\r
<p>Add next lines to the kernel.</p>\r
\r
+<p>(For FreeBSD6.x or earlier)</p>\r
+\r
<table><tr><td><pre>\r
options IPDIVERT\r
\r
options TCP_DROP_SYNFIN\r
</pre></td></tr></table>\r
\r
+<p>(For FreeBSD7.x or latter)</p>\r
+\r
+<table><tr><td><pre>\r
+options IPDIVERT\r
+\r
+options IPFIREWALL\r
+options IPFIREWALL_FORWARD\r
+options IPFIREWALL_VERBOSE\r
+options IPFIREWALL_VERBOSE_LIMIT=100\r
+\r
+options IPSEC\r
+device crypto\r
+</pre></td></tr></table>\r
+\r
<UL>\r
<li>When use NAT, IPDIVERT is necessary. </li>\r
<li>When need firewal log, *VERBOSE is necessary. </li>\r
<p>\r
Remove the comment mark to enable the following setting\r
<table><tr><td><pre>\r
+AddHandler cgi-script .cgi\r
AddHandler type-map .var\r
</pre></td></tr></table>\r
</p>\r
want to use IPv6 function, you need to set FQDN corresponding to IPv4 and IPv6 both addresses.</p>\r
<p>In <AuthServer>, set the information of authentication server. Though Opengate support various protocol, see the config file for details. To separate the problem between auth server and opengate server, try the following setting firstly.</p>\r
\r
+\r
<table><tr><td><pre>\r
****Do not use this setting in real service****\r
<AuthServer>\r
<AuthServer>\r
</pre></td></tr></table>\r
\r
+<p>The config file is XML form. The # mark in the file does not mean the start of a comment. Use XML-formed comment as <!-- Comment String --> to disable description.</p>\r
+\r
<p>Opengate switchs plural auth servers and other settings by ID attached to userid (userid@ID). See the config file for details. By this function, you can divide the authentication servers for many sections or guests.</P>\r
<p>About parameters that can be modified in the config file, see the config file for details.</P>\r
<p>Caution: As the IPv6 function is activated only when IPv6 access is detected, do not delete the IPv6 related setting in config file. The IPv6 access is executed when the FQDN for IPv6 is prepared.</P>\r
<h4>F.4 Setup of ipfw<A class=anchor href="#opengate4" name=opengate4>\81õ</A></h4>\r
\r
<p>Write ipfw rules for for Opengate. This is example "rc.firewall".</p>\r
-<p>From FreeBSD6.1, IPFW supports IPv6. The IPFW rule used in Opengate is affected by this change. See <a href="http://www.cc.saga-u.ac.jp/opengate/newipfw-e.html>Setting of IPFW on FreeBSD6.1 or Later</a> for detail.</p>\r
+<p>From FreeBSD6.1, IPFW supports IPv6. The IPFW rule used in Opengate is affected by this change. See <a href="http://www.cc.saga-u.ac.jp/opengate/newipfw-e.html">Setting of IPFW on FreeBSD6.1 or Later</a> for detail.</p>\r
\r
<table><tr><td><pre>\r
### set these to your outside interface network and netmask and ip\r
<h4>F.5 Setup of ip6fw<A class=anchor href="#opengate5" name=opengate5>\81õ</A></h4>\r
\r
<p>Write ipfw rules for for Opengate. This is example "rc.firewall6". </p>\r
-<p>From FreeBSD6.1, IPFW supports IPv6. The IPFW rule used in Opengate is affected by this change. See <a href="http://www.cc.saga-u.ac.jp/opengate/newipfw-e.html>Setting of IPFW on FreeBSD6.1 or Later</a> for detail.</p>\r
+<p>From FreeBSD6.1, IPFW supports IPv6. The IPFW rule used in Opengate is affected by this change. See <a href="http://www.cc.saga-u.ac.jp/opengate/newipfw-e.html">Setting of IPFW on FreeBSD6.1 or Later</a> for detail.</p>\r
\r
<table><tr><td><pre>\r
### set these to your outside interface network and prefixlen and ip\r
\r
#######################################\r
##\r
-## shwo opengate status for MRTG\r
+## show opengate status for MRTG\r
##\r
## 1 line : IPv6 Users\r
## 2 line : Total Users\r
\r
<p>\83R\83s\81[\82µ\82½\83J\81[\83l\83\8b\83I\83v\83V\83\87\83\93\82É\81A\8e\9f\82Ì\83I\83v\83V\83\87\83\93\82ð\92Ç\89Á\82·\82é\81B</p>\r
\r
-<table><tr><td><pre>options IPDIVERT\r
+<p> FreeBSD6.x\88È\91O </p>\r
+\r
+<table><tr><td><pre>\r
+options IPDIVERT\r
\r
options IPFIREWALL\r
options IPFIREWALL_FORWARD\r
options TCP_DROP_SYNFIN\r
</pre></td></tr></table>\r
\r
+<p> FreeBSD7.x\88È\8d~ </p>\r
+\r
+<table><tr><td><pre>\r
+options IPDIVERT\r
+\r
+options IPFIREWALL\r
+options IPFIREWALL_FORWARD\r
+options IPFIREWALL_VERBOSE\r
+options IPFIREWALL_VERBOSE_LIMIT=100\r
+\r
+options IPSEC\r
+device crypto\r
+</pre></td></tr></table>\r
+\r
<p>\r
IPDIVERT\82É\82Â\82¢\82Ä\82Í\81AIPv4\82ÌNAT\82ð\97p\82¢\82é\8fê\8d\87\82É\95K\97v\82Å\82 \82é\81B\82Ü\82½\81A\83t\83@\83C\83A\83E\83H\81[\83\8b\82Ì\83\8d\83O\82ð\95K\97v\82Æ\82µ\82È\82¢\8fê\8d\87\82Í\81AVERBOSE\82Ì\8d\80\96Ú\82Í\95s\97v\82Å\82 \82é\81B\82³\82ç\82É\81AIPSEC\82ð\95K\97v\82Æ\82µ\82È\82¢\8fê\8d\87\82Í\81AIPSEC\82Ì\8d\80\96Ú\82Í\95s\97v\82Å\82 \82é\81B\82Ü\82½IPv6\8b@\94\\82ð\8eg\82í\82È\82¢\8fê\8d\87\82É\82Í\81AIPV6FIREWALL\8aÖ\98A\82Í\95s\97v\82Å\82 \82é\81B</p>\r
\r
<p>\r
\89º\82Ì\90Ý\92è\82Ì\83R\83\81\83\93\83g\82ð\8aO\82·\81B\r
<table><tr><td><pre>\r
+AddHandler cgi-script .cgi\r
AddHandler type-map .var\r
</pre></td></tr></table>\r
</p>\r
</AuthServer>\r
</pre></td></tr></table>\r
\r
+<p>\90Ý\92è\83t\83@\83C\83\8b\82ÍXML\8c`\8e®\82Å\82 \82é\81B\83R\83\81\83\93\83g\82Í<!-- Comment String -->\82Æ\8f\91\82\81B#\83}\81[\83N\82Í\83R\83\81\83\93\83g\82ð\88Ó\96¡\82µ\82È\82¢\82Ì\82Å\81A\83R\83\81\83\93\83g\83A\83E\83g\8e\9e\82É\82Í\92\8d\88Ó\82·\82é\82±\82Æ\81B</p>\r
+\r
<p>Opengate\82Í\83\86\81[\83UID\82É\95t\89Á\82µ\82½ID\82É\82æ\82Á\82Ä\81iuserid@ID)\81A\94F\8fØ\83T\81[\83o\82»\82Ì\91¼\82Ì\90Ý\92è\82ð\90Ø\82è\91Ö\82¦\82é\82±\82Æ\82ª\82Å\82«\82é\81B\82±\82ê\82É\82æ\82è\81A\95\94\96å\95Ê\83\86\81[\83U\82â\8aO\95\94\83\86\81[\83U\82É\91Î\82·\82é\94F\8fØ\82ð\95ª\97£\82Å\82«\82é\81B\8fÚ\8d×\82Í\90Ý\92è\83t\83@\83C\83\8b\82ð\8eQ\8fÆ\82Ì\82±\82Æ\81B</p>\r
\r
<p>\82»\82Ì\91¼\81A\90Ý\92è\83t\83@\83C\83\8b\82Å\95Ï\8dX\89Â\94\\82È\83p\83\89\83\81\81[\83^\82É\82Â\82¢\82Ä\82Ì\8fÚ\8d×\82Í\90Ý\92è\83t\83@\83C\83\8b\82ð\8eQ\8fÆ\82Ì\82±\82Æ\81B</p>\r
OSDN Git Service
