--- /dev/null
+.\"
+.\" Heavily modified by Paul ``Rusty'' Russell March 1997
+.\"
+.\" Based on the original ipfwadm man page by Jos Vos <jos@xos.nl> (see README)
+.\"
+.\" This program is free software; you can redistribute it and/or modify
+.\" it under the terms of the GNU General Public License as published by
+.\" the Free Software Foundation; either version 2 of the License, or
+.\" (at your option) any later version.
+.\"
+.\" This program is distributed in the hope that it will be useful,
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+.\" GNU General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public License
+.\" along with this program; if not, write to the Free Software
+.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+.\"
+.\"
+.\"WORD: firewall ¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë
+.\"WORD: interface ¥¤¥ó¥¿¡¼¥Õ¥§¡¼¥¹
+.\"WORD: source address ȯ¿®¸µ¥¢¥É¥ì¥¹
+.\"WORD: destination address °¸À襢¥É¥ì¥¹
+.\"WORD: network mask ¥Í¥Ã¥È¥Þ¥¹¥¯
+.\"WORD: user ¥æ¡¼¥¶
+.\"WORD: chain ¥Á¥§¥¤¥ó
+.\"WORD: input chain input ¥Á¥§¥¤¥ó
+.\"WORD: output chain output ¥Á¥§¥¤¥ó
+.\"WORD: forwarding chain forward ¥Á¥§¥¤¥ó
+.\"WORD: builtin chain ÁȤ߹þ¤ßºÑ¤ß¥Á¥§¥¤¥ó
+.\"
+.\"
+.\" Japanese Version Copyright (c) 2001 OHGAMI Atsushi
+.\" all rights reserved.
+.\" Translated Sun Jun 10 13:27:00 JST 2001
+.\" by OHGAMI Atsushi (ati@ff.iij4u.or.jp)
+.\" Sun Jul 12 07:40:00 JST 2001
+.\" by MATSUDA Yoh-ichi (matsuda@palnet.or.jp)
+.\"
+.TH IPCHAINS 8 "February 8, 1998" "" ""
+.SH ̾Á°
+ipchains \- IP ¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë´ÉÍý
+.SH ½ñ¼°
+.BR "ipchains -[ADC] " "¥Á¥§¥¤¥ó ¥ë¡¼¥ë¤Î¾ÜºÙ [¥ª¥×¥·¥ç¥ó]"
+.br
+.BR "ipchains -[RI] " "¥Á¥§¥¤¥ó ¥ë¡¼¥ëÈÖ¹æ ¥ë¡¼¥ë¤Î¾ÜºÙ [¥ª¥×¥·¥ç¥ó]"
+.br
+.BR "ipchains -D " "¥Á¥§¥¤¥ó ¥ë¡¼¥ëÈÖ¹æ [¥ª¥×¥·¥ç¥ó]"
+.br
+.BR "ipchains -[LFZNX] " "[¥Á¥§¥¤¥ó] [¥ª¥×¥·¥ç¥ó]"
+.br
+.BR "ipchains -P " "¥Á¥§¥¤¥ó ¥¿¡¼¥²¥Ã¥È [¥ª¥×¥·¥ç¥ó]"
+.br
+.BR "ipchains -M " "[ -L | -S ] [¥ª¥×¥·¥ç¥ó]"
+.SH ÀâÌÀ
+.B ipchains
+¤Ï Linux ¥«¡¼¥Í¥ëÃæ¤Î IP ¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Î¥ë¡¼¥ë¤òÀßÄꤷ¡¢Êݼ餷¡¢
+¸¡ºº¤¹¤ë¤¿¤á¤Î¤â¤Î¤Ç¤¢¤ë¡£
+¤³¤ì¤é¤Î¥ë¡¼¥ë¤Ï¡¢4 ¤Ä¤Î¥«¥Æ¥´¥ê¤ËʬÎà¤Ç¤¤ë -
+IP input (ÆþÎÏ) ¥Á¥§¥¤¥ó¡¢IP output (½ÐÎÏ) ¥Á¥§¥¤¥ó¡¢
+IP forward (žÁ÷) ¥Á¥§¥¤¥ó¡¢¤½¤·¤Æ¥æ¡¼¥¶ÄêµÁ¥Á¥§¥¤¥ó¤Ç¤¢¤ë¡£
+
+¤³¤ì¤é³Æ¡¹¤Î¥«¥Æ¥´¥êËè¤Ë¡¢¥ë¡¼¥ë¤Î°ìÍ÷ɽ¡ÚÌõÃí: table/¥Æ¡¼¥Ö¥ë¡Û¤¬
+ÍÑ°Õ¤µ¤ì¤ë¡£
+¤³¤ì¤é¥ë¡¼¥ë¤Ï¥æ¡¼¥¶ÄêµÁ¥Á¥§¥¤¥ó¤Î¤É¤ì¤«°ì¤Ä¤ò»²¾È¤¹¤ë¤³¤È¤â¤¢¤ë¡£
+¾ÜºÙ¤Ë¤Ä¤¤¤Æ¤Ï
+.IR ipfw (4)
+¤ò»²¾È¤Î¤³¤È¡£
+.SH ¥¿¡¼¥²¥Ã¥È
+¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¥ë¡¼¥ë¤Ç¤Ï¡¢¥Ñ¥±¥Ã¥È¤ÎȽÄê´ð½à¤È¥¿¡¼¥²¥Ã¥È¤ò»ØÄꤹ¤ë¡£
+Âоݥѥ±¥Ã¥È¤¬¥Þ¥Ã¥Á¤·¤Ê¤¤¤È¡¢¥Á¥§¥¤¥óÃæ¤Î¼¡¤Î¥ë¡¼¥ë¤¬¸¡ºº¤µ¤ì¤ë¡£
+¥ë¡¼¥ë¤Ë°ìÃפ¹¤ë¾ì¹ç¡¢¼¡¤Î¥ë¡¼¥ë¤Ï¥¿¡¼¥²¥Ã¥È¤ÎÃͤˤè¤Ã¤Æ»ØÄꤵ¤ì¤ë¡£
+¥¿¡¼¥²¥Ã¥È¤ÎÃͤϥ桼¥¶ÄêµÁ¥Á¥§¥¤¥ó¤Î̾Á°¤«¡¢¤Þ¤¿¤ÏÆÃÊ̤ÊÃͤǤ¢¤ë
+.IR ACCEPT ,
+.IR DENY ,
+.IR REJECT ,
+.IR MASQ ,
+.IR REDIRECT ,
+.IR RETURN
+¤Î¤¦¤Á¤Î 1 ¤Ä¤Ç¤¢¤ë¡£
+.sp 0.5
+.I ACCEPT
+¤Ï¡¢Âоݥѥ±¥Ã¥È¤òÄ̲ᤵ¤»¤ë¡£
+.I DENY
+¤Ï¡¢Âоݥѥ±¥Ã¥È¤ò¾²¤ØÍî¤È¤·¡¢¼Î¤Æµî¤ë¡£
+.I REJECT
+¤Ï¡¢Âоݥѥ±¥Ã¥È¤ò¼Î¤Æµî¤ë¤È¤¤¤¦ÅÀ¤Ç¤Ï DENY ¤ÈƱ¤¸¤À¤¬¡¢ DENY ¤è¤ê¤â
+Îéµ·Àµ¤·¤¯¡¢¥Ç¥Ð¥Ã¥°¤·°×¤¯¤Ê¤Ã¤Æ¤¤¤ë¡£
+²¿¸Î¤Ê¤é¡¢¥Ñ¥±¥Ã¥È¤ò¼Î¤Æ¤ëºÝ¤ËÂоݥѥ±¥Ã¥È¤ò¼Î¤Æ¤¿¤³¤È¤ò¼¨¤¹ ICMP
+¥á¥Ã¥»¡¼¥¸¤òÁ÷¿®¸µ¤ËÊÖ¿®¤¹¤ë¤«¤é¤Ç¤¢¤ë¡£
+(
+.I DENY
+¤È
+.I REJECT
+¤Ï¡¢ ICMP ¥Ñ¥±¥Ã¥È¤Ë´Ø¤·¤Æ¤ÏÆ°ºî¤¬Æ±¤¸¤Ç¤¢¤ë¤³¤È¤ËÃí°Õ¤µ¤ì¤¿¤¤¡£)
+.sp 0.5
+.I MASQ
+¤Ï forward ¥Á¥§¥¤¥ó¤È¥æ¡¼¥¶ÄêµÁ¥Á¥§¥¤¥ó¤ËÂФ·¤Æ¤Î¤ß͸ú¤Ç¤¢¤ê¡¢³î¤Ä¥«¡¼¥Í¥ë¤¬
+.B CONFIG_IP_MASQUERADE
+ÉÕ¤¤Ç¥³¥ó¥Ñ¥¤¥ë¤µ¤ì¤Æ¤¤¤ë¾ì¹ç¤Ë¤À¤±»ÈÍѤǤ¤ë¡£
+¤³¤ì¤Ë¤è¤ê¡¢¥Ñ¥±¥Ã¥È¤Ï¤¢¤¿¤«¤â¥í¡¼¥«¥ë¥Û¥¹¥È¤«¤éȯ¿®¤µ¤ì¤¿¤«¤Î¤è¤¦¤Ë
+¥Þ¥¹¥«¥ì¡¼¥É¤µ¤ì¤ë¡£
+¹¹¤Ë¡¢¼õ¿®¤µ¤ì¤ë¥Ñ¥±¥Ã¥È¤ÏÀè¤Ë¥Þ¥¹¥«¥ì¡¼¥É¤µ¤ì¤¿¥Û¥¹¥È¤ËÂФ¹¤ëÊÖÅú¤È¤·¤Æ
+ǧ¼±¤µ¤ì¤ë¤È¶¦¤Ë¡¢¼«Æ°Åª¤Ë¥Þ¥¹¥«¥ì¡¼¥É³°¤· (demasquerade) ¤¬¹Ô¤ï¤ì¡¢
+forward ¥Á¥§¥¤¥ó¤Î¥Á¥§¥Ã¥¯¤«¤é³°¤µ¤ì¤ë¡£
+.sp 0.5
+.I REDIRECT
+¤Ï input ¥Á¥§¥¤¥ó¤È¥æ¡¼¥¶ÄêµÁ¥Á¥§¥¤¥ó¤ËÂФ·¤Æ¤Î¤ß͸ú¤Ç¤¢¤ê¡¢¥«¡¼¥Í¥ë¤¬
+.B CONFIG_IP_TRANSPARENT_PROXY
+ÉÕ¤¤Ç¥³¥ó¥Ñ¥¤¥ë¤µ¤ì¤Æ¤¤¤ë¾ì¹ç¤Ë¤À¤±»ÈÍѤǤ¤ë¡£
+¤³¤Î¥¿¡¼¥²¥Ã¥È¤Ë¤è¤ê¡¢¥ê¥â¡¼¥È¥Û¥¹¥È°¸¤ËÁ÷¿®¤µ¤ì¤¿¥Ñ¥±¥Ã¥È¤Ç¤¢¤Ã¤Æ¤â
+¥í¡¼¥«¥ë¤Î¥½¥±¥Ã¥È¤Ø¿¶¤ê¸þ¤±¤é¤ì¤ë¡£
+¥ê¥À¥¤¥ì¥¯¥ÈÀè¤Î¥Ý¡¼¥È¤Ë¥Ç¥Õ¥©¥ë¥ÈÃͤǤ¢¤ë 0 ¤¬»ØÄꤵ¤ì¤Æ¤¤¤ë¤È¡¢
+¤½¤Î¥Ñ¥±¥Ã¥È¤Î°¸Àè¥Ý¡¼¥È¤¬¥ê¥À¥¤¥ì¥¯¥ÈÀè¤Î¥Ý¡¼¥È¤È¤·¤Æ»ÈÍѤµ¤ì¤ë¡£
+¤³¤Î¥¿¡¼¥²¥Ã¥È¤òÍѤ¤¤ë»þ¤Ï¡¢¥ª¥×¥·¥ç¥ó¤Î°ú¿ô¤È¤·¤Æ¥Ý¡¼¥ÈÈֹ椬»ØÄê¤Ç¤¤ë¡£
+.sp 0.5
+¥æ¡¼¥¶ÄêµÁ¥Á¥§¥¤¥ó¤Î½ª¤ê¤Ë㤹¤ë¤«¡¢¤Þ¤¿¤Ï¥¿¡¼¥²¥Ã¥È
+.I RETURN
+¤ò»ý¤Ä¥ë¡¼¥ë¤Ë¥Þ¥Ã¥Á¤·¤¿¾ì¹ç¡¢°ÊÁ°¤Î (¸Æ¤Ó½Ð¤·¸µ¤Î) ¥Á¥§¥¤¥óÃæ¤Î¼¡¤Î
+¥ë¡¼¥ë¤¬É¾²Á¤µ¤ì¤ë¡£
+ÁȤ߹þ¤ßºÑ¤ß¥Á¥§¥¤¥ó¤Î½ª¤ê¤Ë㤹¤ë¤«¡¢¤Þ¤¿¤ÏÁȤ߹þ¤ßºÑ¤ß¥Á¥§¥¤¥ó¤Î¥ë¡¼¥ë¤Î
+¥¿¡¼¥²¥Ã¥È¤È¤·¤Æ
+.I RETURN
+¤Ë¥Þ¥Ã¥Á¤·¤¿¾ì¹ç¡¢¥Á¥§¥¤¥ó¤Ë»ØÄꤵ¤ì¤¿¥Ý¥ê¥·¡¼¤¬¤½¤Î¥Ñ¥±¥Ã¥È¤Î±¿Ì¿¤ò
+·èÄꤹ¤ë¡£
+.SH ¥ª¥×¥·¥ç¥ó
+.B ipchains
+¤¬Ç§¼±¤¹¤ë¥ª¥×¥·¥ç¥ó¤Ï¡¢´ö¤Ä¤«¤Î¥°¥ë¡¼¥×¤ËʬÎà¤Ç¤¤ë¡£
+.SS ¥³¥Þ¥ó¥É
+¤³¤ì¤é¤Î¥ª¥×¥·¥ç¥ó¤Ï¼Â¹Ô¤¹¤ëÆÃÄê¤Îµ¡Ç½¤ò»ØÄꤹ¤ë -
+°Ê²¼¤ËÆÃÊ̤˻ØÄê¤Î¤Ê¤¤¸Â¤ê¡¢¥³¥Þ¥ó¥É¥é¥¤¥ó¤Ç¤Ï¤³¤ì¤é¤Î¥ª¥×¥·¥ç¥ó¤Î¤¦¤Á
+¤¤¤º¤ì¤«°ì¤Ä¤·¤«»ØÄꤹ¤ë¤³¤È¤¬¤Ç¤¤Ê¤¤¡£
+¥í¥ó¥°¥Ð¡¼¥¸¥ç¥ó¤Î¥³¥Þ¥ó¥É¤ä¥ª¥×¥·¥ç¥ó̾¤Ï¡¢É¬¤º¤·¤â´°Á´¤Ê·Á¤Î̾Á°¤Ç
+»ØÄꤹ¤ëɬÍפϤʤ¯¡¢
+.B ipchains
+¤¬Â¾¤Î¥ª¥×¥·¥ç¥ó¤È¼±Ê̤¹¤ë¤³¤È¤¬¤Ç¤¤ë¤À¤±¤ÎŤµ¤¬¤¢¤ì¤Ð½½Ê¬¤Ç¤¢¤ë¡£
+¡ÚÌõÃí: Î㤨¤Ð¡¢ --append ¤Î¾ì¹ç¡¢ --a ¤Ç»Ï¤Þ¤ë¥ª¥×¥·¥ç¥ó̾¤Ï¾¤Ë¤Ê¤¤¤Î¤Ç¡¢
+--app ¤Ç¤â²Ä¤Ç¤¢¤ë¡£¡Û
+.TP
+.BR "-A, --append"
+ÁªÂò¤·¤¿¥Á¥§¥¤¥ó¤ÎËöÈø¤Ë 1 ¤Ä°Ê¾å¤Î¥ë¡¼¥ë¤òÄɲ乤롣
+̾Á°²ò·è¤Î·ë²Ì¡¢È¯¿®¸µ¥¢¥É¥ì¥¹¤È°¸À襢¥É¥ì¥¹¤ÎξÊý¤Þ¤¿¤Ï¤¤¤º¤ì¤«¤Î̾Á°¤¬
+1 ¤Ä°Ê¾å¤Î IP ¥¢¥É¥ì¥¹¤ò»ý¤Ä¾ì¹ç¡¢¥ë¡¼¥ë¤Ï³Æ¡¹¤Î²Äǽ¤Ê¥¢¥É¥ì¥¹¤ÎÁȹ礻Ëè¤Ë
+Äɲ䵤ì¤ë¡£
+.TP
+.BR "-D, --delete"
+ÁªÂò¤·¤¿¥Á¥§¥¤¥ó¤«¤é¡¢1 ¤Ä°Ê¾å¤Î¥ë¡¼¥ë¤òºï½ü¤¹¤ë¡£
+¤³¤Î¥³¥Þ¥ó¥É¤Ë¤Ï 2 ¤Ä¤Î¥Ð¡¼¥¸¥ç¥ó¤¬¤¢¤ë -
+¥ë¡¼¥ë¤Ï (ºÇ½é¤Î¥ë¡¼¥ë¤ò 1 ¤È¤·¤Æ¿ô¤¨»Ï¤á¤Æ) ¥Á¥§¥¤¥óÃæ¤ÎÈÖ¹æ¤Ç
+»ØÄꤵ¤ì¤ë¤«¡¢°ìÃפ¹¤ë¥ë¡¼¥ë¤Ë¤Æ»ØÄꤵ¤ì¤ë¡£
+.TP
+.B "-R, --replace"
+ÁªÂò¤·¤¿¥Á¥§¥¤¥ó¤Î¥ë¡¼¥ë¤òÃÖ¤´¹¤¨¤ë¡£
+̾Á°²ò·è¤Î·ë²Ì¡¢È¯¿®¸µ¤È°¸Àè¤ÎξÊý¤Þ¤¿¤Ï¤¤¤º¤ì¤«¤Î̾Á°¤¬
+Ê£¿ô¤Î IP ¥¢¥É¥ì¥¹¤ò»ý¤Ä¾ì¹ç¡¢¥³¥Þ¥ó¥É¤Î¼Â¹Ô¤Ï¼ºÇÔ¤¹¤ë¡£
+¥ë¡¼¥ë¤Ë¤Ï 1 ¤«¤é»Ï¤Þ¤ëÈֹ椬¿¶¤é¤ì¤ë¡£
+.TP
+.B "-I, --insert"
+ÁªÂò¤·¤¿¥Á¥§¥¤¥ó¤Ø¡¢ 1 ¤Ä°Ê¾å¤Î¥ë¡¼¥ë¤ò»ØÄê¤Î¥ë¡¼¥ëÈÖ¹æ¤ÇÁÞÆþ¤¹¤ë¡£
+½¾¤Ã¤Æ¡¢¥ë¡¼¥ëÈÖ¹æ¤Ë 1 ¤ò»ØÄꤹ¤ë¤È¡¢¤½¤Î¥ë¡¼¥ë¤Ï¥Á¥§¥¤¥ó¤ÎÀèƬ¤Ë
+ÁÞÆþ¤µ¤ì¤ë¡£
+.TP
+.B "-L, --list"
+ÁªÂò¤·¤¿¥Á¥§¥¤¥ó¤Ë´Þ¤Þ¤ì¤ëÁ´¤Æ¤Î¥ë¡¼¥ë¤ò°ìÍ÷ɽ¼¨¤¹¤ë¡£
+¥Á¥§¥¤¥ó¤ò»ØÄꤷ¤Ê¤¤¤È¡¢Á´¤Æ¤Î¥Á¥§¥¤¥ó¤¬°ìÍ÷ɽ¼¨¤µ¤ì¤ë¡£
+¥Á¥§¥¤¥ó¤ò»ØÄꤷ¤Ê¤¤»þ¤Ë¡¢
+.B -Z
+(¥¼¥í) ¥ª¥×¥·¥ç¥ó¤È¤ÎÁȤ߹ç¤ï¤»¤Ï͸ú¤Ç¤¢¤ë¡£
+Àµ³Î¤Ê½ÐÎϤϾ¤Î°ú¿ô¤Î»ØÄê¤Ë¤è¤Ã¤Æ¹Ô¤ï¤ì¤ë¡£
+.TP
+.B "-F, --flush"
+ÁªÂò¤·¤¿¥Á¥§¥¤¥ó¤ÎÆâÍƤò°ìµ¤¤Ë¾Ãµî¤¹¤ë¡£
+¤³¤ì¤ÏÁ´¤Æ¤Î¥ë¡¼¥ë¤ò°ì¤Ä¤º¤Äºï½ü¤¹¤ë¤³¤È¤ÈÅù²Á¤Ç¤¢¤ë¡£
+.TP
+.B "-Z, --zero"
+Á´¤Æ¤Î¥Á¥§¥¤¥ó¤Î¥Ñ¥±¥Ã¥È¥«¥¦¥ó¥¿¤È¥Ð¥¤¥È¥«¥¦¥ó¥¿¤ò¥¼¥í¤Ë½é´ü²½¤¹¤ë¡£
+¥«¥¦¥ó¥¿¤¬¥¯¥ê¥¢¤µ¤ì¤ëľÁ°¤Ë¤½¤ÎÃͤò¸«¤¿¤¤»þ¤Î°Ù¤Ë¡¢
+.B "-L, --list"
+(¥ê¥¹¥È) ¥ª¥×¥·¥ç¥ó¤È¤ÎÁȤ߹ç¤ï¤»¤Ï͸ú¤Ç¤¢¤ë -
+¥«¥¦¥ó¥¿¤Î¥¯¥ê¥¢¤ò¹Ô¤¦ºÝ¡¢ÆÃÄê¤Î¥Á¥§¥¤¥ó¤ò»ØÄꤹ¤ë¤³¤È¤Ï½ÐÍè¤Ê¤¤¡£
+(
+.I Á´¤Æ¤Î
+¥Á¥§¥¤¥ó¤¬É½¼¨¤µ¤ì¤ë¤È¶¦¤Ë¥¯¥ê¥¢¤µ¤ì¤ë)
+.TP
+.B "-N, --new-chain"
+»ØÄꤷ¤¿Ì¾Á°¤Î¥æ¡¼¥¶ÄêµÁ¥Á¥§¥¤¥ó¤ò¿·¤¿¤ËºîÀ®¤¹¤ë¡£
+´û¸¤Î¥¿¡¼¥²¥Ã¥È¤ÈƱ¤¸Ì¾Á°¤Ï»ÈÍѤǤ¤Ê¤¤¡£
+.TP
+.B "-X, --delete-chain"
+»ØÄꤷ¤¿¥æ¡¼¥¶ÄêµÁ¥Á¥§¥¤¥ó¤òºï½ü¤¹¤ë¡£
+ºï½üÂоݥÁ¥§¥¤¥ó¤Ø¤Î»²¾È¤¬Â¸ºß¤·¤Æ¤Ï¤Ê¤é¤Ê¤¤
+(»²¾È¤µ¤ì¤Æ¤¤¤ë¾ì¹ç¤Ï¡¢¤½¤Î¥Á¥§¥¤¥ó¤òºï½ü¤¹¤ëÁ°¤Ë¡¢»²¾È¸µ¤Î¥ë¡¼¥ë¤ò
+ºï½ü¤¹¤ë¤«¡¢°¿¤Ï¾¤Î¥Á¥§¥¤¥ó¤Ø°ÜÆ°¤·¤Ê¤±¤ì¤Ð¤Ê¤é¤Ê¤¤)¡£
+°ú¿ô¤¬Í¿¤¨¤é¤ì¤Ê¤«¤Ã¤¿¾ì¹ç¡¢ ipchains ¤ÏÁȤ߹þ¤ßºÑ¤ß¥Á¥§¥¤¥ó¤ò½ü¤¯
+Á´¤Æ¤Î¥æ¡¼¥¶ÄêµÁ¥Á¥§¥¤¥ó¤òºï½ü¤·¤è¤¦¤È¤¹¤ë¡£
+.TP
+.B "-P, --policy"
+¥Á¥§¥¤¥ó¤Î¥Ý¥ê¥·¡¼¤ò»ØÄꤷ¤¿¥¿¡¼¥²¥Ã¥È¤ËÀßÄꤹ¤ë¡£
+Àµ¤·¤¤¥¿¡¼¥²¥Ã¥È¤Ë¤Ä¤¤¤Æ¤Ï¡¢
+.B ¥¿¡¼¥²¥Ã¥È
+¤Î¹à¤ò»²¾È¡£
+¥Ý¥ê¥·¡¼¤ò»ý¤Ä¤³¤È¤¬¤Ç¤¤ë¤Î¤Ï¥æ¡¼¥¶ÄêµÁ¤Ç¤Ï¤Ê¤¤¥Á¥§¥¤¥ó¤À¤±¤Ç¤¢¤ê¡¢
+ÁȤ߹þ¤ßºÑ¤ß¥Á¥§¥¤¥ó¤â¥æ¡¼¥¶ÄêµÁ¥Á¥§¥¤¥ó¤â¥Ý¥ê¥·¡¼¤Î¥¿¡¼¥²¥Ã¥È¤È¤Ï¤Ê¤êÆÀ¤Ê¤¤¡£
+.TP
+.B "-M, --masquerading"
+¤³¤Î¥ª¥×¥·¥ç¥ó¤Ï¡¢(
+.B -L
+¥ª¥×¥·¥ç¥ó¤ÈÁȤ߹ç¤ï¤»¤Æ) ¸½ºß¥Þ¥¹¥«¥ì¡¼¥É¤µ¤ì¤Æ¤¤¤ëÀܳ¤ò±ÜÍ÷¤·¤¿¤ê¡¢(
+.B -S
+¥ª¥×¥·¥ç¥ó¤ÈÁȤ߹ç¤ï¤»¤Æ) ¥«¡¼¥Í¥ë¤Ë¥Þ¥¹¥«¥ì¡¼¥É¤ÎÃͤòÀßÄꤹ¤ë¡£
+.TP
+.BI "-S, --set tcp tcpfin udp"
+IP ¥Þ¥¹¥«¥ì¡¼¥É¤Ë»ÈÍѤ¹¤ë¥¿¥¤¥à¥¢¥¦¥ÈÃͤòÊѹ¹¤¹¤ë¡£
+¤³¤Î¥³¥Þ¥ó¥É¤Ï¾ï¤Ë 3 ¤Ä¤Î¥Ñ¥é¥á¡¼¥¿¤ò¼è¤ê¡¢¤½¤ì¤¾¤ì¡¢TCP ¥»¥Ã¥·¥ç¥ó¡¢
+FIN ¥Ñ¥±¥Ã¥È¼õ¿®¸å¤Î TCP ¥»¥Ã¥·¥ç¥ó¡¢UDP ¥Ñ¥±¥Ã¥È¤ËÂФ¹¤ë¥¿¥¤¥à¥¢¥¦¥È
+ÃÍ (ÉÃ) ¤òɽ¤¹¡£
+¥¿¥¤¥à¥¢¥¦¥ÈÃÍ 0 ¤Ï¡¢Âбþ¤¹¤ë¹àÌܤθ½ºß¤Î¥¿¥¤¥à¥¢¥¦¥ÈÃͤ¬ÊÝ»ý¤µ¤ì¤ë
+¤³¤È¤ò°ÕÌ£¤¹¤ë¡£
+¤³¤Î¥ª¥×¥·¥ç¥ó¤Ï¡¢
+.B -M
+¥Õ¥é¥°¤È¤ÎÁȤ߹ç¤ï¤»¤Î»þ¤Î¤ß»ÈÍѤǤ¤ë¡£
+.TP
+.B "-C, --check"
+ÁªÂò¤·¤¿¥Á¥§¥¤¥ó¤ÇÍ¿¤¨¤é¤ì¤¿¥Ñ¥±¥Ã¥È¤ò¾È¹ç¤¹¤ë¡£
+¤³¤Î¥Ñ¥±¥Ã¥È¤ò¡¢¥Í¥Ã¥È¥ï¡¼¥¯¤«¤éÍ褿 "ËÜʪ¤Î" ¥Ñ¥±¥Ã¥È¤Î¤è¤¦¤Ë°·¤ï¤»¤ë¤³¤È¤Ç
+¥«¡¼¥Í¥ë¥ë¡¼¥Á¥ó¤Î¥Æ¥¹¥È¤Ë»È¤¨¤ë¡£
+ÁȤ߹þ¤ßºÑ¤ß¥Á¥§¥¤¥ó¤ä¥æ¡¼¥¶ÄêµÁ¥Á¥§¥¤¥ó¤ò¥Á¥§¥Ã¥¯¤¹¤ë¤Î¤Ë¤â»È¤¨¤ë¡£
+¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Î¥ë¡¼¥ë¤òµ¬Äꤷ¤¿°ú¿ô¤Ï¡¢¥Æ¥¹¥ÈÍѥѥ±¥Ã¥È¤ò¹½ÃÛ¤¹¤ë¤Î¤Ë¤â
+»È¤¨¤ë¡£
+Æäˡ¢
+.B -s
+(ȯ¿®¸µ)¡¢
+.B -d
+(°¸Àè)¡¢
+.B -p
+(¥×¥í¥È¥³¥ë)¡¢
+.B -i
+(¥¤¥ó¥¿¡¼¥Õ¥§¡¼¥¹) ¥Õ¥é¥°¤Ïɬ¤º»ØÄꤹ¤ë¡£
+.TP
+.B "-h, --help"
+¥³¥Þ¥ó¥É¤Î½ñ¼°¤Ë´Ø¤¹¤ë (º£¤Î¤È¤³¤í¤ÏÈó¾ï¤Ë´Êñ¤Ê) ÀâÌÀ¤òɽ¼¨¤¹¤ë¡£
+¥ª¥×¥·¥ç¥ó¤Ë
+.IR icmp
+¤ò»ØÄꤹ¤ë¤È¡¢ICMP ̾¤Î°ìÍ÷¤òɽ¼¨¤¹¤ë¡£
+.TP
+.B "-V, --version"
+ñ¤Ë ipchains ¤Î¥Ð¡¼¥¸¥ç¥óÈÖ¹æ¤òɽ¼¨¤¹¤ë¡£
+.SS °ú¿ô
+²¼µ¤Ë¼¨¤¹¥Ñ¥é¥á¡¼¥¿¤Ï (Äɲà (append), ºï½ü (delete), ÃÖ´¹(replace),
+ÁÞÆþ (insert) µÚ¤Ó¥Á¥§¥Ã¥¯ (check) ¤Î³Æ¥³¥Þ¥ó¥É¤Ë¤ÆÍѤ¤¤é¤ì¤ë) ¥ë¡¼¥ë¤Î
+»ØÄê¤òÊ䤦¡£
+
+.TP
+.BI "-p, --protocol" "[!] protocol"
+¥Á¥§¥Ã¥¯ÂоݤȤʤë¥ë¡¼¥ë¤Þ¤¿¤Ï¥Ñ¥±¥Ã¥È¤Î¥×¥í¥È¥³¥ë¡£
+¥×¥í¥È¥³¥ë¤Ë¤Ï
+.IR tcp ,
+.IR udp ,
+.IR icmp ,
+.IR all ,
+¤Î¤É¤ì¤«°ì¤Ä¤ò»ØÄꤹ¤ë¡£
+¤Þ¤¿¤Ï¤³¤ì¤é¤Î¥×¥í¥È¥³¥ë¤ËÂбþ¤·¤¿¥×¥í¥È¥³¥ëÈÖ¹æ¤ä¡¢¤³¤ì¤é¤Î¥×¥í¥È¥³¥ë¤Ë
+Âбþ¤·¤Æ¤¤¤Ê¤¤ÈÖ¹æ¤ò»ØÄê¤Ç¤¤ë¡£
+¤Þ¤¿¡¢ /etc/protocols ¤Ë¤¢¤ë¥×¥í¥È¥³¥ë̾¤Ç¤Î»ØÄê¤âµö¤µ¤ì¤ë¡£
+¥×¥í¥È¥³¥ë»ØÄê¤ÎÁ°¤Ë "!" ¤òÃÖ¤¯¤È¡¢¤½¤Î¥×¥í¥È¥³¥ë¤ò»ØÄꤷ¤Ê¤¤¤³¤È¤Ë¤Ê¤ë¡£
+¿ôÃÍ 0 ¤Ï
+.IR all
+¤ÈÅù²Á¤Ç¤¢¤ë¡£
+¥×¥í¥È¥³¥ë
+.I all
+¤ÏÁ´¤Æ¤Î¥×¥í¥È¥³¥ë¤È°ìÃפ·¡¢¤³¤Î¥ª¥×¥·¥ç¥ó¤¬¾Êά¤µ¤ì¤¿¾ì¹ç¤Î¥Ç¥Õ¥©¥ë¥ÈÃÍ
+¤Ç¤¢¤ë¡£
+.I all
+¤Ï check ¥³¥Þ¥ó¥É¤ÈÁȤ߹ç¤ï¤»¤Æ¤Ï¤Ê¤é¤Ê¤¤¡£
+.TP
+.BR "-s, --source, --src " "[!] \fIaddress\fP[/\fImask\fP] [!] [\fIport[:port]\fP]"
+ȯ¿®¸µ¤Î»ØÄê¡£
+.I address
+¤Ï¡¢¥Û¥¹¥È̾¡¦¥Í¥Ã¥È¥ï¡¼¥¯Ì¾¡¦ÁǤΠIP ¥¢¥É¥ì¥¹¤Î¤¤¤º¤ì¤Ç¤â¤è¤¤¡£
+.I mask
+¤Ï¡¢¥Í¥Ã¥È¥Þ¥¹¥¯¡¦Ã±¤Ê¤ë¿ô (¥Í¥Ã¥È¥Þ¥¹¥¯¤Îº¸Â¦¤«¤é¿ô¤¨¤¿ 1 ¤Î¸Ä¿ô) ¤Î¤¤¤º¤ì¤Ç¤â¤è¤¤¡£
+¤·¤¿¤¬¤Ã¤Æ¡¢
+.I 24
+¤È¤¤¤¦ mask ¤ÎÃͤϡ¢
+.IR 255.255.255.0
+¤ÈÅù²Á¤Ç¤¢¤ë¡£
+¥¢¥É¥ì¥¹»ØÄê¤ÎÁ°¤Ë "!" ¤òÃÖ¤¯¤È¡¢¤½¤Î¥¢¥É¥ì¥¹¤ò»ØÄꤷ¤Ê¤¤¤³¤È¤Ë¤Ê¤ë¡£
+.sp 0.5
+ȯ¿®¸µ¤Ë¤Ï¥Ý¡¼¥È»ØÄê¤Þ¤¿¤Ï ICMP ¥¿¥¤¥×¤ò´Þ¤á¤Æ¤â¤è¤¤¡£
+¤³¤ì¤Ï¥µ¡¼¥Ó¥¹Ì¾¡¢¥Ý¡¼¥ÈÈֹ桢ICMP ¥¿¥¤¥×¤Î¿ôÃÍ¡¢¤¢¤ë¤¤¤Ï
+.br
+ ipchains -h icmp
+.br
+¥³¥Þ¥ó¥É¤Çɽ¼¨¤µ¤ì¤ë ICMP ¥¿¥¤¥×̾¤Î¤¤¤º¤ì¤«¤Ç¤è¤¤¡£
+.br
+¤³¤ì¤é ICMP ̾¤Î¿¤¯¤Ï¥¿¥¤¥×¤È¥³¡¼¥É¤ÎξÊý¤ò»²¾È¤¹¤ë¤³¤È¤ËÃí°Õ¤µ¤ì¤¿¤¤¡£
+¤è¤Ã¤Æ¡¢
+.B -d
+¥Õ¥é¥°¤Î¸å¤Î ICMP ¥³¡¼¥É¤Î»ØÄê¤Ï¸í¤ê¤Ç¤¢¤ë¡£
+¤³¤ÎÀá¤Î»Ä¤ê¤ÎÉôʬ¤Ç¤Ï¡¢
+.I port
+¤Ï¥Ý¡¼¥È»ØÄê¤Þ¤¿¤Ï ICMP ¥¿¥¤¥×¤Î¤¤¤º¤ì¤«¤ò°ÕÌ£¤¹¤ë¡£
+ÂоݤȤ¹¤ë¥Ý¡¼¥È¤ÎÈϰϤò
+.IR port : port
+¤È¤¤¤¦½ñ¼°¤Ç»ØÄꤹ¤ë¤³¤È¤â¤Ç¤¤ë¡£
+ºÇ½é¤Î¥Ý¡¼¥È¤ò¾Êά¤¹¤ë¤È¡¢"0" ¤È¤ß¤Ê¤µ¤ì¤ë¡£
+ºÇ¸å¤Î¥Ý¡¼¥È¤ò¾Êά¤¹¤ë¤È¡¢"65535" ¤È¤ß¤Ê¤µ¤ì¤ë¡£
+.sp 0.5
+¥Ý¡¼¥È¤Ï¡¢
+.IR tcp ,
+.IR udp ,
+.I icmp
+¥×¥í¥È¥³¥ë¤È¤ÎÁȤ߹ç¤ï¤»¤Ç¤Î¤ß»ØÄê²Äǽ¤Ç¤¢¤ë¡£
+¥Ý¡¼¥È»ØÄê¤ÎÁ°¤Ë "!" ¤òÃÖ¤¯¤È¡¢¤½¤Î¥Ý¡¼¥È¤ò»ØÄꤷ¤Ê¤¤¤³¤È¤Ë¤Ê¤ë¡£
+check ¥³¥Þ¥ó¥É¤¬»ØÄꤵ¤ì¤¿¾ì¹ç¡¢¸·Ì©¤Ë 1 ¤Ä¤Î¥Ý¡¼¥È¤¬É¬ÍפǤ¢¤ë¡£
+.B -f
+(fragment) ¥Õ¥é¥°¤¬»ØÄꤵ¤ì¤¿¾ì¹ç¡¢¥Ý¡¼¥È¤Î»ØÄê¤Ïµö¤µ¤ì¤Ê¤¤¡£
+.TP
+.BR "--source-port " "[!] [\fIport[:port]\fP]"
+ȯ¿®¸µ¥Ý¡¼¥È¤Þ¤¿¤Ïȯ¿®¸µ¥Ý¡¼¥ÈÈϰϤΡ¢¸ÄÊÌ»ØÄê¤ò²Äǽ¤È¤¹¤ë¡£
+¾ÜºÙ¤Ë¤Ä¤¤¤Æ¤Ï¡¢Á°½Ð¤Î
+.B -s
+¥Õ¥é¥°¤Ë´Ø¤¹¤ë²òÀâ¤ò»²¾È¤Î¤³¤È¡£¥Õ¥é¥°
+.B --sport
+¤Ï¡¢¤³¤Î¥ª¥×¥·¥ç¥ó¤ÎÊÌ̾¤Ç¤¢¤ë¡£
+.TP
+.BR "-d, --destination, --dst " "[!] \fIaddress\fP[/\fImask\fP] [!] [\fIport[:port]\fP]"
+°¸Àè»ØÄê¡£
+¹½Ê¸¤Ë¤Ä¤¤¤Æ¤Î¾ÜºÙ¤ÊÀâÌÀ¤Ï¡¢
+.B -s
+(source) ¥Õ¥é¥°¤Î²òÀâ¤ò»²¾È¤Î¤³¤È¡£
+¥Ý¡¼¥È¤ò»ý¤¿¤Ê¤¤ ICMP ¤ËÂФ·¤Æ¤Ï¡¢"°¸Àè¥Ý¡¼¥È" ¤Ï¿ô»ú¤Î ICMP ¥³¡¼¥É¤òɽ¤¹¡£
+.TP
+.BR "--destination-port " "[!] [\fIport[:port]\fP]"
+¥Ý¡¼¥È¤Î¸ÄÊÌ»ØÄê¤ò²Äǽ¤È¤¹¤ë¡£¾ÜºÙ¤Ë¤Ä¤¤¤Æ¤Ï¡¢
+.B -s
+¥Õ¥é¥°¤Î²òÀâ¤ò»²¾È¤Î¤³¤È¡£¥Õ¥é¥°
+.B --dport
+¤Ï¡¢¤³¤Î¥ª¥×¥·¥ç¥ó¤ÎÊÌ̾¤Ç¤¢¤ë¡£
+.TP
+.BR "--icmp-type " "[!] typename"
+ICMP ¥¿¥¤¥×¤Î»ØÄê¤ò²Äǽ¤Ë¤¹¤ë (Àµ¤·¤¤ ICMP ¥¿¥¤¥×̾¤ò³Îǧ¤¹¤ë¤Ë¤Ï¡¢
+.B "-h icmp"
+¥ª¥×¥·¥ç¥ó¤ò»ÈÍѤ¹¤ë)¡£
+°¸Àè»ØÄê¤Ë ICMP ¥¿¥¤¥×¤òÉղ乤ë¤è¤ê¤â¡¢¤³¤ì¤òÍøÍѤ¹¤ë¤Û¤¦¤¬¤è¤êÊØÍø¤Ê
+¾ì¹ç¤¬Â¿¤¤¡£
+.TP
+.BR "-j, --jump " "\fItarget\fP"
+¤³¤ì¤Ï¥ë¡¼¥ë¤Î¥¿¡¼¥²¥Ã¥È¤ò»ØÄꤹ¤ë -
+¤¹¤Ê¤ï¤Á¡¢¥ë¡¼¥ë¤Ë¥Þ¥Ã¥Á¤·¤¿¥Ñ¥±¥Ã¥È¤Î¹Ô¤¯Ëö¤Ç¤¢¤ë¡£
+¥¿¡¼¥²¥Ã¥È¤Ï¥æ¡¼¥¶ÄêµÁ¥Á¥§¥¤¥ó (⤷¡¢Åö³º¥ë¡¼¥ë¤¬´Þ¤Þ¤ì¤Æ¤¤¤ë¤â¤Î¤ò
+½ü¤¯) ¤«¡¢¥Ñ¥±¥Ã¥È¤Î±¿Ì¿¤òľÀÜ·èÄꤹ¤ëÆÃÄê¤Î¥¿¡¼¥²¥Ã¥È¤Î¤¦¤Á¤Î°ì¤Ä¤¬
+»ØÄê²Äǽ¤Ç¤¢¤ë¡£
+¥ë¡¼¥ëÃæ¤Ç¤³¤Î¥ª¥×¥·¥ç¥ó¤¬¾Êά¤µ¤ì¤¿¾ì¹ç¤Ë¤Ï¡¢¥Ñ¥±¥Ã¥È¤Î±¿Ì¿¤Ë¤ÏÁ´¤¯
+±Æ¶Á¤·¤Ê¤¤¤¬¡¢¥ë¡¼¥ë¤Î¥«¥¦¥ó¥¿¤ÎÃͤÏÁý²Ã¤¹¤ë¡£
+.TP
+.BI "-i, --interface " "[!] name"
+(input ¥Á¥§¥¤¥ó¤Ë¤ª¤¤¤Æ¤Ï) ¼õ¿®¤·¤¿¥Ñ¥±¥Ã¥È¤¬Ä̲᤹¤ë¥¤¥ó¥¿¡¼¥Õ¥§¡¼¥¹Ì¾¡¢
+(forward µÚ¤Ó output ¥Á¥§¥¤¥ó¤Ë¤ª¤¤¤Æ¤Ï) Á÷¿®¤µ¤ì¤ë¥Ñ¥±¥Ã¥È¤¬Ä̲᤹¤ë
+¥¤¥ó¥¿¡¼¥Õ¥§¡¼¥¹Ì¾¤ò»ØÄꤹ¤ë¡£
+¤³¤Î¥ª¥×¥·¥ç¥ó¤¬¾Êά¤µ¤ì¤¿¾ì¹ç¤Ï¶õʸ»úÎó¤È¸«¤Ê¤µ¤ì¡¢Á´¤Æ¤Î
+¥¤¥ó¥¿¡¼¥Õ¥§¡¼¥¹Ì¾¤ò»ØÄꤹ¤ë¤³¤È¤ÈƱ¤¸°ÕÌ£¤Ë¤Ê¤ë¡£
+¥¤¥ó¥¿¥Õ¥§¡¼¥¹Ì¾¤ÎÁ°¤Ë "!" ¤¬ÃÖ¤«¤ì¤ë¤È¡¢¤½¤Î¥¤¥ó¥¿¡¼¥Õ¥§¡¼¥¹¤ò
+»ØÄꤷ¤Ê¤¤¤È¤¤¤¦°ÕÌ£¤Ë¤Ê¤ë¡£
+¥¤¥ó¥¿¥Õ¥§¡¼¥¹Ì¾¤ÎËöÈø¤Î "+" ¤ÏÁ°Êý°ìÃפò¼¨¤·¡¢"+" ¤ÎľÁ°¤Þ¤Ç¤Îʸ»úÎó
+¤Ç»Ï¤Þ¤ë¥¤¥ó¥¿¥Õ¥§¡¼¥¹¤ÎÁ´¤Æ¤Ë¥Þ¥Ã¥Á¤¹¤ë¡£
+.TP
+.B "[!] " "-f, --fragment"
+À£ÃǤµ¤ì¤¿ (fragment: ¥Õ¥é¥°¥á¥ó¥È) ¥Ñ¥±¥Ã¥È¤Î¤¦¤Á 2 ÈÖÌܰʹߤÎ
+¥Õ¥é¥°¥á¥ó¥È¤À¤±¤ò»²¾È¤¹¤ë¥ë¡¼¥ë¤Ç¤¢¤ë¤³¤È¤ò°ÕÌ£¤¹¤ë¡£
+¤½¤Î¤è¤¦¤Ê¥Ñ¥±¥Ã¥È (¤Þ¤¿¤Ï ICMP ¥¿¥¤¥×) ¤Îȯ¿®¸µ¥Ý¡¼¥È¤ä°¸Àè¥Ý¡¼¥È¤ò
+¼±Ê̤¹¤ëÊýË¡¤Ï̵¤¤¤Î¤Ç¡¢¤³¤ÎÎà¤Î¥Ñ¥±¥Ã¥È¤Ï¤¢¤é¤æ¤ë¥ë¡¼¥ë¤È¥Þ¥Ã¥Á¤·¤Ê¤¤¡£
+"-f" ¥Õ¥é¥°¤ÎÁ°¤Ë "!" ¤¬¤¢¤ë¤È¡¢2ÈÖÌܰʹߤΥե饰¥á¥ó¥È¤ò»²¾È¤·¤Ê¤¤¡£
+.SS ¤½¤Î¾¤Î¥ª¥×¥·¥ç¥ó
+°Ê²¼¤Î¥ª¥×¥·¥ç¥ó¤òÄɲ乤뤳¤È¤¬¤Ç¤¤ë -
+.TP
+.BI "-b, --bidirectional"
+ÁÐÊý¸þ¥â¡¼¥É¡£
+¥ë¡¼¥ë¤Ï IP ¥Ñ¥±¥Ã¥È¤ËÂФ·ÁÐÊý¸þ¤Ë¥Þ¥Ã¥Á¤¹¤ë -
+¤³¤ì¤Ïȯ¿®¸µ¤È°¸Àè¤ò¸ò´¹¤·¤Æ¥ë¡¼¥ë¤ò·«¤êÊÖ¤·¤Æµ½Ò¤¹¤ë¤³¤È¤ÈƱ¤¸¸ú²Ì¤ò
+¤â¤¿¤é¤¹¡£
+TCP syn ¥Ñ¥±¥Ã¥È¤ÎÁ÷½Ð¤òµö²Ä¤¹¤ëÀßÄê¤Ë -b ¥ë¡¼¥ë¤òŬ±þ¤¹¤ë¤È¡¢TCP syn
+¥Ñ¥±¥Ã¥È¤Ç¤Ê¤¤¥Ñ¥±¥Ã¥È¤Î¼õ¤±¼è¤ê¤òµö²Ä¤¹¤ëÀßÄê¤Ë¤Ï¤Ê¤é¤Ê¤¤¡£
+¡ÚÌõÃí: -b ¥Õ¥é¥°¤¬È¿ÂФò°ÕÌ£¤¹¤ë¤«¤é¤È¤¤¤Ã¤Æ¡¢"TCP syn¥Ñ¥±¥Ã¥È" ¤ÎÈ¿ÂÐ
+¤Î°ÕÌ£¤Ç "ÈóSYN¥Ñ¥±¥Ã¥È" ¤È¤¤¤¦Âбþ¤Ë¤Ê¤Ã¤¿¤ê¡¢ "¥Ñ¥±¥Ã¥È¤ÎÁ÷½Ð" ¤ÎÈ¿ÂÐ
+¤Î°ÕÌ£¤Ç "¥Ñ¥±¥Ã¥È¤Î¼õ¤±¤È¤ê" ¤È¤¤¤¦Âбþ¤Ë¤Ï¤Ê¤é¤Ê¤¤¡£
+°ÕÌ£¤¬È¿ÂФˤʤë¤Î¤Ïȯ¿®¸µ¥¢¥É¥ì¥¹¤È°¸À襢¥É¥ì¥¹¤Î¸ò´¹¤Ë¤è¤ë¥Ñ¥±¥Ã¥È¤Î
+Êý¸þ¤À¤±¤Ç¤¢¤ê¡¢ "SYN ¥Ñ¥±¥Ã¥È" ¤¬"ÈóSYN¥Ñ¥±¥Ã¥È" ¤Ë¤Ï¤Ê¤é¤Ê¤¤¤·¡¢
+input ¥Á¥§¥¤¥ó¤«¤é output ¥Á¥§¥¤¥ó¤Ë°·¤¤¤¬ÊѤï¤ëÌõ¤Ç¤â¤Ê¤¤¡£¡Û
+¤Ä¤Þ¤ê¡¢-b ¥Õ¥é¥°¤Ï»È¤ï¤º¤Ë¡¢¤¤Á¤ó¤È°ì¤Ä¤º¤Ä¥ë¡¼¥ë¤ò»ØÄꤷ¤¿¤Û¤¦¤¬¤è¤¤¡£
+.TP
+.BI "-v, --verbose"
+¾ÜºÙɽ¼¨¡£
+¤³¤Î¥ª¥×¥·¥ç¥ó¤Ï¡¢¥³¥Þ¥ó¥É¤Î¥¤¥ó¥¿¡¼¥Õ¥§¡¼¥¹¥¢¥É¥ì¥¹¡¦(¤â¤·¤¢¤ì¤Ð)
+¥ë¡¼¥ë¤Î¥ª¥×¥·¥ç¥ó¡¦TOS ¥Þ¥¹¥¯¡¦¥Ñ¥±¥Ã¥È¤È¥Ð¥¤¥È¤Î¥«¥¦¥ó¥¿¤ò°ìÍ÷ɽ¤Ë¤·¤Æ
+ɽ¼¨¤¹¤ë¡£
+¥«¥¦¥ó¥¿É½¼¨¤Î¸å¤Î 'K', 'M', 'G' ¤Ï³Æ¡¹¡¢ 1000, 1,000,000, 1,000,000,000 Çܤò
+°ÕÌ£¤¹¤ë¡£
+(⤷¡¢
+.B -x
+¥Õ¥é¥°¤Ï¤³¤Îɽ¼¨ÊýË¡¤òÊѹ¹¤¹¤ë¡£)
+.BR -M
+¤ÈÁȤ߹ç¤ï¤»¤Æ»È¤¦¤È¡¢¥Ç¥ë¥¿¥·¡¼¥±¥ó¥¹ÈÖ¹æ (delta sequence numbers) ¤Ë
+´ØÏ¢¤¹¤ë¾ðÊó¤âɽ¼¨¤µ¤ì¤ë¡£
+Äɲá¢ÁÞÆþ¡¢ºï½ü¡¢ÃÖ´¹¤Ë¤³¤Î¥ª¥×¥·¥ç¥ó¤òŬÍѤ¹¤ë¤È¡¢¥ë¡¼¥ë¤Î¾ÜºÙ¾ðÊó¤¬
+ɽ¼¨¤µ¤ì¤ë¤è¤¦¤Ë¤Ê¤ë¡£
+.TP
+.BI "-n, --numeric"
+¿ôÃͤǤνÐÎÏ¡£
+IP ¥¢¥É¥ì¥¹¤È¥Ý¡¼¥ÈÈֹ椬¿ôÃÍ·Á¼°¤Ç½ÐÎϤµ¤ì¤ë¡£
+¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¡¢ ipchains ¤Ï¤½¤ì¤é¤ò¥Û¥¹¥È̾¡¢¥Í¥Ã¥È¥ï¡¼¥¯Ì¾¡¢°¿¤Ï
+¥µ¡¼¥Ó¥¹Ì¾¤Ç(½ÐÍè¤ë¤À¤±)ɽ¼¨¤·¤è¤¦¤È»î¤ß¤ë¡£
+.TP
+.BI "-l, --log"
+¥Þ¥Ã¥Á¤·¤¿¥Ñ¥±¥Ã¥È¤ò¥«¡¼¥Í¥ë¤Î¥í¥°¤ËµÏ¿¤¹¤ë¡£
+¥ë¡¼¥ë¤Ë¤³¤Î¥ª¥×¥·¥ç¥ó¤¬ÀßÄꤵ¤ì¤ë»þ¡¢ Linux ¥«¡¼¥Í¥ë¤Ï
+.IR printk()
+´Ø¿ô¤òÄ̤¸¤Æ¡¢¥Þ¥Ã¥Á¤·¤¿¥Ñ¥±¥Ã¥ÈÁ´¤Æ¤Î(¿¤¯¤Ï IP ¥Ø¥Ã¥À¥Õ¥£¡¼¥ë¥É¤Ë´Ø¤¹¤ë)
+¾ðÊó¤ò½ÐÎϤ¹¤ë¡£
+.TP
+.BI "-o, --output" " [maxsize]"
+¥Þ¥Ã¥Á¤·¤¿¥Ñ¥±¥Ã¥È¤ò¥æ¡¼¥¶¶õ´Ö¤Î¥Ç¥Ð¥¤¥¹¤Ø¥³¥Ô¡¼¤¹¤ë¡£
+¤³¤ì¤Ï¸½ºß¼ç¤Ë¥æ¡¼¥¶¶õ´Ö¤Ç¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Î¸ú²Ì¤ò»È¤Ã¤Æ²¿¤«¤·¤¿¤¤
+³«È¯¼Ô¤¬»ÈÍѤ¹¤ë¡£
+¥ª¥×¥·¥ç¥ó°ú¿ô¤ÎºÇÂ祵¥¤¥º¤Ï¥³¥Ô¡¼¤µ¤ì¤ë¥Ñ¥±¥Ã¥È¤ÎºÇÂç¿ô¤òÀ©¸Â¤¹¤ë
+°Ù¤Ë»È¤ï¤ì¤ë¡£
+¤³¤Î¥ª¥×¥·¥ç¥ó¤Ï¥«¡¼¥Í¥ë¤ò CONFIG_IP_FIREWALL_NETLINK ¤òÀßÄꤷ¤Æ
+¥³¥ó¥Ñ¥¤¥ë¤·¤¿»þ¤Î¤ß͸ú¤Ç¤¢¤ë¡£
+.TP
+.BI "-m, --mark" " markvalue"
+¥Þ¥Ã¥Á¤·¤¿¥Ñ¥±¥Ã¥È¤Ë°õ¤òÉÕ¤±¤ë¡£
+¥Ñ¥±¥Ã¥È¤Ë¤Ï 32 ¥Ó¥Ã¥È¤ÎÉä¹æ̵¤·¤Î¿ôÃͤǰõ¤¬ÉÕ¤±¤é¤ì¡¢
+¤½¤ÎÃͤˤè¤Ã¤Æ (¤½¤Î¤¦¤Á) ¤½¤Î¥Ñ¥±¥Ã¥È¤¬ÆâÉô¤Ç
+¤É¤Î¤è¤¦¤Ë°·¤ï¤ì¤ë¤«¤¬Êѹ¹¤Ç¤¤ë¤è¤¦¤Ë¤Ê¤ë¤À¤í¤¦¡£
+¤¢¤Ê¤¿¤¬¥«¡¼¥Í¥ë¥Ï¥Ã¥«¡¼¤Ç¤Ê¤±¤ì¤Ð¡¢¤³¤Î¥ª¥×¥·¥ç¥ó¤Ïµ¤¤Ë¤·¤Ê¤¯¤ÆÎɤ¤¡£
+.I ¥Þ¡¼¥¯ÃÍ
+¤¬ + °¿¤Ï - ¤«¤é»Ï¤Þ¤ëºÝ¤Ë¤Ï¡¢ (¥¼¥í¤«¤é»Ï¤Þ¤ë) ¸½ºß¤Î¥Þ¡¼¥¯Ãͤ«¤é¤½¤ÎÃͤò
+²Ã»»°¿¤Ï¸º»»¤¹¤ë¡£
+.TP
+.BI "-t, --TOS" " andmask xormask"
+IP ¥Ø¥Ã¥ÀÆâ¤Î TOS ¥Õ¥£¡¼¥ë¥É¤òÊѹ¹¤¹¤ë°Ù¤Ë»ÈÍѤµ¤ì¤ë¥Þ¥¹¥¯¡£
+¥Ñ¥±¥Ã¥È¤¬¥ë¡¼¥ë¤Ë¥Þ¥Ã¥Á¤¹¤ë»þ¡¢¤½¤Î TOS ¥Õ¥£¡¼¥ë¥É¤Ï 1 ÈÖÌܤΥޥ¹¥¯
+¤Ç¥Ó¥Ã¥Èñ°Ì¤ÎÏÀÍýÀѤ¬¹Ô¤ï¤ì¡¢¤½¤Î·ë²Ì¤Ï 2 ÈÖÌܤΥޥ¹¥¯¤Ç¥Ó¥Ã¥Èñ°Ì¤Î
+ÇÓ¾ŪÏÀÍýϤ¬¹Ô¤ï¤ì¤ë¡£
+¥Þ¥¹¥¯ÃÍ¤Ï 16 ¿Ê¤Î 8 ¥Ó¥Ã¥ÈÃͤǻØÄꤹ¤ë¡£
+TOS ¥Õ¥£¡¼¥ë¥É¤Î LSB ¤ÏÉÔÊѤǤʤ±¤ì¤Ð¤Ê¤é¤Ê¤¤ (RFC 1349) ¡£
+¤³¤ì¤òÊѹ¹¤·¤è¤¦¤È¤¹¤ë¤È¡¢µñÀ䤵¤ì¤ë¡£
+¤¹¤Ê¤ï¤Á¡¢ TOS ¥Ó¥Ã¥È¤¬ 1 ¤Ä°Ê¾åÀßÄꤵ¤ì¤Æ¤¤¤ë¤â¤Î¤¬¤³¤ì¤Ë³ºÅö¤¹¤ë¡£
+¥Ñ¥±¥Ã¥È¤ËÊ£¿ô¤Î TOS ¥Ó¥Ã¥È¤òÀßÄꤷ¤è¤¦¤È¤¹¤ë¤È¡¢(ɸ½à½ÐÎϤòÄ̤¸¤Æ)
+¥ï¡¼¥Ë¥ó¥°¥á¥Ã¥»¡¼¥¸¤ò½Ð¤¹¡£
+¤½¤Î¤è¤¦¤Ê TOS Ãͤò»ý¤Ä¥Ñ¥±¥Ã¥È¤¬Åö³º¥ë¡¼¥ë¤ËÅþ㤹¤ë¤³¤È¤Ï¤¢¤êÆÀ¤Ê¤¤¤È
+¤ï¤«¤Ã¤Æ¤¤¤ë¤Ê¤é¡¢¥ï¡¼¥Ë¥ó¥°¥á¥Ã¥»¡¼¥¸¤Ï̵»ë¤Ç¤¤ë¡£
+ÌÞÏÀ¡¢ TOS ¤ÎÁàºî¤Ï¥ë¡¼¥ë¤Î¥¿¡¼¥²¥Ã¥È¤¬
+.I DENY
+°¿¤Ï
+.IR REJECT
+¤Î¾ì¹ç¤Ë¤Ï̵°ÕÌ£¤Ç¤¢¤ë¡£
+.TP
+.BI "-x, --exact"
+ÈÖ¹æɽ¼¨¤Î³ÈÄ¥¡£
+¥Ñ¥±¥Ã¥ÈµÚ¤Ó¥Ð¥¤¥È¥«¥¦¥ó¥¿¤ÎÃͤò K (1000ÇÜ)¡¢ M (1000KÇÜ) °¿¤Ï
+G (1000MÇÜ)¤Ç´Ý¤á¤¿ÃͤǤʤ¯¡¢Àµ³Î¤ÊÃͤÇɽ¼¨¤¹¤ë¡£
+¤³¤Î¥ª¥×¥·¥ç¥ó¤Ï
+.B -L
+¥³¥Þ¥ó¥É¤Ç¤Î¤ß͸ú¤Ç¤¢¤ë¡£
+.TP
+.BI "[!] -y, --syn"
+TCP ¥Ñ¥±¥Ã¥È¤ÎÆâ¡¢SYN ¥Ó¥Ã¥È¤¬¥»¥Ã¥È¤µ¤ì ACK ¥Ó¥Ã¥È¤È FIN ¥Ó¥Ã¥È¤¬¥¯¥ê¥¢
+¤µ¤ì¤¿¥Ñ¥±¥Ã¥È¤Ë¤Î¤ß¥Þ¥Ã¥Á¤¹¤ë¡£
+¤½¤Î¤è¤¦¤Ê¥Ñ¥±¥Ã¥È¤Ï¡¢TCP Àܳ¤Î³«»ÏÍ×µá¤Ë»ÈÍѤµ¤ì¤ë¡£
+Î㤨¤Ð¡¢¤¢¤ë¥¤¥ó¥¿¡¼¥Õ¥§¡¼¥¹¤ØÅþÃ夹¤ë¤½¤Î¤è¤¦¤Ê¥Ñ¥±¥Ã¥È¤ò¼×ÃǤ¹¤ë¤È¡¢
+Æâ¸þ¤¤Î TCP Àܳ¤òËɻߤ¹¤ë¤¬¡¢³°¸þ¤¤Î TCP Àܳ¤Ï±Æ¶Á¤ò¼õ¤±¤Ê¤¤¡£
+¤³¤Î¥ª¥×¥·¥ç¥ó¤Ï¡¢¥×¥í¥È¥³¥ë¤Î¼ïÎब TCP ¤ËÀßÄꤵ¤ì¤Æ¤¤¤ë¾ì¹ç¤Ë¤Î¤ß°ÕÌ£¤ò»ý¤Ä¡£
+"-y" ¤ÎÁ°¤Ë "!" ¥Õ¥é¥°¤¬¤¢¤ë¤È¡¢¤³¤Î¥ª¥×¥·¥ç¥ó¤ÎȽÄê·ë²Ì¤¬ÈÝÄꤵ¤ì¤ë¡£
+¡ÚÌõÃí: -y ¤Î¾ì¹ç¡¢³Æ¡¹¤Î¥Ó¥Ã¥È¤Î¾ò·ï¤Ï "SYN=1 and ACK=0 and FIN=0" ¤Î
+Áȹ礻¤Ë¤Î¤ß¥Þ¥Ã¥Á¤¹¤ë¡£
+"! -y" ¤Ï¤³¤ÎÈÝÄê¤Ê¤Î¤Ç¡¢³Æ¥Ó¥Ã¥È¤ÎÁȹ礻¤¬¾åµ°Ê³°¤ÎÁ´¤Æ¤Î¥Ñ¥±¥Ã¥È¤¬
+¥Þ¥Ã¥Á¤¹¤ë¡£
+¤¹¤Ê¤ï¤Á¡¢ "SYN=0 or ACK=1 or FIN=1" ¤È¤¤¤¦¾ò·ï¤Ë¤Ê¤ë¡£
+SYN ¥Ó¥Ã¥È¤¬ 0 ¤Ç¤¢¤ì¤ÐÎɤ¤¤Î¤Ï¸À¤¦¤Þ¤Ç¤â¤Ê¤¯¡¢Î㤨¤Ð
+"SYN=1 and ACK=1 and FIN=0" ¤È¤¤¤¦Áȹ礻¤Ç¤â¥Þ¥Ã¥Á¤¹¤ë¡£¡Û
+.TP
+.BI "--line-numbers"
+¥ë¡¼¥ë¤ò°ìÍ÷ɽ¼¨¤¹¤ëºÝ¡¢³Æ¥ë¡¼¥ë¤ÎÀèƬ¤Ë¤½¤Î¥ë¡¼¥ë¤Î¥Á¥§¥¤¥óÃæ¤Ç¤Î
+°ÌÃÖ¤ËÂбþ¤¹¤ë¹ÔÈÖ¹æ¤òÄɲ乤롣
+.TP
+.BI "--no-warnings"
+Á´¤Æ¤Î·Ù¹ð¤ò̵¸ú¤Ë¤¹¤ë¡£
+.SH ¥Õ¥¡¥¤¥ë
+.I /proc/net/ip_fwchains
+.br
+.I /proc/net/ip_masquerade
+.SH ÊÖ¤êÃÍ
+³Æ¼ï¥¨¥é¡¼¥á¥Ã¥»¡¼¥¸¤Ïɸ½à¥¨¥é¡¼½ÐÎϤ˽ÐÎϤµ¤ì¤ë¡£
+Àµ¾ïÆ°ºî»þ¤Î½ªÎ»¥³¡¼¥É¤Ï 0 ¤Ç¤¢¤ë¡£
+̵¸ú¤Ê¡¢°¿¤Ï¸í¤Ã¤¿¥³¥Þ¥ó¥É¹Ô¥Ñ¥é¥á¡¼¥¿¤Ëµ¯°ø¤¹¤ë¤È»×¤ï¤ì¤ë¥¨¥é¡¼¤Ï¡¢
+½ªÎ»¥³¡¼¥É 2 ¤òȯÀ¸¤¹¤ë¡£
+¤½¤Î¾¤Î¥¨¥é¡¼¤Ç¤Î½ªÎ»¥³¡¼¥É¤Ï 1 ¤Ç¤¢¤ë¡£
+.SH ¥Ð¥°
+.PP
+¥¿¡¼¥ß¥Ê¥ë¤«¤é¤ÎÆþÎϤˤè¤ê forward ¥Á¥§¥¤¥ó¤Ø¥ë¡¼¥ë¤¬ÁÞÆþ¤Þ¤¿¤ÏÄɲ䵤줿
+¤È¤¤Ë IP žÁ÷µ¡Ç½¤¬Í¸ú¤Ë¤Ê¤Ã¤Æ¤¤¤Ê¤¤¾ì¹ç¤Ç --no-warnings ¤ò
+»ØÄꤷ¤Æ¤¤¤Ê¤±¤ì¤Ð¡¢¸í¤ê¤ò½¤Àµ¤¹¤ë¤Þ¤Ç IP žÁ÷¤¬¹Ô¤ï¤ì¤Ê¤¤¤³¤È¤ò·Ù¹ð¤¹¤ë
+¥á¥Ã¥»¡¼¥¸¤¬É¸½à½ÐÎϤØɽ¼¨¤µ¤ì¤ë¡£
+¤³¤ì¤Ï¡¢(2.0 ¥«¡¼¥Í¥ë¤Ë¤Ï¸ºß¤·¤Ê¤«¤Ã¤¿) ɬÍ×¾ò·ï¤Ëµ¤ÉÕ¤«¤Ê¤¤¥æ¡¼¥¶¤ò½õ¤±
+¤ë¤¿¤á¤Î¤â¤Î¤Ç¤¢¤ë¡£
+.PP
+¥Ñ¥±¥Ã¥È¥«¥¦¥ó¥¿¤È¥Ð¥¤¥È¥«¥¦¥ó¥¿¤ò 1 ¤Ä¤Î¥Á¥§¥¤¥ó¤Îʬ¤À¤±¥ê¥»¥Ã¥È¤¹¤ë
+ÊýË¡¤Ï̵¤¤¡£¤³¤ì¤Ï¥«¡¼¥Í¥ë¤ÎÀ©¸Â¤Ç¤¢¤ë¡£
+.PP
+¥ë¡¼¥×¤Î¸¡ÃÎ¤Ï ipchains ¤Ç¤Ï¹Ô¤ï¤ì¤Ê¤¤¡£
+¥ë¡¼¥×¾õÂ֤ˤ¢¤ë¥Ñ¥±¥Ã¥È¤ÏÇË´þ¤µ¤ì¥í¥°¤ËµÏ¿¤µ¤ì¤ë¤¬¡¢
+¤¦¤Ã¤«¤ê¥ë¡¼¥×¤òºî¤Ã¤Æ¤·¤Þ¤¦¤³¤È¤ò¹Íθ¤·¤Æ¡¢¥í¥°¤«¤é¸«¤Ä¤±½Ð¤¹¤³¤È¤¬
+ɬÍפǤ¢¤ë¡£
+.PP
+¿·¤·¤¤ 2.1 ¥«¡¼¥Í¥ë¤Î¥Ñ¥±¥Ã¥È¥¹¥±¥¸¥å¡¼¥ê¥ó¥°¤Î¥ë¡¼¥Á¥ó¤ò¾Ü½Ò¤¹¤ëʸ½ñ¤¬
+¥ê¥ê¡¼¥¹¤µ¤ì¤ëËø¡¢¥Ñ¥±¥Ã¥È¤Î¥Þ¡¼¥¥ó¥°¤Î¸ú²Ì¤Ë´Ø¤¹¤ëÀâÌÀ¤Ï°Õ¿ÞŪ¤Ë
+Û£Ëæ¤Ë¤·¤Æ¤¤¤ë¡£
+.PP
+(ÁȤ߹þ¤ßºÑ¤ß¥Á¥§¥¤¥ó¤Î) ¥Ý¥ê¥·¡¼¥«¥¦¥ó¥¿¤ò 0 ¤Ë¤¹¤ëÊýË¡¤Ï̵¤¤ ¡£
+.SH Ãí°Õ
+.B ipchains
+¤Ï¡¢¿·¤·¤¤ IP ¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¥Ä¥ê¡¼¤òÍøÍѤ¹¤ë¤È¤¤¤¦ÅÀ¤Ç¡¢Jos Vos ºî¤Î
+ipfwadm ¤È¤ÏÂ礤¯°Û¤Ê¤Ã¤Æ¤¤¤ë¡£
+ipchains ¤Îµ¡Ç½¤Ï ipfwadm ¤Î¥¹¡¼¥Ñ¡¼¥»¥Ã¥È¤Ç¤¢¤ê¡¢¥³¥Þ¥ó¥É¤Ï¤Û¤Ü 1 ÂÐ 1 ¤Ç
+ÂбþÉÕ¤±¤ë¤³¤È¤¬¤Ç¤¤ë¡£
+¿·¤·¤¤¥³¥Þ¥ó¥É̾¤Ï¡¢¤è¤êÍý¤ËŬ¤Ã¤¿¤â¤Î¤Ç¤¢¤ë¤È»×¤¦¡£
+¤È¤Ï¤¤¤¨¡¢Ãí°Õ¤¹¤Ù¤Êѹ¹ÅÀ¤â¤¤¤¯¤Ä¤«Â¸ºß¤¹¤ë¡£
+.PP
+¥Õ¥é¥°¥á¥ó¥È¤Î°·¤¤¤¬°Û¤Ê¤ë¡£
+½¾Íè¤Ï¡¢2 ÈÖÌܰʹߤΥե饰¥á¥ó¥È¤òÁ´¤ÆÄ̲ᤵ¤»¤Æ¤¤¤¿ (Ä̾¤³¤ì¤Ï°ÂÁ´¤Ç¤¢¤ë)¡£
+¸½ºß¤Ç¤Ï¡¢¤³¤ì¤é¤ò¥Õ¥£¥ë¥¿¤¹¤ë¤³¤È¤¬¤Ç¤¤ë¡£
+¤¹¤Ê¤ï¤Á¡¢ ipfwadm ¤«¤é¥ë¡¼¥ë¤òÊÑ´¹¤¹¤ëºÝ¤Ë¤Ï¡¢¥Õ¥é¥°¥á¥ó¥È¤òµö²Ä¤¹¤ë
+¥ë¡¼¥ë¤òÌÀ¼¨¤·¤Ê¤±¤ì¤Ð¤Ê¤é¤Ê¤¤¡£
+ƱÍͤˡ¢Á÷¿®¸µµÚ¤Ó°¸Àè¥Ý¡¼¥È¤Ë 0xFFFF (ICMP ¤Ç¤Ï 0xFF) ¤ò»ØÄꤷ¤Æ
+¥Á¥§¥Ã¥¯¤¹¤ë¡¢¸Å¤¤Åý·× (accounting)¥ë¡¼¥ë¤òõ¤¹É¬Íפ¬¤¢¤ë¡£
+¤³¤ì¤Ï¥Õ¥é¥°¥á¥ó¥È¤ÎÅý·×¤ò¼è¤ë¸Å¤¤ÊýË¡¤Ç¤¢¤ë¡£
+.PP
+Åý·× (accounting) ¥ë¡¼¥ë¤Ï¡¢¸½ºß¤Ï input ¥Á¥§¥¤¥ó¤È output ¥Á¥§¥¤¥ó¤Ø
+Åý¹ç¤µ¤ì¤Æ¤¤¤ë¡£
+°ÊÁ°¤ÎµóÆ°¤ÈƱ¤¸¤è¤¦¤Ë¤¹¤ë¤Ë¤Ï°Ê²¼¤Î¤è¤¦¤Ë¤¹¤ì¤Ð¤è¤¤ -
+.br
+ ipchains -N acctin
+.br
+ ipchains -N acctout
+.br
+ ipchains -N acctio
+.br
+ ipchains -I input -j acctio
+.br
+ ipchains -I input -j acctin
+.br
+ ipchains -I output -j acctio
+.br
+ ipchains -I output -j acctout
+.br
+¤³¤ì¤Ï 3 ¤Ä¤Î¥æ¡¼¥¶ÄêµÁ¥Á¥§¥¤¥ó¡¢
+.IR acctin ,
+.I acctout ,
+.IR acctio ,
+¤òÀ¸À®¤¹¤ë¡£
+¤³¤ì¤é¤Ï¤¢¤é¤æ¤ëÅý·×¥ë¡¼¥ë¤ò´Þ¤á¤é¤ì¤ë¡£
+(¤³¤ì¤é¤Î¥ë¡¼¥ë¤Ï
+.B -j
+¥Õ¥é¥°¤ò»È¤ï¤º»ØÄꤹ¤ë¤Ù¤¤Ç¤¢¤ë¡£
+¤½¤¦¤¹¤ì¤Ð¡¢¥Ñ¥±¥Ã¥È¤Ï¤³¤ì¤é¤Î¥Á¥§¥¤¥ó¤òñ¤Ë̵½ý¤Î¤Þ¤ÞÄ̲᤹¤ë¡£)
+.PP
+¥«¡¼¥Í¥ë¤¬
+.I MASQ
+¥¿¡¼¥²¥Ã¥È¤ä
+.I REDIRECT
+¥¿¡¼¥²¥Ã¥È¤¬ÉÔŬÀڤʤȤ³¤í¤Ë¤¢¤ë (¤Ä¤Þ¤ê¡¢ forward ¥ë¡¼¥ë°Ê³°¤Ë
+MASQ ¤¬¤¢¤Ã¤¿¤ê¡¢ÆþÎϥ롼¥ë°Ê³°¤Ë REDIRECT ¤¬¤¢¤ëÅù) ¤Î¤ò¸«¤Ä¤±¤ë¤È¡¢syslog
+¤Ë¥á¥Ã¥»¡¼¥¸¤òµÏ¿¤·¡¢¤½¤Î¥Ñ¥±¥Ã¥È¤ÏÇË´þ¤µ¤ì¤ë¡£
+.PP
+SYN µÚ¤Ó ACK ¤Ë¹çÃפ¹¤ëºÝ¤Î¸Å¤¤µóÆ° (½¾Íè¡¢Èó TCP ¥Ñ¥±¥Ã¥È¤ËÂФ·¤Æ¤Ï
+̵»ë¤µ¤ì¤Æ¤¤¤¿) ¤¬Êѹ¹¤µ¤ì¤¿¡£
+Èó TCP ¥Ñ¥±¥Ã¥È¸ÇͤΥ롼¥ë¤ËÂФ¹¤ë SYN ¥ª¥×¥·¥ç¥ó¤Ï¸í¤ê¤Ç¤¢¤ë¡£
+.PP
+ACK ¥Þ¥Ã¥Á¥ó¥°¥ª¥×¥·¥ç¥ó (
+.B -k
+¥Õ¥é¥°) ¤Ï¡¢¤â¤Ï¤ä¥µ¥Ý¡¼¥È¤µ¤ì¤Ê¤¤¡£
+.B !
+¤È
+.B -y
+¤È¤ÎÁȤ߹ç¤ï¤»¤¬¤³¤ì¤ËÁêÅö¤¹¤ë)¡£
+.PP
+¸½ºß¤Ç¤Ï¡¢TOS ¤ÎºÇ²¼°Ì¥Ó¥Ã¥È¤òÀßÄꡦÊѹ¹¤¹¤ë TOS ¥Þ¥¹¥¯¤ò
+ÌÀµ¤¹¤ë¤Î¤Ï¥¨¥é¡¼¤Ë¤Ê¤ë -
+°ÊÁ°¤Î TOS ¥Þ¥¹¥¯¤Î¾ì¹ç¡¢¤½¤Î¤è¤¦¤Ê»î¤ß¤Ï¥«¡¼¥Í¥ëÆâÉô¤ÇÌۤäÆ
+Êѹ¹¤µ¤ì¤Æ¤¤¤¿¡£
+.PP
+¸½ºß¡¢
+.B -b
+¥Õ¥é¥°¤Ïñ¤ËÁ÷¿®¸µµÚ¤Ó°¸Àè¤Î»ØÄê¤òȿž¤µ¤»¤ë¥ë¡¼¥ë¤ÎÁȹ礻¤ò
+ÁÞÆþ°¿¤Ïºï½ü¤¹¤ë°Ù¤À¤±¤Ë¤Ê¤Ã¤¿¡£
+.PP
+¥¤¥ó¥¿¡¼¥Õ¥§¡¼¥¹¤ò¥¢¥É¥ì¥¹¤Ç»ØÄꤹ¤ëÊýË¡¤Ï̵¤¤¡£¥¤¥ó¥¿¡¼¥Õ¥§¡¼¥¹Ì¾¤ò»È¤¦¤³¤È¡£
+.SH ´ØÏ¢¹àÌÜ
+ipfw(4)
+.SH Ãø¼Ô
+Rusty Russell <rusty@linuxcare.com>¡£ºÙ¤«¤ÊÅÀ¤Þ¤Ç¹»Àµ¤·¤Æ¤¯¤ì¤¿ Hans Persson
+¤Ë¤ªÎ餬¸À¤¤¤¿¤¤¡£º£¸å»ä¤¬½ñ¤¯Ê¸½ñ¤Ï¡¢Á´ÉôÈà¤ËÆɤó¤Ç¤â¤é¤¤¤¿¤¤!
+.SH ËÝÌõ¼Ô
+Âç¿À ½ß <ati@ff.iij4u.or.jp>
+.br
+¾¾ÅÄ ÍÛ°ì <matsuda@palnet.or.jp>
+.SH ÆüËܸìÈǹ»Àµ
+ÇòÊý ·òÂÀϺ <argrath@ub32.org>
+.br
+Éð°æ ¿¸÷ <takei@webmasters.gr.jp>
+.br
+¸µÌÚ ¸²¹° <amotoki@dd.iij4u.or.jp>
+.br
+´Øº¬ ãÉ× <tsekine@isoternet.org>
OSDN Git Service
