最新版はこちら。 突っ込みは各日付の BBS エントリのほか、 メール (nakano@st.seikei.ac.jp) や フォーム からどうぞ。 なおスパム除けのため、BBS 機能には 緩い認証を入れて います。 検索エンジンから来た方は、エンジンの方のキャッシュを見るか、 下の簡易検索を試してみてください。
|
Namazu for hns による簡易全文検索 詳しくは 詳細指定/ヘルプを参照して下さい |
||||||||||||||||||||||||||||||||||||||||||||||||
nakano@ubnt$ configure # set interfaces ethernet eth0 description 'SeikeiNet' # set interfaces ethernet eth1 address 192.168.MM.1/24 # set interfaces ethernet eth1 description '12-5Fnet' # set protocols static route 0.0.0.0/0 next-hop 133.220.XXX.GGG distance '1' # set protocols static route 10.0.0.0/8 blackhole distance '254' # set protocols static route 172.16.0.0/12 blackhole distance '254' # set protocols static route 192.168.0.0/16 blackhole distance '254' # set service dhcp-server disabled 'false' # set service dhcp-server shared-network-name LAN subnet 192.168.MM.0/24 domain-name '12-5Fnet' # set service dhcp-server shared-network-name LAN subnet 192.168.MM.0/24 lease '86400' # set service dhcp-server shared-network-name LAN subnet 192.168.MM.0/24 dns-server '192.168.MM.1' # set service dhcp-server shared-network-name LAN subnet 192.168.MM.0/24 default-router '192.168.MM.1' # set service dhcp-server shared-network-name LAN subnet 192.168.MM.0/24 start 192.168.MM.16 stop '192.168.MM.48' # set service dns forwarding cache-size '0' # set service dns forwarding listen-on 'eth1' # set service dns forwarding name-server '133.220.DNS.SRV' # set service dns forwarding name-server '133.220.DNS.SR2' # set service nat rule 5000 outbound-interface 'eth0' # set service nat rule 5000 source address '192.168.MM.0/24' # set service nat rule 5000 type masquerade # set system time-zone Asia/Tokyo # delete system ntp server 0.ubnt.pool.ntp.org # delete system ntp server 1.ubnt.pool.ntp.org # delete system ntp server 2.ubnt.pool.ntp.org # delete system ntp server 3.ubnt.pool.ntp.org # set system ntp server 133.220.NTP.SRV # delete system login user ubnt # set firewall name OUTSIDE-IN default-action 'drop' # set firewall name OUTSIDE-IN rule 10 action 'accept' # set firewall name OUTSIDE-IN rule 10 state established 'enable' # set firewall name OUTSIDE-IN rule 10 state related 'enable' # set firewall name OUTSIDE-LOCAL default-action 'drop' # set firewall name OUTSIDE-LOCAL rule 10 action 'accept' # set firewall name OUTSIDE-LOCAL rule 10 state established 'enable' # set firewall name OUTSIDE-LOCAL rule 10 state related 'enable' # set firewall name OUTSIDE-LOCAL rule 20 action 'accept' # set firewall name OUTSIDE-LOCAL rule 20 icmp type-name 'echo-request' # set firewall name OUTSIDE-LOCAL rule 20 protocol 'icmp' # set firewall name OUTSIDE-LOCAL rule 20 state new 'enable' # set firewall name OUTSIDE-LOCAL rule 30 action 'drop' # set firewall name OUTSIDE-LOCAL rule 30 destination port '22' # set firewall name OUTSIDE-LOCAL rule 30 protocol 'tcp' # set firewall name OUTSIDE-LOCAL rule 30 recent count '4' # set firewall name OUTSIDE-LOCAL rule 30 recent time '60' # set firewall name OUTSIDE-LOCAL rule 30 state new 'enable' # set firewall name OUTSIDE-LOCAL rule 31 action 'accept' # set firewall name OUTSIDE-LOCAL rule 31 destination port '22' # set firewall name OUTSIDE-LOCAL rule 31 protocol 'tcp' # set firewall name OUTSIDE-LOCAL rule 31 state new 'enable' # set interfaces ethernet eth0 firewall in name 'OUTSIDE-IN' # set interfaces ethernet eth0 firewall local name 'OUTSIDE-LOCAL' # commit # save