼¥È)¡¢
<literal>lsrr</literal> (¥ë¡¼¥º¥½¡¼¥¹¥ë¡¼¥È)¡¢
<literal>rr</literal> (¥ì¥³¡¼¥É¥Ñ¥±¥Ã¥È¥ë¡¼¥È)¡¢
@@ -2726,13 +2769,17 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
<cmdsynopsis>
<command>ipfw</command>
<arg>-a</arg>
+ <arg>-c</arg>
+ <arg>-d</arg>
+ <arg>-e</arg>
<arg>-t</arg>
<arg>-N</arg>
- <arg choice="plain">l</arg>
+ <arg>-S</arg>
+ <arg choice="plain">list</arg>
</cmdsynopsis>
</para>
- <para>¤³¤Î·Á¼°¤Ç»ÈÍѤ¹¤ëºÝ¤Ë͸ú¤Ê¥Õ¥é¥°¤Ï»°¤Ä¤¢¤ê¤Þ¤¹¡£</para>
+ <para>¤³¤Î·Á¼°¤Ç»ÈÍѤ¹¤ëºÝ¤Ë͸ú¤Ê¥Õ¥é¥°¤Ï 7 ¤Ä¤¢¤ê¤Þ¤¹¡£</para>
<variablelist>
<varlistentry><term>-a</term>
@@ -2743,7 +2790,34 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
</listitem>
</varlistentry>
- <varlistentry><term>-t</term>
+ <varlistentry>
+ <term>-c</term>
+
+ <listitem>
+ <para>¥³¥ó¥Ñ¥¯¥È¤Ê·Á¼°¤Ç¥ë¡¼¥ë¤Î°ìÍ÷¤òɽ¼¨¤·¤Þ¤¹¡£</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-d</term>
+
+ <listitem>
+ <para>ÀÅŪ¥ë¡¼¥ë¤Ë²Ã¤¨Æ°Åª¥ë¡¼¥ë¤âɽ¼¨¤·¤Þ¤¹¡£</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-e</term>
+
+ <listitem>
+ <para><option>-d</option> ¤¬»ØÄꤵ¤ì¤Æ¤¤¤ë¤È¤¤Ë¤Ï¡¢
+ ´ü¸Â¤¬Àڤ줿ưŪ¥ë¡¼¥ë¤âɽ¼¨¤·¤Þ¤¹¡£</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-t</term>
+
<listitem>
<para>³Æ¥Á¥§¡¼¥ó¥¨¥ó¥È¥ê¤¬ºÇ¸å¤Ë
¥Þ¥Ã¥Á¤·¤¿»þ¹ï¤òɽ¼¨¤·¤Þ¤¹¡£¤³¤Î»þ¹ïɽ¼¨¤Ï
@@ -2758,6 +2832,16 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
¥¢¥É¥ì¥¹¤ä¥µ¡¼¥Ó¥¹Ì¾¤òʸ»úÎó¤ËÊÑ´¹¤·¤Æɽ¼¨¤·¤Þ¤¹¡£</para>
</listitem>
</varlistentry>
+
+ <varlistentry>
+ <term>-S</term>
+
+ <listitem>
+ <para>³Æ¥ë¡¼¥ë¤¬½ê°¤·¤Æ¤¤¤ë¥»¥Ã¥È¤òɽ¼¨¤·¤Þ¤¹¡£
+ ¤³¤Î¥Õ¥é¥°¤¬ÀßÄꤵ¤ì¤Æ¤¤¤Ê¤¤¾ì¹ç¤Ë¤Ï¡¢
+ ̵¸ú¤Ë¤µ¤ì¤Æ¤¤¤ë¥ë¡¼¥ë¤Ï°ìÍ÷¤Ëɽ¼¨¤µ¤ì¤Þ¤»¤ó¡£</para>
+ </listitem>
+ </varlistentry>
</variablelist>
</sect3>
@@ -2862,11 +2946,11 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
<note>
<para><command>accept</command>
- ¥³¥Þ¥ó¥É¤Ç¥í¥°¤ò¼è¤Ã¤Æ¤¤¤ë¤È¡¢
- ¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤ò¥Ñ¥±¥Ã¥È¤¬°ì¤ÄÄ̲᤹¤ëËè¤Ë 1
- ¹Ô¤Î¥í¥°¤¬À¸À®¤µ¤ì¤ë¤¿¤á <emphasis>ÂçÎ̤Î</emphasis>
- ¥í¥°¥Ç¡¼¥¿¤¬È¯À¸¤·¤Þ¤¹¡£¤½¤Î¤¿¤á¡¢Â絬ÌÏ¤Ê FTP/HTTP
- žÁ÷¤Ê¤É¤ò¤ª¤³¤Ê¤¦¤È¡¢¥·¥¹¥Æ¥à¤¬Èó¾ï¤Ë ÃÙ¤¯¤Ê¤Ã¤Æ¤·¤Þ¤¤¤Þ¤¹¡£
+ ¥³¥Þ¥ó¥É¤Ç¥í¥°¤ò¼è¤Ã¤Æ¤¤¤ë¤È¡¢<emphasis>ÂçÎ̤Î</emphasis>
+ ¥í¥°¥Ç¡¼¥¿¤¬À¸À®¤µ¤ì¤ë¤Î¤ÇÃí°Õ¤·¤Æ¤¯¤À¤µ¤¤¡£
+ ¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤ò¥Ñ¥±¥Ã¥È¤¬°ì¤ÄÄ̲᤹¤ëËè¤Ë°ì¤Ä¤Î¥í¥°¤Î¥¨¥ó¥È¥ê¤¬À¸À®¤µ¤ì¤ë¤Î¤Ç¡¢
+ Â絬ÌÏ¤Ê FTP/HTTP žÁ÷¤Ê¤É¤ò¤ª¤³¤Ê¤¦¤È¡¢
+ ¥·¥¹¥Æ¥à¤¬Èó¾ï¤ËÃÙ¤¯¤Ê¤Ã¤Æ¤·¤Þ¤¤¤Þ¤¹¡£
¤Þ¤¿¡¢¥Ñ¥±¥Ã¥È¤¬Ä̲᤹¤ë¤Þ¤Ç¤Ë¥«¡¼¥Í¥ë¤Ë¤è¤ê
¿¤¯¤Î»Å»ö¤òÍ׵᤹¤ë¤¿¤á¡¢¥Ñ¥±¥Ã¥È¤Î¥ì¥¤¥Æ¥ó¥· (latency)
¤òÁý²Ã¤µ¤»¤Æ¤·¤Þ¤¤¤Þ¤¹¡£<application>syslogd</application>
@@ -2957,7 +3041,9 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
</itemizedlist>
<para>¤³¤ì¤È¤ÏÊ̤Υե¡¥¤¥¢¥¦¥©¡¼¥ëÀßÄê¤Ë ´Ø¤¹¤ë¥Á¥§¥Ã¥¯¥ê¥¹¥È¤¬
- CERT ¤«¤é Æþ¼ê²Äǽ¤Ç¤¹¡£<link xlink:href="http://www.cert.org/tech_tips/packet_filtering.html">http://www.cert.org/tech_tips/packet_filtering.html</link></para>
+ CERT (<link
+ xlink:href="http://www.cert.org/tech_tips/packet_filtering.html"></link>)
+ ¤«¤éÆþ¼ê²Äǽ¤Ç¤¹¡£</para>
<para>Á°¤Ë¤â½Ò¤Ù¤¿¤è¤¦¤Ë¡¢¤³¤ì¤Ï¤¿¤À¤Î <emphasis> ¥¬¥¤¥É¥é¥¤¥ó
</emphasis> ¤Ë¤¹¤®¤Þ¤»¤ó¡£
@@ -3135,8 +3221,9 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat A
<para>¸½ºß¤Î IPsec ¤Î¼ÂÁõ¤Ï¡¢
¥È¥é¥ó¥¹¥Ý¡¼¥È¥â¡¼¥É¤È¥È¥ó¥Í¥ë¥â¡¼¥É¤ÎξÊý¤ËÂбþ¤·¤Æ¤¤¤Þ¤¹¡£
- ¤·¤«¤·¡¢¥È¥ó¥Í¥ë¥â¡¼¥É¤Ë¤Ï¤¤¤¯¤Ä¤«¤ÎÀ©¸Â»ö¹à¤¬¤¢¤ê¤Þ¤¹¡£<link xlink:href="http://www.kame.net/newsletter/">http://www.kame.net/newsletter/
- </link> ¤Ë¤Ï¤è¤êÁí¹çŪ¤ÊÎ㤬ºÜ¤Ã¤Æ¤¤¤Þ¤¹¡£</para>
+ ¤·¤«¤·¡¢¥È¥ó¥Í¥ë¥â¡¼¥É¤Ë¤Ï¤¤¤¯¤Ä¤«¤ÎÀ©¸Â»ö¹à¤¬¤¢¤ê¤Þ¤¹¡£
+ <link xlink:href="http://www.kame.net/newsletter/"></link>
+ ¤Ë¤Ï¤è¤êÁí¹çŪ¤ÊÎ㤬ºÜ¤Ã¤Æ¤¤¤Þ¤¹¡£</para>
<para>¤³¤³¤Ç½Ò¤Ù¤ëµ¡Ç½¤òÍøÍѤ¹¤ë¤Ë¤Ï¡¢°Ê²¼¤Î¥ª¥×¥·¥ç¥ó¤ò¥«¡¼¥Í¥ë¥³
¥ó¥Ñ¥¤¥ë»þ¤Ë»ØÄꤹ¤ëɬÍפ¬¤¢¤ë¤³¤È¤Ë¤´Ãí°Õ¤¯¤À¤µ¤¤¡£</para>
@@ -3785,8 +3872,8 @@ user at ssh-server.example.com's password:
SSH Àܳ¤ò¹Ô¤¤¡¢Ogg Vorbis
¥µ¡¼¥Ð¤Ø¤Î¥È¥ó¥Í¥ë¤ËÍøÍѤ¹¤ë¤³¤È¤Ç¤¹¡£</para>
- <screen>&prompt.user; <userinput>ssh -2 -N -f -L 8888:music.example.com:8000 user at unfirewalled.myserver.com</userinput>
-user at unfirewalled.myserver.com's password: <userinput>*******</userinput></screen>
+ <screen>&prompt.user; <userinput>ssh -2 -N -f -L <replaceable>8888:music.example.com:8000 user at unfirewalled-system.example.org</replaceable></userinput>
+user at unfirewalled-system.example.org's password: <userinput>*******</userinput></screen>
<para>¥¹¥È¥ê¡¼¥ß¥ó¥°¥¯¥é¥¤¥¢¥ó¥È¤ò <systemitem>localhost</systemitem>
¤Î 8888 È֥ݡ¼¥È¤Ë¸þ¤±¤ë¤È¡¢<systemitem>music.example.com</systemitem>
@@ -3952,7 +4039,8 @@ user at unfirewalled.myserver.com's passwor
<title>Low-Watermark Mandatory Access Control (LOMAC)
(mac_lomac)</title>
<indexterm>
- <primary>Low-Watermark Mandatory Access Control</primary>
+ <primary>MAC</primary>
+ <secondary>Low-Watermark</secondary>
</indexterm>
<indexterm>
<primary>LOMAC</primary>
@@ -3972,14 +4060,17 @@ user at unfirewalled.myserver.com's passwor
ubiquitously labels objects and must therefore be
compiled into the kernel or loaded at boot.</para>
</sect2>
+
<sect2 id="mac-policy-mls">
<title>Multi-Level Security Policy (MLS) (mac_mls)</title>
<indexterm>
<primary>Multi-Level Security Policy</primary>
</indexterm>
<indexterm>
- <primary>MLS</primary>
+ <primary>MAC</primary>
+ <secondary>Multi-Level</secondary>
</indexterm>
+
<para>Vendor: TrustedBSD Project</para>
<para>Module name: mac_mls.ko</para>
<para>Kernel option: <literal>MAC_MLS</literal></para>
More information about the svn-doc-head
mailing list