    NET-3-HOWTO, Linux Networking.
   Ͻ : 1997 7 12 (2/3 з) 
    : Terry Dawson, VK2KTJ, terry@perf.no.itg.telstra.com.au
    :  , sudoer@nownuri.net
                   vandal@danjae.skku.ac.kr


  Linux NET-3-HOWTO, Linux Networking.
  Terry Dawson, VK2KTJ, terry@perf.no.itg.telstra.com.au
  v1.0, 22 February 1997
  
  ۷ ý  κ scratch ۼ Ŀα Ʈ
 ŷ  ڶ . ֱ Ŀο ԵǾ ִ tcp/ip implementa 
 tion     ؼ װ ġִ    
 ش. 
    Ʈŷ Ʈ, õ  ġ  
 ϴµ ǥ ΰִ. 
 
 1.   ޶ .
 
  Additions:
          lots of things.
  Corrections/Updates:
          everything.
 
 2. Ұ
 
  NET-FAQ   ťƮ Ʈ ۵Ǳ  Matt
 Welsh   Ʈŷ õǾ  Ÿ 鿡   
 ϱؼ ۼǾ. װ ʱ  Ʈŷ Ŀο  κ  
  ٷ ִ. net-2-howto net-faq ̾ ̸,  LDP howt 
 o  ϳ,  Ʈŷ Ʈ  2, Ŀ  3 Ҹ 
  ͵鿡  밡 ϰ ִ.   ٽ net-2-howto ̾ 
  ̸ ̰   3  Ʈŷ Ŀΰ 谡 ִ. 
 
   ʱ װ        
 ũⰡ ô Ŀ. ̷  ذϱ  Ư Ʈŷ    
 ٷ howto ܳ Ǿ.   谡 Ǵ κп ׵  
  ͸ ϸ, ٸ  ٷ ʴ  ٷ  
 ̴. 
 
 2.1 Feedback
 
  feedback ġ ִ   ׻ Ѵ.  feedback̳ 
   e-mail  ֱ ٶ. 
  <mailto:terry@perf.no.itg.telstra.com.au>.
 
 3.     ΰ(net-3-howto-howto?).
 
     Ͱ 繵 ٸ.     
  ĥ ִ Ŀٶ   ͵ պκп,  κ 
  Ư  κ ϱ ؼ ݵ ˾Ƶξ  Ϲ ͵ 
   ֵ   ٽ ׷ Ҵ.
 
     Read the generic sections
         κ , ߿    κп Ǹ,    
           ϱ ؼ ſ ߿ ͵̴. 
 
     Consider your network
         ڽ Ʈũ  Ǿ ִ°(Ǵ    
        ɰΰ) ˾ƾϸ Ȯ  ϵ     
        ΰ ˰ ־ Ѵ.
 
     Read the technology specific sections related to your requirements
          ϴ ˰,   Ʈ   
          ִ.  κ Ư    ׸ ٷ.
 
     Do the configuration work
         ڽ Ʈũ ϵ ؾ ϸ, ߻ϴ   
           ؾ Ѵ.
 
     Look for further help if needed
          ذῡ  ʴ  ߻Ͽٸ,   
        , Ǵ  ׸ Ʈؾ ϴ  κ
        оƶ.
 
     Have fun!
        Ʈŷ̶ ſ ִ ̴. װ ܶ~!
 
 4.  General Information about Linux Networking.
 
 4.1  Ʈŷ Ŀ   .
 
 ̹ ִ implementation ŭ̳  ϴ  ο tcp/ip 
   Ŀ implementation Ѵٴ   ƴϾ.   
  ִ implementation ϳ  ʱ ϴ  U.S.L  
      ѵ īǶƮ ؼ ϴ implementat 
 ion     Ȯ , Ǵ ̹ ִ°ͺ
   ο      ̷.
 
 Ŀ Ʈũ ڵ  ̲   ڿڴ Ross Brio.
  <biro@yggdrasil.com>. Ross ϰ ҿϳ ſ  implementati
 on ƾ µ ̰ WD-8003 Ʈũ ̽ ī ̴ 
 ̹ ϵǾ. ̰    Ʈ ׽ð   
 ϱ⿡ ,      ڽ ӽ    
 ͳݻ ÷⵵ Ͽ. ̷ Ʈŷ  ϰ ִ   
 ü з Ͼ, ᱹ Ross ־ Ұ з°   
  ġϴ  ȸ Ͽ Ross   ڸ   
 . 
 ︸ ϻ ȯӿ Ʈ ϰ   𰡸 
   å ޾Ƶ̴    ۾ ˸Ű Ǿ, 
      ҷ ڸ ִ. 
 
 Orest Zborowski <obz@Kodak.COM>    BSD  α׷ 
 ̽ ´. ̰ ̹ ִ Ʈũ α׷ 
    Ҽ ְ ν Ŀٶ  ̷´. 
 
 ̶ ٸ 򰡿 Laurence Culhane <loz@holmes.demon.co.uk> 
  SILP  ϱ   ̹  ´. ̰   
  Ʈŷ ＼ Ҽ   ο Ʈŷ Ʈ 
 Ҽ ֵ ־.     Ʈ ͳ  
 µ ϱ⵵ Ͽ. ̰   Ʈũ  Եȴٸ  
 ɼִ ɼ    ְ Ͽ,  Ʈ  
 ŷ Ʈ   ϰ ϴ ڼ þ ߴ.
 
 Ʈŷ  ϴµ    ѻ ٷ Fred Van Kempen̾
 . <waltje@uwalt.nl.mugnet.org>. Ross  ڷμ ġ  
 Ȯ ⰣĿ Fred  ð  Ͽ  
    ޾Ƶ鿴. Fred  Ʈŷ Ʈ ̲ 
 ⿡  ߽ ȹ  ־, ̷   . 
 Fred 'NET-2' Ŀ ڵ Ҹ Ϸ Ʈŷ ڵ带  ´µ(Ros
 s Ϳ  'NET'), ̰   ϰ ̿Ҽ ־. 
 Fred     ȿ ־µ, ̳ 
 ̽ ̽, Ƹ߾  AX.25  ,   
 ε Ʈŷ implementation װ͵̴. Fred NET-2 ڵ   
  ڵ鿡  Ǿ,    Ʈ Ѵٴ  
   ؼ þ.  ñ Ʈŷ Ʈ Ĵٵ Ŀ
 ο   ġ Ұ,   Ե ʾҴ. net
 -faq ̾ net-2-howto  ͵ ϵ   ν
  Ѵ. Fred  Ĵٵ Ʈũ implementation  ű
  ߿ ־ ̰ ð ɸ ̾. ڵ  
 ϰ ϰ 80%  ڸ ų ִ  ϸ γ 
 Ҿ Ross    ڷμ Fred  з 
 ܳ. 
 
 Alan Cox <iialan@www.linux.uk.org> ̷ Ȳ Ÿϱ  ذå 
 ߴ. ״ Fred net-2 ڵ带   ϰ  
  γɾ  Ű, зκ Fred  ִµ 
  ڽ ۾ Ҽ ְ ־. Alan `Net-2D(ebugged)' Ҹ 
 ڽ ù°   Ʈŷ ڵ带 Ű ̷ ϵ س
 .  ڵ   ȯӿ ϰ  ڵ 
 ϰ ־. Alan Ȯ  Ʈ   ִ ڽŸ 
    ־, NET-2 ڵ    ǵ 
 . ű⿡  Ʈŷ ȸӿ δٸ ΰ ׷ 
 µ, ϳ 'ϴ ϰ ,  ڿ   ' ö 
  ־, ٸ ϳ 'ƿ ó  ' ö  ־
 . Linus ᱹ 縦 ϰ, Alan  ¿  ǥϸ,  
 ڵ带 Ĵٵ Ŀ  Խ״. ̰ Fred    
 . ӵǴ ߵ  ڵ带 ϰ ׽  Ұ Ǹ, 
       ǹߴ. Fred ª Ⱓ
   ϴ ᱹ ϰ , Alan  Ʈŷ Ŀ 
   ο  Ǿ. 
 
 Donald Becker <becker@cesdis.gsfc.nasa.gov>  Ʈũ ο  
   ڽ  巯   ̴ ̹ س´. 
  Ŀο    ̴ ̹ Donald  ߵȰ
 ̴. ߿   ٸ 鵵  Donald   ǳ
  Ư ̾ Ѵ. 
 
 Alan 󸶵 ؼ NET-2-Debugged ڵ带   'TODO' 
 Ʈ 巹 ä ִ   .  Ŀ 
 1.3.* ̻ 巯 Ŀ Ʈŷ ڵ   ̵Ǵ 
 NET-3  . Alan Ʈŷ ڵ  ٸ 鿡 ۾
  س  Ʈŷ Ŀ´Ƽ   ִ  
  ޾  ⿡ ڵ带  . Alan ̳ Ʈũ 
 ̽  ǥ AX.25 ׸ IPX implemenatation   ´. Alan
  ؼ  ڵ带 ֹŷȰ(? ^^;)  ¿ ̸ 
  . 
 
 PPP  Michel Callahan <callahan@maths.ox.ac.uk> Al Longyear<longy
 ear@netcom.com> ؼ ߰Ǿµ ̰ ũŷ   
  ϴ    ġ ̾. 
 
 Jonathon Naylor <jsn@cs.nott.ac.uk> Alan AX.25 ڵ忡 NetRom  
  ߰ν Ŀٶ  ߴ. AX>25/NetRom   ߿
 ѵ   ٸ  ü ̸ ǥ   
  ̴. 
 
  Ʈŷ Ʈ  ߿      ܿ 
  ִ. ̵    Ưκп ġ ɰ̴. 
   ٸ , ̹,  , , ׽Ʈ Ʈ, ׸
    ߴ.  ͵  ߿  ߴٰ  
   ׵ Ҽִ ͵ ߴ.  Ŀ Ʈŷ ڵ 
   Ÿ    Ǹ  ȴ. װ 
   ʾҴٸ, غ ϶. װ    
 ʾҴ. 
 
 4.2  Ʈŷ  ٸ  𿡼 ΰ?
 
  Ʈŷ Ͽ    ִ  Ұ ִ. 
 
   Ŀ Ʈŷ ڵ ̳ Alan Cox  Ʈŷ
   ׸  ߵǴ ͵ ϴ www  ϰ ִ. 
 <http://www.uk.linux.org/NetNews.html>.
 
 ٸ  Ҵ Olaf Kirch  Network Administration Guide å̴. 
  Linux Document Project ۾̸ <http://sunsite.unc.edu/LDP/> 
  ̰ Network Administration Guide HTML    
 ִ. <http://sunsite.unc.edu/LDP/LDP/nag/nag.html> ׷   
 the sunsite.unc.edu LDP ftp archive پ  Ȱ Ҽ 
 . <ftp://sunsite.unc.edu/pub/Linux/docs/LDP/network-guide/> Olaf Kirch 
 å ϱⰡ   󿡼 Ʈũ     
  Ѵ. 
 
    Ʈŷ õ о߿ ϴ ׷쵵 ִ. 
 comp.os.linux.networking <news:comp.os.linux.networking>
 
  Ʈŷ   Ҽִ  Ҽ ִ ϸ 
 Ʈ ִ.  ϱ ؼ   :
 
       To: majordomo@vger.rutgers.edu
       Subject: anything at all
       Message:

       subscribe linux-net

  IRC Ʈũ 󿡴   ä #linux  ⿡   
  Ʈŷ     ִ. 

   Ҷ   õ   ؾ ϴ°  
 ض. Ư  ڽ ϴ Ʈ  ؾ ϴ  
  Ư Ŀ , pppd dip  , ׸    
 Ư Ȯ ؾ Ѵ. ̰   ɰ Ÿ ޽ 
  Ȯ  ؾ  ǹѴ. 

 4.3 𿡼  ѵ  Ʈũ   ִ°?

  tcp/ip Ʈŷ ⺻ н ģ¶   ã 
  Ѵ. 

     tcp/ip introduction
        this document comes as both a text version
        <ftp://athos.rutgers.edu/runet/tcp-ip-intro.doc> and a
        postscript version <ftp://athos.rutgers.edu/runet/tcp-ip-
        intro.ps>.

     tcp/ip administration
        this document comes as both a text version
        <ftp://athos.rutgers.edu/runet/tcp-ip-admin.doc> and a
        postscript version <ftp://athos.rutgers.edu/runet/tcp-ip-
        admin.ps>.

 tcp/ip     ˰ ڶ    õ 
 Ѵ. 

      "Internetworking with TCP/IP"
       by Douglas E. Comer

       ISBN 0-13-474321-0
       Prentice Hall publications.

 н ȣȯ ȯ濡 Ʈũ ø̼ ۼ   ʹٸ, 
   õѴ. 
 
        "Internetworking with TCP/IP"
       by Douglas E. Comer

       ISBN 0-13-474321-0
       Prentice Hall publications.
 
 comp.protocols.tcp-ip  ִ. <news:comp.protocols.tcp-ip>
 
 ͳݰ tcp-ip  suite õ Ư   ߿ ҽϳ 
 ٷ RFCs̴. RFC 'Request For Comment' Ӹ̸, ͳ 
  ǥ ϰ ť ϴ ǥ ̴. RFC ϰ ִ°
   ִ.  Ʈ κ FTP Ʈ̸ Ư Ű RFC 
 ͺ̽ ˻Ҽ ְ ѳ www Ʈ ִ. 
 
 RFC  ҽ ϳ  ִ. 
 <http://pubweb.nexor.co.uk/public/rfc/index/rfc.html>
 
 5. Ϲ Ʈũ  õ .
 
  κе   ڽ Ʈũ ϱ ˰  
 ʿ䰡 ִ ͵̴. ̵  ġϷ Ʈũ Ȯ Ư 
  Ǵ ⺻ ̴. 
 
 5.1. Ϸ  ʿѰ?
 
 Ʈũ ġϰ ϱ  ʿ   ִ.  ߿Ѱ 
  ͵̴.
 
 5.1.1.  Ŀ ҽ
 
   ϰ ִ Ŀ  ϰ ;ϴ Ʈũ Ÿ
 ̳ ī   ֱ⶧  ɼ Ŀ ٽ 
 ϱ ؼ Ŀ ҽ ʿϴ.
 
  ftp.funet.fi ֽŹ Ŀ ҽ  ִ. 
 <ftp://ftp.funet.fi/pub/Linux/PEOPLE/Linus/v2.0>
 
  Ŀ ҼҴ  /usr/src/linux 丮 tar̹ Ǯ Ѵ. 
  ġ ϰ Ŀ ΰ   ˱ ؼ kernel-
 howto о Ѵ. kernel-module   ˰ʹٸ module-howto 
 о Ѵ. 
 
 Ư  ʴ   ǥ Ŀ ( ѹ ι dig
 it ¦ Ȱ) ϱ ٶ.   Ŀ(ι° digit Ȧ
  ) ýۻ ٸ Ʈ  ų ִ  ü 
  ٸ ȭ  ִ.  ׷   ذҼ ִٰ 
 Ȯ ʴ,   Ʈ  ó Ȯ   
 װ  . 
 
 5.1.2.  Ʈũ .
 
 Ʈũ   Ʈũ ̽ ϱ  ϴ 
 ׷̴.  ̷  ̽ ּҸ Ҵϰ ְų 
 Ʈ Ҽ ְ ش. 
 
 κ ֽ   Ʈũ  Բ ǹǷ,  
   νϰ, Ʈũ  ν ʾҴٸ ̰ ؾ
  Ѵ. 
 
  ġ ʾҴٸ   ҽ شٰ ؾ  
 ʿ䰡 ִ. ̰ ״  ʴ.
 
 Ʈũ    Bernd Eckenfels  Ǹ, ftp.inka.de 
  ִ. 
 <ftp://ftp.inka.de/pub/comp/Linux/networking/NetTools/> and are
   ̷Ǿ ִ.
 <ftp://ftp.linux.uk.org/pub/linux/Networking/PROGRAMS/NetTools/>.

  ϰ ϴ Ŀ     ؾ  
 ϶. ׸ ν Ϸ Ű  ø .
 
 ̱ ۼϴ   νϰ ϰ Ѵٸ   
 ؾѴ.
 
  #
  # cd /usr/src
  # tar xvfz net-tools-1.32-alpha.tar.gz
  # cd net-tools-1.32-alpha
  # make config
  # make
  # make install
  #
 
 ߰, ̾  ϰ, IP ӽĿ̵带 ϰ ʹٸ ipfwadm 
  ־ Ѵ. װ ֱٹ  ftp.xos.nl Ҽִ. 
  <ftp:/ftp.xos.nl/pub/linux/ipfwadm>., װ Ҽִ  
  Ƿ,  Ŀΰ     ϵ ؾ
 . 
 
   ۼϴ ñ  ġϰ Ϸ,   ϶.
 
  #
  # cd /usr/src
  # tar xvfz ipfwadm-2.3.0.tar.gz
  # cd ipfwadm-2.3.0
  # make
  # make install
  #

 5.1.3. Ʈũ  α׷

 Ʈũ  α׷̶ telnet, ftp  α׷   α  
  Ѵ. David Holland<dholland@hcs.harvard.edu>  ̵ α׷  
  κ ϰ ִ.  ftp.linux.uk.org װ Ҽ   
 ִ. 
 <ftp://ftp.uk.linux.org/pub/linux/Networking/base>. 

   ۼϴ ñ  ġ, Ϸ   ϶.

  #
  # cd /usr/src
  # tar xvfz /pub/net/NetKit-B-0.08.tar.gz
  # cd NetKit-B-0.08
  # more README
  # vi MCONFIG
  # make
  # make install
  #
 
 5.1.4 Addresses.
 
 ͳ  巹 4 Ʈ ̷. ̰Ϳ  Ǵ 
 Ҹ 'dotted decimal notation'̶ Ҹ ÷ ϴ ̴. ̷ for
 m  Ʈ 0 ƴ ̻󿡴  0  (0~255) 10 
 ȯǸ,  Ʈ '.' ڷ иǾ . װ  
  ȣƮ   ̽ IP 巹 .  ȯ 
 ӿ  ӽŻ  Ʈ Ͽ  IP 巹 ϴ 
  չ   ̽ ڽŸ ּҸ ⸶̴. 
 ͳ  Ʈũ  ִ IP 巹 ̴. Ʈ
 ũ  巹   (digit) 巹 ϰ 
 ִ.  Ʈũ 巹  κ 'network portion'̶ 
 . 'network portion'   κ 'host portion'̶ Ҹ
 . Ʈũ  巹  Ǵ bit netmask Ҹµ, 
  巹 װ  Ʈũ ϴ,  ʴ 
  netmask ̴.   캸.
 
  -----------------  ---------------
  Host Address       192.168.110.23
  Network Mask       255.255.255.0
  Network Portion    192.168.110.
  Host portion                  .23
  -----------------  ---------------
  Network Address    192.168.110.0
  Broadcast Address  192.168.110.255
  -----------------  ---------------

 netmask 'bitwise anded' 巹 ڽ  Ʈũ 巹
  ϰ ɰ̴. ׷Ƿ Ʈũ 巹 ߿   
  巹 ׻ network address Ǵ°̴.  ׻ 0 ڵ 
 'host portion'  ȴ.
 
 εĳƮ 巹 ڽ Ư 巹 Ͽ Ʈũ  
 ȣƮ  Ư 巹̴.  巹 Ʈũ   ȣƮ
  ÿ Բ Ҷ ͱ׷  巹̴. 'εĳƮ 
 ̾ ϴ°'  Ǵ  Ǵ ΰ ǥػ
  ִ.  θ ޾Ƶ鿩 ִ° ش Ʈũ    
 ϴ 巹 εĳƮ 巹 ϴ ̴.   
  192.168.110.255 ȴ. ٸ Ʈ   Ʈũ 
  εĳƮ 巹 ϴ  äߴ.   
 ϴ° ϴ°     Ʈũ  ȣƮ 
  εĳƮ 巹 Ǿ ִ° ݵ Ȯؾ Ѵ. IP 
   ʱ     ׷ 巹 Ʈũ
  Ǿ, ̷ Ʈũ 'class' Ҹ  ׷ȭǾ. 
  Ŭ ҴҼ ִ ǥ  Ʈũ  ش. Ҵ 
   .
 
  ----------------------------------------------------------
  | Network | Netmask       | Network Addresses            |
  | Class   |               |                              |
  ----------------------------------------------------------
  |    A    | 255.0.0.0     | 0.0.0.0    - 127.255.255.255 |
  |    B    | 255.255.0.0   | 128.0.0.0  - 191.255.255.255 |
  |    C    | 255.255.255.0 | 192.0.0.0  - 223.255.255.255 |
  |Multicast| 240.0.0.0     | 224.0.0.0  - 239.255.255.255 |
  ----------------------------------------------------------
 
  巹 ؾ ϴ° Ȯ  ؾ ΰ 
  ޶. ʿ  巹  ؼ  ؼ ؾ 
 Ѵ.
 
  IP Ʈũ  ӽ ġѴ. 
   IP Ʈũ  ӽ ġϰ Ѵٸ Ʈũ ڿ Ͽ 
      Ѵ. 
 
     o   Host IP Address

     o   IP network address

     o   IP broadcast address

     o   IP netmask

     o   Router address

     o   Domain Name Server Address
 
         ׷  Ʈũ ̽  λ  Ѵ. 
         ̰ ʰ    ϸ Ҽ .
 
    ͳݿ  ʴ  ο Ʈũ 
        ͳݿ    Ʈũ ٸ  ƹ     
        巹 Ҽ ִ. ׷  ϰ  Ư 
        Ǿִ IP 巹 ִ. ̰   RFC1597       
        õǾ ִ.
 
        -----------------------------------------------------------
        |         RESERVED PRIVATE NETWORK ALLOCATIONS            |
        -----------------------------------------------------------
        | Network | Netmask       | Network Addresses             |
        | Class   |               |                               |
        -----------------------------------------------------------
        |    A    | 255.0.0.0     | 10.0.0.0    - 10.255.255.255  |
        |    B    | 255.255.0.0   | 172.16.0.0  - 172.31.255.255  |
        |    C    | 255.255.255.0 | 192.168.0.0 - 192.168.255.255 |
        -----------------------------------------------------------
 
 켱 Ʈũ ũ⸦ ѵ ϴ ŭ 巹 ؾ Ѵ. 
 
 5.2.    ־ ϴ°?
 
  ý Ʈ ν δٵ ٹ  ִ. Ŀ 
  ڿ װ ׻ 'init'̶ α׷ Ѵ. init /etc/inittab
 ̶  а Ʈ  Ѵ. init  ٸ Ư(fla
 vours) , ̷ پ缺   ӽ پ缺  ū 
  ȴ. 
 
  /etc/inittab    Ʈ ϰ ִ. 
 
       si::sysinit:/etc/init.d/boot
 
    Ʈ  ϴ shell ũƮ ̸ Ѵ.
   MS-DOS autoexec.bat ϰ ټ ϴ.
 
  Ʈ ũƮ  ȣǴ ٸ ũƮ  Ʈũ ̵
  ȴ. 
 
  ̺  ý ̵  𸣰ڴ.
 
 ------------------------------------------------------------------------
 |Interface Config/Routing                    |Server Initialisation
 ------------------------------------------------------------------------
 |/etc/init.d/network                         |/etc/init.d/netbase
 |                                            |/etc/init.d/netstd_init
 |                                            |/etc/init.d/netstd_nfs
 |                                            |/etc/init.d/netstd_misc
 ------------------------------------------------------------------------
 |/etc/rc.d/rc.inet1                          |/etc/rc.d/rc.inet2
 ------------------------------------------------------------------------
 |/etc/sysconfig/network-scripts/ifup-<ifname>|/etc/rc.d/init.d/network
 ------------------------------------------------------------------------
                           < Debian, Slackware, RedHat>
 
 밳     Ǵ Ʈũ ̽ Ҽ 
 ִ α׷ ϰ ִ. ̰ ִٸ   õϱ  
  ϴ  ִ ˾ƺ Ѵ. 
 
       -----------------------------------------
       Distrib   | Network configuration program
       -----------------------------------------
       RedHat    | /sbin/netcfg
       Slackware | /sbin/netconfig
       -----------------------------------------

 5.3. Ʈũ ̽ 
 
  н ýۿ Ʈũ ̽ /dev 丮 δ. ׷
   ׷ ʴ.  Ʈũ ̽ Ʈ 
   ǹǷ ̽   ʿ䰡 . 
 
 밳  Ʈũ ̽ ʱȭϴ  ̽ ̹  
 ڵ  ϵ ġѴ.  ̴ ̽ ̹
   eth[0...n] ̽  ̴ ϵ ġŲ. 
 ù° ߰ߵǴ ̴ ī eth0 ι° ̴ ī eth1 ȴ.
 
 ׷  , slip Ǵ ppp , Ʈũ ̽  α
  ۿ . ̽  ̸ ̴° 
  ̽ ýÿ ڵ  ʴ´. ̷  
  ̹ ޸ Ȱȭ slip, ppp ̽  ӽ ۵ð
  ſ پϰ ޶ ̴. ̷   κп ڼ 
 ٷ ̴. 
 
 5.4. Ʈũ ̽ .
 
 ʿ  α׷ Ʈũ 巹, Ʈũ    
   Ʈũ ̽   ִ. Ʈũ ̽  
  Ҷ 츮 Ʈũ ̽  ּ Ҵ ٸ ȯ  
   ÿ  ̾߱⸦ ϴ°̴. ̸   θ Ǵ 
  ifconfig(interface configure)̴. 
 
  Ʒ    ̴. 
 
    # ifconfig eth0 192.168.0.1 netmask 255.255.255.0 up
 
   'eth0' ̴ ̽ IP 巹 '192.168.0.1' netmask 
 255.255.255.0 ϴ ̴. ɾ κ 'up' ̽ Ȱ
 ȭ ɰ ϰ ִ. 
 
 Ŀ ̽ Ҷ  Ʈ Ѵ.   Ʈũ 
 巹 εĳƮ 巹   ,  ó  
 ´ٸ Ŀ  IP 巹 Ŭ ٰ ո  
 ̴.   Ŀ ̽ Ŭ-C Ʈũ ȴٰ 
 ϰ Ʈũ 巹 '192.168.0.0', εĳƮ 巹 
 '192.168.0.255' Ѵ. 
 
 ifconfig ɿ  ٸ ɼ ִ.  ߿   ̴. 
 
    up  ̽ ȰȭŲ. 
 
    down  
        ̽  ȰȭŲ.
    
    -arp
         ̽ 󿡼 address resolution protocol 밡ϰ, 
       Ұϰ Ѵ.
   
    -allmulti
        ̽ 󿡼 promiscuous 带 /Ұϰ Ѵ. Promoscu
       ous  ش ̽   Ŷ̶ ޾Ƶϼ ֵ 
       ϴ 带 Ѵ. ̰ tcpdump ٸ Ŷ Ǫ α׷ 
       ſ ߿ϴ. 
    
    mtu N
         ̽ MTU Ҽ ְ ش.
 
    netmask addr
         ̽ ϴ Ʈũ netmask ϰ ش. 
 
    irq addr
         Ķʹ Ư Ÿ ϵ ϳ,  ̽ 
        IRQ Ҽ ְ ش. 
 
    -broadcast addr 
         Ķʹ εĳƮ 巹  ͱ׷  
       ϰ ϰų, Ȥ  ͱ׷ Ұϰ Ѵ. 
 
    -pointopoint addr
         Ķʹ slip, ppp point to point ũ ݴ볡 ִ 
        ּҸ ϵ ش. 
 
    hw <type> <addr>
         Ķʹ Ʈũ ̽ Ư Ÿ ϵ 巹 
       ϵ ش. ̴ݿ ״   AX.25  
       ٸ Ÿ Ʈũ ϴ. 
 
 ifconfig   Ʈũ ̽ Ҽ ̴.
 pppd, dip   α׷ Ʈũ ̽ 鶧 ڵ 
 ϹǷ  ifconfig ɻ ʿ ʴ. 
 
 5.5.  ؼ(Name Resolver) .
 
 'Name Resolver' ǥ  ̺귯 Ϻ̴. ̰  ū  
 'ftp.funet.fi'  ΰ ģ ȣƮ 128.214.248.6 ó ӽſ
  ģ IP 巹 ȯϴ 񽺸 ϴ ̴. 
 
 5.5.1. ̸  ֳ?
 
  ͳ ȣƮ   ͼϳ, װ  Ǵ
    𸥴. ͳ    ,
 ٽ ؼ Ʈ  ´. 'domain'̶ ϴ°  Ǵ ׷ 
 ̸̴. 'domain' 'subdomain'   ִ. 'toplevel'  
 굵 ƴ  ǹѴ. Top Level Domain RFC920 õǾ 
 ִ.     TOP LEVEL  ̴. 
 
     COM
        Commercial Organisations()

     EDU
        Educational Organisations()

     GOV
        Government Organisations(α)

     MIL
        Millitary Organisations()

     ORG
        Other organisations(ٸ)

     Country Designator
        these are two letters codes that represent a particular country.
        (Ư  Ÿ  α ڵ. : ѹα -> kr)

  top level  굵  ִ.  ̸  
 top level  com, edu, gov, mil, org ο  굵 
 ȴ. ν, Ʈϸ  Ǵ α Ÿ 
  com.au, gov.au  . '.us' ڵ带   
 ϰ,   top level   ʴ    
 ̱  Ÿ  ȴ. 
 
     ̸ Ÿ ؼ ȴ.    
   ſ پѵ,       
 ι  ٰϰ ȴ. ׷ ̰  Ʈũ ڿ  
 ո ǹְ  ؿ  ΰ ȴ. 
 
    κ ׻ ȣƮ ӽſ Ҵ Ư ̸̸ 'ȣƮ
 '̶ Ҹ. ӿ ȣƮ  κ ' '̶ 
  ̰ Ǯ 'Fully Qualified Domain Name'̴. 
 
  ̸ ȣƮ   , 'Fully Qualified Domain Name' 'perf.no.
 itg.telstra.com.au'̴. ̰ ȣƮ 'perf' γ 'no.itg.t
 elstra.com.au' ǹѴ.     Australia ٰ to
 p level ο  θ  ̸ 巹  ϹǷ  
   '.com'  ִ. ȸ ̸ 'Telstra'̸  
 ۸   δµ,    ӽ Infomartion Technol
 ogy Group Network Operation μ Ѵ. 
 
 5.5.2. п ʿ .
 
 ڽ ȣƮ  ο ϰ Ǵ ˾ƾ  ʿ䰡 ִ. Name 
 resolver Ʈ 'Domain Name Server' ó  ν  
   񽺸 Ѵ. ׷Ƿ ڽ Ҽ ִ  Ӽ 
 IP 巹 ˾ƾ  ʿ䰡 ִ. 
 
  ʿ䰡 ִ  3 ִµ, ̰ ʷ ٷ ڴ. 
 
 5.5.3. /etc/resolv.conf
 
 /etc/resolv.conf  ؼ ڵ带    ̴. ̰  
 ſ ϴ. ϳ ο ϳ Ű带  ؽƮ ̴. 
  Ǵ Ű 3 ִµ  . 
 
    domain
         Ű   Ѵ.
 
    search
         Ű ȣƮ ã Ҽ ִ γ Ʈ
        Ѵ.
 
    nameserver
         Ű  ٵ,  ؼ Ҷ Ǹ    
        IP 巹 ϱ  ȴ. 
 
 /etc/resolv.conf    ó δ.
 
       domain maths.wu.edu.au
       search maths.wu.edu.au wu.edu.au
       nameserver 192.168.10.1
       nameserver 192.168.12.1
 
   з  (γ   ȣƮ)  
 Ʈ γ maths.wu.edu.au ϰ,  ȣƮ  ο 
 ߰ߵ  wu.edu.au ο  ãƺ Ѵ. ΰ 
 Ӽ Ʈ Ǵµ, ̵   ؼҶ Ѵ.
 
 5.5.4 /etc/host.conf
  
 /etc/host.conf  name resolver ڵ ൿ ϴ  
  ̴.    'resolv+'   ڼ Ǿ ִ. 
   ȯ濡    Ұ̴.
 
       order hosts,bind
       multi on
 
    ؼ⿡, Ӽ ϱ  /etc/hosts üũ 
  /etc/hosts Ͽ ߰ߵǴ ù° 巹 Ӹƴ϶  ȿ 
  Ұ ش. 
 
 5.5.5 /etc/hosts
 
 /etc/hosts   ȣƮ Ӱ IP 巹 ִ ̴.  
 Ͽ ȣƮ  IP 巹      
  ʿ䰡 .   ϴµ   ȣƮ IP 巹 
  ڽ Ʈ ؾѴٴ ̴.  Ǵ ý  Ͽ 
 ̴ ȣƮ  ̽  ȣƮ   Ʈ 
 ̴. 
 
       # /etc/hosts
       127.0.0.1      localhost loopback
       192.168.0.1    this.host.name
 
 ù° Ʈ ִ ٿͰ  ο Ѱ ̻ ȣƮ  
   ִ.  ù° Ʈ  ̽  ǥ Ʈ
 ̴. 
 
 5.6.  ̽ .
 
 'loopback' ̽ ڽſ Ҽ ֵ ִ Ư  
 ̴̽. ̸ ϰ   ſ پѵ, Ʈũ ٸ 
 ڸ  ʰ Ʈũ Ʈ ׽Ʈϰ   ..  
  ȴ. ӿ  IP 巹 '127.0.0.1'    
 Ǿ ִ. ׷Ƿ  ӽ ϴ, 127.0.0.1 ڳ Ŀؼ 
   ȣƮ ϰ ȴ. 
 
  ̽ ϴ° ϸ,  и ־ Ѵ.
 
       # ifconfig lo 127.0.0.1
       # route add -host 127.0.0.1 lo
 
  κп 츮 route ɿ  ڼ ٷ̴. 
 
 5.7. .

  Ŵ ̴. ̰Ϳ ؼ û  ؽƮ ۼϴ 
  ϴ. κ  ÿ   䱸 Ұ̳,  
  ׷ ʴ.    ⺻׸ ٷ̴.  
    ִٸ   ۺκп ִ ۷ 
  ٶ. 
 
 ǿ Բ . IP ̶ ü ΰ?   ϴ 
  ϳ ִ. 
 
        IP ̶ ȣƮ  Ƽ Ʈũ ͱ׷  
       ̴.
 
   ϴ° ڴ.  ǽ ͸ غ. װ 
 Ƹ ͳݿ   ppp ũ, ũ̼ǿ ϴ  ̴
  ׸Ʈ ٸ ǽ ppp ũ  ̴.  Ʈũ 
 Ŀؼκ Ͱ ͱ׷ , ̶  ͱ׷
   Ʈ ΰ  Ŀ̴.  ȣƮ 
  ʿϸ  ͳ ȣƮ ΰ Ʈũ ̽ µ 
     ̸̽ ٸ ϳ ̴ Ȥ PPP, SLIP
   Ʈũ ̾߱⸦ ϱ ϴ ̴̽.
 
 OK, ׷ ̶  ϴ ΰ?  ȣƮ  ̺
  Ҹ   Ư Ʈ  ִ.  ̺ ּ 3 
 ʵ带   ϴµ, ù° ʵ  巹, ι° ʵ 
 ͱ׷ õ ̽ ̸, ° ɼ Ʈũ 
    ͱ׷  ٸ ӽ 巹  ִ. 
   ̿Ͽ   ̺ 캼 ִ. 
 
        # cat /porc/net/route
 
  μ ſ ϴ:  ͱ׷ ް,  巹
  Ͽ ̺  Ʈ Ѵ. ش 巹   
 ϴ Ʈ ϰ õ ̽ ͱ׷ Ѵ. 
 Ʈ ʵ尡 ä ִٸ ͱ׷ ̽   ȣƮ 
 Ǹ, ׷  ̽ ϴ Ʈũ ִٰ 
 . 
 
 
  ̺ ϱ ؼ Ư  Ѵ.   Ŀǵ 
   ޾Ƽ Ŀ ̺ Ʈ ߰, , ϵ û
 ϴ Ŀ ý ݷ ȯѴ.   'route' Ҹ. 
 
   ִ.  ̴ Ʈũ  ִٰ غ. 
  192.168.1.0 巹  class-C Ʈũ .  ڽ
  ϱ  192.168.1.10 ϰ, 192.168.1.1  ͳݿ  
 Ͷ ´. 
 
 ù°   Ѵ ̽ ϴ ̴.  
   Ѵ.
 
        # ifconfig eht0 192.168.1.10 netmask 255.255.255.0 up
 
  192.168.1.* ġǴ  巹  ͱ׷  ̴
  ̽   ̺ Ʈ ߰ؾ Ѵ. 
 
        # route add -net 192.168.0.0 netmask 255.255.255.0 eth0
 
 '-net'    Ʈ Ʈũ Ʈ route α׷ ˷
 ֱ ؼ̴. ⼭ Ҽִ ٸ  'ȣƮ' Ʈε ̰ 
  IP 巹 õǴ route̴. 
 
  Ʈ  ̴ ׸Ʈ ִ  ȣƮ Ŀؼ 
  ϰ ش.  ڽ ̴ ׸Ʈ   ٸ  IP 
 ȣƮ  Ǵ°?
 
    Ʈũ route ߰ϴ°   ̹Ƿ, 
  ۾ ϰ ִ Ư Ʈ ִ.  Ʈ 'Ʈ' Ʈ
  Ҹ. Ʈ Ʈ    ġ ϹǷ û
  巹 ġϴ 巹 ִٸ Ʈ Ʈ ſ ̰ 
 ȴ. Ʈ Ʈ ̵ " ̰" ϴ° 
  ش.     Ʈ ϵ Ͽ. 
 
        # route add default gw 192.168.1.1 eth0 
 
 'gw'    Ʈ(Ȥ  ӽ) IP ּ, Ǵ 
  route ɿ ˷ش.  Ʈ ġϴ  ͱ׷   
    Ʈ̷  Ѵ. 
 
 ׷, ϼ    ϰ̴. 
    
        # ifconfig eth0 192.168.1.10 netmask 255.255.255.0 up
        # route add -net 192.168.0.0 netmask 255.255.255.0 eth0
        # route add default gw 192.168.1.1 eth0
 
 ڽ Ʈũ 'rc'   캻ٸ ̿ ϰ ̴°  
 ϳ ߰ϰ ɰ̴. ̰ ſ Ϲ ̴. 
 
  ణ     캸. ͳ PPP ũ 繫
  ũ̼ǿ  ׸Ʈ ϴ ͸ Ѵٰ غ. P
 PP ũ ϳ ̴ ׸Ʈ 3  ͸ Ѵٰ غ
 .     ϰ̴. 
        
        # route add 192.168.1.0 netmask 255.255.255.0 eth0
        # route add 192.168.2.0 netmask 255.255.255.0 eht1
        # route add 192.168.3.0 netmask 255.255.255.0 eth2
        # route add default ppp0
 
  ũ̼  Ÿͺ   ϰ, ʹ  
 Ʈũ Ʈ(route)  ʿ䰡 ִ. ũ̼ǿ ־ Ʈ 
 Ŀ Ͱ  иؾ ϴ°  Ƴ̱ ̴. 
   Ÿ Ʈ Ʈ 'gw'    ñ 
  𸥴.  ſ ѵ PPP SLIP  ø ũ  
 Ʈũ ܿ Ѵ뾿,  δ ȣƮۿ  ̴. ũ ݴ볡
  ִ ȣƮ Ʈ̷ ϴ  ǹϰ  ̴. 
 ĸ ٸ     ̷ Ÿ Ʈũ Ŀؼǿ 
 Ʈ̸  ʿ䰡 . ̴, ũ(arcnet), ū  
 Ʈ̸  ϴµ ̵ Ʈũ  ȣƮ ֱ 
 . 
 
 5.7.1 õ α׷  ϴ°?
 
  ޵    ±  ϳ  Ʈũ 
 Ʈ   ȴ.   Ʈũ ؾ  
  ϴ. ̵ κ 鿡 ̰ ȭŸ ʴ´. 
 
 ' '̳ ' '  ū   ٿ , Ʈ
 ũ ӽ̳ ũ  ͱ׷ ٸ   Ѵٸ(ٸ
  )  ̵ ϰ   ؾ Ѵٴ ̴. 
 翬 ̰ , û糳, ǿ̰, ٶ  ̴. Ʈ
 ũ     Ʈ ڵ Ű پ ũ
  ߵǾµ, ̷  ׷ '̳  '̶ 
  ϰ ִ. 
 
  Ϲ ̳  ݿ   𸥴.  
 θ ˷  Ƹ RIP(Routing Information Protocol) OSPF(Open Shor
 test Path First Protocol) ̴. RIP ߰   ü Ʈũ
   Ʈũ   ȴ. OSPF  ̰  ū Ʈ
 ũ ٷ ɷ ִ.  Ʈũ     (pat
 h) ִ ȯ濡 ϴ.  ݵ Ϲ  'routed'-RIP,
 'gated'-RIP,OSPF ̴. 'routed' α׷   Բ Ǹ,  
   'NetKit' Ű ԵǾ ִ. 
 
 ̳      ΰ ϴ , ó 
 ϰ̴. 
 
 
      192.168.1.0 /                         192.168.2.0 /
         255.255.255.0                         255.255.255.0
       -                                     -
       |                                     |
       |   /-----\                 /-----\   |
       |   |     |ppp0   //    ppp0|     |   |
  eth0 |---|  A  |------//---------|  B  |---| eth0
       |   |     |     //          |     |   |
       |   \-----/                 \-----/   |
       |      \ ppp1             ppp1 /      |
       -       \                     /       -
                \                   /
                 \                 /
                  \               /
                   \             /
                    \           /
                     \         /
                      \       /
                       \     /
                    ppp0\   /ppp1
                       /-----\
                       |     |
                       |  C  |
                       |     |
                       \-----/
                          |eth0
                          |
                     |---------|
                     192.168.3.0 /
                        255.255.255.0
 
 A,B,C  Ͱ ִ.  Class C IP Ʈũ(netmask 255.255.25
 5.0) ̴ ׸Ʈ Ѵ.   Ϳ ٸ ͷ PPP 
 ũ ִ. Ʈũ ﰢ ̷. 
 
  A  ̺ ó ϰ ϴ. 
 
        # route add -net 192.168.1.0 netmask 255.255.255.0 eth0
        # route add -net 192.168.2.0 netmask 255.255.255.0 ppp0
        # route add -net 192.168.3.0 netmask 255.255.255.0 ppp1
 
 ̰  A  B  ũ      ̴. 
  ũ      Ʈ  A ̴ 
 ׸Ʈ ȣƮ ̴ ׸Ʈ B  ִ ȣƮ  ϴµ, 
 ͱ׷  A   ppp0  ̴. ׵  
  ׸Ʈ C  ȣƮδ Ҽ , C ̴ ׸Ʈ ȣƮ 
  B ̴ ׸Ʈ ȣƮ ̾߱⸦ Ҽִµ, B  C  
 ũ   ʰ ֱ ̴. 
 
 , A  C  Ҽ ְ, C  B  Ҽ ִٸ ° A  C  B 
  C Ͽ ͱ׷ B  ʴ°? ̷ ٷ RIP 
  ̳   ذϵ  ׷ ̴. A, B, C 
 Ͱ     , ũ ϳ  ٸ  
 ̺ ο Ʈũ Ȳ ݿϿ ڵ ɰ̴. ̷ Ʈ
 ũ ϴ  ϸ,  Ϳ  ΰ ָ ȴ.  
   A  Ͽ,
 
        # route add -net 192.168.1.0 netmask 255.255.255.0 eth0
        # /usr/sbin/routed
 
 'routed'   Ҷ ڵ Ȱȭ  Ʈũ Ʈ ã
   ȣƮ  ̺ ϰ Ʈ   ֵ  Ʈ
 ũ ̽ ޼   ´. 
 
 ̰  ̳     ִ    
 ̴.  ڼ  Ѵٸ  ùκп õ   
 ٶ. 
 
 ̳ ÿ Ͽ ߿ ..
 
 1.   ӽ   پ Ʈ  ̳  
       ʿ䰡 ִ. 
 
 2. ̳   Ʈũ ȭ Ͽ ڵ    
      ̴. 
 
 3. RIP  Ǵ ߰  Ʈũ ϴ.
 
 5.8. Ʈũ   .
 
 Ʈũ  񽺴  ڰ   ӽ Ҽְ 
 ϱ α׷̴.  ڴ  ӽ,  α׷ Ǵ 
 Ʈũ  Ŀؼ Ͽ ش Ʈ Ŀؼ ޾Ƶ  
 Ѵ. Ʈũ  ϴ  ΰ ִ.
 
    standalone
        Ʈũ   Ʈũ Ʈ ޼   Ŀ
       ؼ Ǿ Ʈũ Ŀؼ ϰ 񽺸 Ѵ. 
 
    slave to the inetd server
        inetd   Ŀؼ  ϴ Ư Ʈũ 
        α׷̴. tcp Ȥ udp  Ʈ Ư  
       ,  α׷ Ǿ ϴ° ִ   
       ִ.  Ʈ ٸ Ͽ Ǿ  ̿ ؼ  ̾߱
        Ұ̴.
 
  ؾߵ ΰ ߿  ִ.  Ʈѹ Ҵϴ 
 /etc/services ϰ inetd Ʈũ    /etc/inetd.conf 
 ̴. 
 
 5.8.1. /etc/services
 
 /etc/services  ΰ ģ  Ӱ 迡 ģ Ʈѹ
  ִ  ͺ̽ ̴. ̰  ſ ϴ. 
    ͺ̽ Ʈ Ÿ ؽƮ ̴.  
 Ʈ   ̽(tab Ǵ space)   ʵ 
  ִ.  ʵ Ʒ . 
 
 name       port/protocol       aliases         #comment
 
    name
        Ǵ 񽺸 Ÿ  ̴ܾ. 
 
    port/protocol
         ʵ ΰ  ʵ .
 
        port
             񽺰  Ʈѹ ϴ ̴.  
           ϴ 񽺿 Ҵ  ѹ ִ. ̵ RFC-1340
            ִ.
        protocol
             ʵ tcp udp õȴ.
 
        18/tcp  18/udp  Ʈ  ٸ ϸ,   
       񽺰 ΰ  ؾ ϴ     
       Ƶδ° ߿ϴ.  Ϲ  θ ְ, Ư 
        tcp, udp   ϴٸ   ο  Ʈ 
        ̴. 
 
    aliases
          Ʈ Ÿ  Ǵ ٸ ̸
 
    '#' ڿ Ÿ ؽƮ õǸ ּ ֵȴ.
 
 5.8.1.1. /etc/services  .
 
    Ǹ /etc/services  Ѵ.   
 ο ӽ  Ҷ,   ϴ /etc/services 
  ִ. 
 
  # /etc/services:
  # $Id: services,v 1.3 1996/05/06 21:42:37 tobias Exp $
  #
  # Network services, Internet style
  #
  # Note that it is presently the policy of IANA to assign a single well-kn
own
  # port number for both TCP and UDP; hence, most entries here have two ent
ries
  # even if the protocol doesn't support UDP operations.
  # Updated from RFC 1340, ``Assigned Numbers'' (July 1992).  Not all ports
  # are included, only the more common ones.

  tcpmux          1/tcp                           # TCP port service multip
lexer
  echo            7/tcp
  echo            7/udp
  discard         9/tcp           sink null
  discard         9/udp           sink null
  systat          11/tcp          users
  daytime         13/tcp
  daytime         13/udp
  netstat         15/tcp
  qotd            17/tcp          quote
  msp             18/tcp                          # message send protocol
  msp             18/udp                          # message send protocol
  chargen         19/tcp          ttytst source
  chargen         19/udp          ttytst source
  ftp-data        20/tcp
  ftp             21/tcp
  ssh             22/tcp                          # SSH Remote Login Protoc
ol
  ssh             22/udp                          # SSH Remote Login Protoc
ol
  telnet          23/tcp
  # 24 - private
  smtp            25/tcp          mail
  # 26 - unassigned
  time            37/tcp          timserver
  time            37/udp          timserver
  rlp             39/udp          resource        # resource location
  nameserver      42/tcp          name            # IEN 116
  whois           43/tcp          nicname
  re-mail-ck      50/tcp                          # Remote Mail Checking Pr
otocol
  re-mail-ck      50/udp                          # Remote Mail Checking Pr
otocol
  domain          53/tcp          nameserver      # name-domain server
  domain          53/udp          nameserver
  mtp             57/tcp                          # deprecated
  bootps          67/tcp                          # BOOTP server
  bootps          67/udp
  bootpc          68/tcp                          # BOOTP client
  bootpc          68/udp
  tftp            69/udp
  gopher          70/tcp                          # Internet Gopher
  gopher          70/udp
  rje             77/tcp          netrjs
  finger          79/tcp
  www             80/tcp          http            # WorldWideWeb HTTP
  www             80/udp                          # HyperText Transfer Prot
ocol
  link            87/tcp          ttylink
  kerberos        88/tcp          kerberos5 krb5  # Kerberos v5
  kerberos        88/udp          kerberos5 krb5  # Kerberos v5
  supdup          95/tcp
  # 100 - reserved
  hostnames       101/tcp         hostname        # usually from sri-nic
  iso-tsap        102/tcp         tsap            # part of ISODE.
  csnet-ns        105/tcp         cso-ns          # also used by CSO name s
erver
  csnet-ns        105/udp         cso-ns
  rtelnet         107/tcp                         # Remote Telnet
  rtelnet         107/udp
  pop-2           109/tcp         postoffice      # POP version 2
  pop-2           109/udp
  pop-3           110/tcp                         # POP version 3
  pop-3           110/udp
  sunrpc          111/tcp         portmapper      # RPC 4.0 portmapper TCP
  sunrpc          111/udp         portmapper      # RPC 4.0 portmapper UDP
  auth            113/tcp         authentication tap ident
  sftp            115/tcp
  uucp-path       117/tcp
  nntp            119/tcp         readnews untp   # USENET News Transfer Pr
otocol
  ntp             123/tcp
  ntp             123/udp                         # Network Time Protocol
  netbios-ns      137/tcp                         # NETBIOS Name Service
  netbios-ns      137/udp
  netbios-dgm     138/tcp                         # NETBIOS Datagram Servic
e
  netbios-dgm     138/udp
  netbios-ssn     139/tcp                         # NETBIOS session service
  netbios-ssn     139/udp
  imap2           143/tcp                         # Interim Mail Access Pro
to v2
  imap2           143/udp
  snmp            161/udp                         # Simple Net Mgmt Proto
  snmp-trap       162/udp         snmptrap        # Traps for SNMP
  cmip-man        163/tcp                         # ISO mgmt over IP (CMOT)
  cmip-man        163/udp
  cmip-agent      164/tcp
  cmip-agent      164/udp
  xdmcp           177/tcp                         # X Display Mgr. Control 
Proto
  xdmcp           177/udp
  nextstep        178/tcp         NeXTStep NextStep       # NeXTStep window
  nextstep        178/udp         NeXTStep NextStep       # server
  bgp             179/tcp                         # Border Gateway Proto.
  bgp             179/udp
  prospero        191/tcp                         # Cliff Neuman's Prospero
  prospero        191/udp
  irc             194/tcp                         # Internet Relay Chat
  irc             194/udp
  smux            199/tcp                         # SNMP Unix Multiplexer
  smux            199/udp
  at-rtmp         201/tcp                         # AppleTalk routing
  at-rtmp         201/udp
  at-nbp          202/tcp                         # AppleTalk name binding
  at-nbp          202/udp
  at-echo         204/tcp                         # AppleTalk echo
  at-echo         204/udp
  at-zis          206/tcp                         # AppleTalk zone informat
ion
  at-zis          206/udp
  z3950           210/tcp         wais            # NISO Z39.50 database
  z3950           210/udp         wais
  ipx             213/tcp                         # IPX
  ipx             213/udp
  imap3           220/tcp                         # Interactive Mail Access
  imap3           220/udp                         # Protocol v3
  ulistserv       372/tcp                         # UNIX Listserv
  ulistserv       372/udp
  #
  # UNIX specific services
  #
  exec            512/tcp
  biff            512/udp         comsat
  login           513/tcp
  who             513/udp         whod
  shell           514/tcp         cmd             # no passwords used
  syslog          514/udp
  printer         515/tcp         spooler         # line printer spooler
  talk            517/udp
  ntalk           518/udp
  route           520/udp         router routed   # RIP
  timed           525/udp         timeserver
  tempo           526/tcp         newdate
  courier         530/tcp         rpc
  conference      531/tcp         chat
  netnews         532/tcp         readnews
  netwall         533/udp                         # -for emergency broadcas
ts
  uucp            540/tcp         uucpd           # uucp daemon
  remotefs        556/tcp         rfs_server rfs  # Brunhoff remote filesys
tem
  klogin          543/tcp                         # Kerberized `rlogin' (v
5)
  kshell          544/tcp         krcmd           # Kerberized `rsh' (v5)
  kerberos-adm    749/tcp                         # Kerberos `kadmin' (v5)
  #
  webster         765/tcp                         # Network dictionary
  webster         765/udp
  #
  # From ``Assigned Numbers'':
  #
  #> The Registered Ports are not controlled by the IANA and on most system
s
  #> can be used by ordinary user processes or programs executed by ordinar
y
  #> users.
  #
  #> Ports are used in the TCP [45,106] to name the ends of logical
  #> connections which carry long term conversations.  For the purpose of
  #> providing services to unknown callers, a service contact port is
  #> defined.  This list specifies the port used by the server process as i
ts
  #> contact port.  While the IANA can not control uses of these ports it
  #> does register or list uses of these ports as a convienence to the
  #> community.
  #
  ingreslock      1524/tcp
  ingreslock      1524/udp
  prospero-np     1525/tcp                # Prospero non-privileged
  prospero-np     1525/udp
  rfe             5002/tcp                # Radio Free Ethernet
  rfe             5002/udp                # Actually uses UDP only
  bbs             7000/tcp                # BBS service
  #
  #
  # Kerberos (Project Athena/MIT) services
  # Note that these are for Kerberos v4, and are unofficial.  Sites running
  # v4 should uncomment these and comment out the v5 entries above.
  #
  kerberos4       750/udp         kdc     # Kerberos (server) udp
  kerberos4       750/tcp         kdc     # Kerberos (server) tcp
  kerberos_master 751/udp                 # Kerberos authentication
  kerberos_master 751/tcp                 # Kerberos authentication
  passwd_server   752/udp                 # Kerberos passwd server
  krb_prop        754/tcp                 # Kerberos slave propagation
  krbupdate       760/tcp         kreg    # Kerberos registration
  kpasswd         761/tcp         kpwd    # Kerberos "passwd"
  kpop            1109/tcp                # Pop with Kerberos
  knetd           2053/tcp                # Kerberos de-multiplexor
  zephyr-srv      2102/udp                # Zephyr server
  zephyr-clt      2103/udp                # Zephyr serv-hm connection
  zephyr-hm       2104/udp                # Zephyr hostmanager
  eklogin         2105/tcp                # Kerberos encrypted rlogin
  #
  # Unofficial but necessary (for NetBSD) services
  #
  supfilesrv      871/tcp                 # SUP server
  supfiledbg      1127/tcp                # SUP debugging
  #
  # Datagram Delivery Protocol services
  #
  rtmp            1/ddp                   # Routing Table Maintenance Proto
col
  nbp             2/ddp                   # Name Binding Protocol
  echo            4/ddp                   # AppleTalk Echo Protocol
  zip             6/ddp                   # Zone Information Protocol
  #
  # Debian GNU/Linux services
  rmtcfg          1236/tcp                # Gracilis Packeten remote config 
server
  xtel            1313/tcp                # french minitel
  cfinger         2003/tcp                # GNU Finger
  postgres        4321/tcp                # POSTGRES
  mandelspawn     9359/udp        mandelbrot      # network mandelbrot

  # Local services
 
 5.8.2. /etc/inetd.conf
 
 /etc/inetd.conf  inetd    ̴. ̰  Ư
  񽺿  ӿû   ؾϴ inetd ˷
 ִ ̴. ޾Ƶ̱⸦ ϴ  񽺿  inetd  
   Ұ  ˷־ Ѵ. 
 
 ̰  ſ ϴ.   ϰ 񽺸 Ÿִ ؽ
 Ʈ ̴. '#'  ؽƮ õǸ ּ ֵȴ.   
 (tab Ǵ space) еǴ 7 ʵ带 ´. Ϲ  
  .
 
    service  socket_type   proto  flags   user  server_path  server_args 
 
    service
        /etc/services Ͽó   ̴.
    
    socket_type
         ʵ ش Ʈ ȴٰ   Ÿ Ѵ. 
         stream, dgram, raw, rdw Ǵ seqpacket̴. ̰ ڿ
        ణ ε, ù° Ģ   tcp  񽺴 
       stream ϰ   udp  񽺴 dgram Ѵ. 
       ٸ  ϴ° ſ Ư  ϶ ̴.      
   
    proto
         Ʈ ȿϴٰ ֵǴ . ̰ /etc/services 
         Ʈ ġǾ ϸ  tcp Ǵ udp  ϳ
       ̴.Sun RPC(Remote Procedure Call)  rpc/tcp Ǵ   
       rpc/udp   Ѵ.  
 
    flags 
         ʵ带  ÿ ΰ ۿ . α׷ ѵ 
        ־  Ŀؼ û  ο ϰ ϴ³, 
       ƴϸ ٸ ٸ  ̹ Ѵٰ Ͽ  ͳؼ 
       ٷ Ұ̳ϴ ΰ̴.  ̰ ٷ  ణ ָ
       , tcp   Ʈ nowait ϰ udp  ̰ 
       wait ϴ° ù° ̴. ̰Ϳ ܰ  
        ׷Ƿ Ȯ   ̵带 ϶.
 
    user 
        Ʈũ  Ҷ /etc/passwd     
        ɰΰ ش. ̰ ȹ  ġ Ҷ 
       ϴ.  Ʈ  nobody ν Ʈũ  
         ظ ּȭ Ҽִ. ׷  ʵ  
       root Ǵµ    ϱ ؼ root  
       䱸ϱ ̴. 
 
    server_path
         Ʈ     α׷ ̴.
 
    server_args
         ʵ   κ ̷ ̴.  ʵ  
        α׷ ɶ α׷ Ѱְ Ŀǵ   
       ־ִ κ̴. 
 
 5.8.2.1. /etc/inetd.conf .
 
 /etc/services Ͽ ؼ ó    Ǹ /etc/inetd.co
 nf  ϰ ִ. ⿡   ԵǾ ִ  /etc/
 inetd.conf   ִ. 
 
  # /etc/inetd.conf:  see inetd(8) for further informations.
  #
  # Internet server configuration database
  #
  #
  # Modified for Debian by Peter Tobias <tobias@et-inf.fho-emden.de>
  #
  # <service_name> <sock_type> <proto> <flags> <user> <server_path> <args>
  #
  # Internal services
  #
  #echo           stream  tcp     nowait  root    internal
  #echo           dgram   udp     wait    root    internal
  discard         stream  tcp     nowait  root    internal
  discard         dgram   udp     wait    root    internal
  daytime         stream  tcp     nowait  root    internal
  daytime         dgram   udp     wait    root    internal
  #chargen        stream  tcp     nowait  root    internal
  #chargen        dgram   udp     wait    root    internal
  time            stream  tcp     nowait  root    internal
  time            dgram   udp     wait    root    internal
  #
  # These are standard services.
  #
  telnet  stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.teln
etd
  ftp     stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.ftpd
  #fsp    dgram   udp     wait    root    /usr/sbin/tcpd  /usr/sbin/in.fspd
  #
  # Shell, login, exec and talk are BSD protocols.
  #
  shell   stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.rshd
  login   stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.rlog
ind
  #exec   stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.rexe
cd
  talk    dgram   udp     wait    root    /usr/sbin/tcpd  /usr/sbin/in.talk
d
  ntalk   dgram   udp     wait    root    /usr/sbin/tcpd  /usr/sbin/in.ntal
kd
  #
  # Mail, news and uucp services.
  #
  smtp    stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.smtp
d
  #nntp   stream  tcp     nowait  news    /usr/sbin/tcpd  /usr/sbin/in.nntp
d
  #uucp   stream  tcp     nowait  uucp    /usr/sbin/tcpd  /usr/lib/uucp/uuc
ico
  #comsat dgram   udp     wait    root    /usr/sbin/tcpd  /usr/sbin/in.coms
at
  #
  # Pop et al
  #
  #pop-2  stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.pop2
d
  #pop-3  stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.pop3
d
  #
  # `cfinger' is for the GNU finger server available for Debian.  (NOTE: Th
e
  # current implementation of the `finger' daemon allows it to be run as `r
oot'.)
  #
  #cfinger stream tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.cfin
gerd
  #finger stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.fing
erd
  #netstat        stream  tcp     nowait  nobody  /usr/sbin/tcpd  /bin/nets
tat
  #systat stream  tcp     nowait  nobody  /usr/sbin/tcpd  /bin/ps -auwwx
  #
  # Tftp service is provided primarily for booting.  Most sites
  # run this only on machines acting as "boot servers."
  #
  #tftp   dgram   udp     wait    nobody  /usr/sbin/tcpd  /usr/sbin/in.tftp
d
  #tftp   dgram   udp     wait    nobody  /usr/sbin/tcpd  /usr/sbin/in.tftp
d /boot
  #bootps dgram   udp     wait    root    /usr/sbin/bootpd        bootpd -i 
-t 120
  #
  # Kerberos authenticated services (these probably need to be corrected)
  #
  #klogin         stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin
/in.rlogind -k
  #eklogin        stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin
/in.rlogind -k -x
  #kshell         stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin
/in.rshd -k
  #
  # Services run ONLY on the Kerberos server (these probably need to be cor
rected)
  #
  #krbupdate      stream tcp      nowait  root    /usr/sbin/tcpd  /usr/sbin
/registerd
  #kpasswd        stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin
/kpasswdd
  #
  # RPC based services
  #
  #mountd/1       dgram   rpc/udp wait    root    /usr/sbin/tcpd  /usr/sbin
/rpc.mountd
  #rstatd/1-3     dgram   rpc/udp wait    root    /usr/sbin/tcpd  /usr/sbin
/rpc.rstatd
  #rusersd/2-3    dgram   rpc/udp wait    root    /usr/sbin/tcpd  /usr/sbin
/rpc.rusersd
  #walld/1        dgram   rpc/udp wait    root    /usr/sbin/tcpd  /usr/sbin
/rpc.rwalld
  #
  # End of inetd.conf.
  ident           stream  tcp     nowait  nobody  /usr/sbin/identd        i
dentd -i

 5.9. Ʈũ  ٸ  ϵ.
 
 /etc/protocol     ̵ ִ ͺ
 ̴̽. ̰ α׷Ӱ α׷    Ҽ 
 ֵ ָ tcpdump  α׷  ѹ ̸ ϵ 
 .   Ϲ ý  . 
 
        protocolname number aliases
 
   Բ Ǵ /etc/protocols   . 
 
  # /etc/protocols:
  # $Id: protocols,v 1.1 1995/02/24 01:09:41 imurdock Exp $
  #
  # Internet (IP) protocols
  #
  #       from: @(#)protocols     5.1 (Berkeley) 4/17/89
  #
  # Updated for NetBSD based on RFC 1340, Assigned Numbers (July 1992).

  ip      0       IP              # internet protocol, pseudo protocol numb
er
  icmp    1       ICMP            # internet control message protocol
  igmp    2       IGMP            # Internet Group Management
  ggp     3       GGP             # gateway-gateway protocol
  ipencap 4       IP-ENCAP        # IP encapsulated in IP (officially ``IP
'')
  st      5       ST              # ST datagram mode
  tcp     6       TCP             # transmission control protocol
  egp     8       EGP             # exterior gateway protocol
  pup     12      PUP             # PARC universal packet protocol
  udp     17      UDP             # user datagram protocol
  hmp     20      HMP             # host monitoring protocol
  xns-idp 22      XNS-IDP         # Xerox NS IDP
  rdp     27      RDP             # "reliable datagram" protocol
  iso-tp4 29      ISO-TP4         # ISO Transport Protocol class 4
  xtp     36      XTP             # Xpress Tranfer Protocol
  ddp     37      DDP             # Datagram Delivery Protocol
  idpr-cmtp       39      IDPR-CMTP       # IDPR Control Message Transport
  rspf    73      RSPF            # Radio Shortest Path First.
  vmtp    81      VMTP            # Versatile Message Transport
  ospf    89      OSPFIGP         # Open Shortest Path First IGP
  ipip    94      IPIP            # Yet Another IP encapsulation
  encap   98      ENCAP           # Yet Another IP encapsulation

 5.9.2 /etc/networks
 
 /etc/networks  /etc/hosts ϰ    ִ. ̰ 
 Ʈũ ӿ  巹 ϴ  ͺ̴̽. δ 
  ΰ ʵ带 ´ٴ  ٸ  ʵ   ڵȴ.
 
        # networkname networkaddress
 
   :
 
        loopnet     127.0.0.0
        localnet    192.168.0.0
        amprnet     44.0.0.0
 
 route   ϸ,  Ʈũϰ  Ʈũ /etc/net
 works Ʈ  route  巹 ſ  ÷ 
 ̴ٰ. 
 
 5.10 Ʈũ Ȱ ＼ Ʈ.
 
  ݿ  ڽ ӽŰ Ʈũ Ű° ſ  
 ̶° ϸ  κ ϰڴ.   ڽ  о 
   ʴ´.     ī  ȴ 
  ȹ  ɰϴٸ  ΰ     
 õѴ. ͳݿ õ   ִ. 
 
  ߿  '    !' ̴.   
   񽺰 ǰ ڵ ϵ Ǿִ. ּҷ 
  ؼ Ȯϰ ϰʹٸ /etc/inetd.conf  캸  
   Ʈ  ּóض.  ĺ(?)  
 ̴. 
 
    shell, login, exec, uucp, ftp ׸ finger, netstat, systat  
    ̴. 
 
 װ   Ȱ ＼ Ʈ ī   ׵ 
  ҿ   ̴. 
 
 5.10.1 /etc/ftpusers
 
 /etc/ftpusers  Ư  ftp  ӽ   
   ī̴. /etc/ftpusers   ftp Ŀؼ  ftp 
   .   α  ʴ ڵ gA 
 Ʈ̴. ̰   ϰ̴. 
 
        # /etc/ftpusers - ftp α ȵǴ .
        root
        uucp
        bin
        mail
 
 5.10.2. /etc/securetty
 
 /etc/securetty root  α Ǵ tty ̽ ϵ 
 . /etc/securetty α׷ login α׷( /bin/login)  
 . ̰  root α Ǵ tty ̽ Ʈ̴. 
 (̿ tty root login Ұ)
 
        #/etc/securetty - tty's on which root is allowed to login
        tty1
        tty2
        tty3
        tty4
 
 5.10.3. tcpd ȣƮ ＼ Ʈ ī.
 
 /etc/inetd.conf Ʈ Ȱ  tcpd α׷ ȣϵ  
  αΰ ＼ Ʈ ī Ѵ. 
 ̰ inetd α׷  ȣǾ, ̰ ＼  ȣ
  ִ   ƴ ϰ ִ ΰ  д´. 
  
 ̰ ù° ġ(match) ߰ߵɶ    ã̴. ġ 
   ＼ Գ Ѱ Ѵ. ̰ ã 
  /etc/hosts.allow /etc/hosts.deny ̴.  ̰ ʷ 
ϰڴ.   Ϻ  ؼ   ؾ ʿ
 ִ. (hosts_access(5)   ȴ.).
 
 5.10.3.1. /etc/hosts.allow
 
 /etc/hosts.allow  /usr/sbin/tcpd α׷ ̴. hosts.allo
w    ȣƮ  ӽŻ 񽺿 Ǵ ϴ  
ϴ ̴. 
 
   ſ ϴ. 
 
        # /etc/hosts.allow
        #
        #<service list>: <host list> [: commnad]
 
    service list
          Ǵ   Ʈ ȣ̴. 
          : ftpd, telnetd, fingerd
 
    host list
        ȣƮ   Ʈ ȣ̴. ⿡ IP 巹  
         ִ. Դٰ ׷ ȣƮ ̿ϵ ȣƮ IP 巹 
        ϵ ī带 ̿Ͽ Ҽ ִ.  : gw.vk2ktj.ampr.o 
        rg õ ȣƮ Ӱ ġǰ,   .uts.edu.au   Ʈ 
         ȣƮӰ ġɰ̸, 44.  ̰ ϴ 
        IP ġɰ̴.  ϰ ϱ  Ư ǥ
        ִµ, ̵   : ALL  ȣƮ ġ
       , LOCAL '.'  ʴ  ȣƮ ġȴ. PARANOID
        IP 巹 ġ ʴ  ȣƮӰ ġȴ(name spoofi
       ng).    ū ϳ  ִ. EXCEPT ܸ 
        Ʈ ϴ  Ұ̴. 
 
    command 
        ̰ ɼ Ķ̴. ̰   ɶ Ǵ  
          Ǯ н̴. ̰ ν ȣƮ  αߴ° 
       ϴ  õҼ ְ, Ǵ   õѴٰ ý 
           ڿ  ų ޼  ִ.    
        ɼִ Ȯ ִµ,    : %h Ŀ ȣ 
        Ʈ  Ǵ  ƴ϶ IP 巹 Ȯ¡ϸ, %d ȣ  
           ȮѴ. 
 
 :
 
 #/etc/hosts.allow
 #
 # Allow mail to anyone
 in.smtpd: ALL
 # All telnet and ftp to only hosts within my domain and my host at home.
 telnetd, ftpd: LOCAL, myhost.athome.org.au
 # Allow finger anyone but keep a record of who they are.
 fingerd: ALL: (finger @%h | mail -s "finger from %h" root)
 
 5.10.3.2. /etc/hosts.deny
 
 /etc/hosts.deny  /usr/sbin/tcpd α׷ ̴. hosts.deny 
   ӽŻ 񽺿 ＼  ʴ ȣƮ ϴ 
  Ѵ. 
 
     ִ. 
 
        # /etc/hosts.deny
        # Disallow all hosts with suspect hostnames
        ALL: PARANOID
        #
        # Disallow all hosts.
        ALL: ALL
 
 ̰  Ʈ  ȣƮ Ƿ PARANOID Ʈ ǹ 
 ̴.  ϳ Ʈ  䱸  ո Ʈ ɰ
 . 
 
 /etc/hosts.deny ALL: ALL Ʈ  /etc/hosts.allow ϴ 
  ȣƮ ϴ°   ̴. 
 
 5.10.4. /etc/hosts.equiv
 
 hosts.equiv  Ư ȣƮ Ư  н  ӽŻ
   ＼  ֱ ȴ. ̰   ӽ   
 Ҽ ִ  ȯ濡 ſ ϳ, ׷   Ȼ   
  ȴ.  ȣƮ   ӹ޴ ȣƮŭ һ̴. 
  ִȭϱ ؼ     ڵ鵵 .rhosts 
   ʵ Ǹ ־.
 
 5.10.5. ftp   .
 
  Ʈ  Ͽ Ư ̵ 䱸 ʰ   Ǵ 
 ٿε Ҽֵ ͸ ftp ϴµ  ΰ ִ. ̰ 
  ߴٸ anonymous ＼    ־ Ȯ  
 . κ fptd(8)  ̰Ϳ   ϰ ִ.  
  ׻  Ǹ  ִ Ȯؾ Ѵ.  ߿  anonymous  
  /etc 丮 /etc/passwd 纻  ʴ°̴. ݵ  
 ʿ  ϰ  ֹ ض. ׷    
  ũŷݿ    ϰ ɰ̴. 
 
 5.10.6. Ʈũ ̾.
 
 ͱ׷   ӽſ  ϰ ϴ° پ ȼ
 ̴. ̰Ϳ  ڼ  firewall-howto ٷ. 
 
 5.10.7 ٸ ȵ.
 
 ⿡ ٸ,    غ   ִ. 
 
    sendmail
        װ ߼ ұϰ        
         ηϴ ó δ. װ п ޷,    
          ʰڴ. 
 
    NFS  ׿ Sun RPC .
        ̰ ϶.  񽺿   exploit ִ. NFS  
         ɼ ߰Ѵٴ   ƴ. ׷  װ 
       Ѵٸ Ʈ Ǹ  οϴ°  ϶. 
 
 6.  Network Technology Specific Information.
 
   κе Ư Ʈũ    ̴.  κп 
 Ե  ٸ Ÿ Ʈũ  ݵ Ǵ  ƴϴ. 
 
 6.1. ARCnet
 
 ARCNET ̽ 'arc0s', 'arc1e', 'arc2e'  ̸ٿ. Ŀο 
  ó ߰ߵǴ ī 'eth0' ҴǸ  ׵ ߰ߵǴ 
   ʴ Ҵȴ.  ڴ ̴ ĸ̼ Ŷ  
 ߴ, RFC1051 Ŷ  ߴ ˷ش. 
 
 Ŀ  ɼ:
 
        Network device support  --->
           [*] Network device support
           <*> ARCnet support
           [ ]   Enable arc0e (ARCnet "Ether-Encap" packet format)
           [ ]   Enable arc0s (ARCnet RFC1051 packet format)
 
 ѹ̶ ̴ ī   Ŀ    ִٸ  
 ī  ̴. 
 
     ̴:
 
        # ifconfig arc0e 192.168.0.1 netmask 255.255.255.0 up
        # route add 192.168.0.0 netmask 255.255.255.0 arc0e
 
 ڼ  /usr/src/linx/Documentation/networking/arcnet-hardware.txt 
  ϶. 
 
 ARCNet  Avery Pennarun, apenwarr@foxnet.net ؼ ߵǾ.
 
 6.2. Appletalk(AF_APPLETALK)
 
 Appletalk  Ư ̽  ʴµ, ̰  Ʈũ 
 ̽ ϱ ̴. ̰ ߿   ӽŰ  ǻ
 Ͱ ͳ ũ ڿ ϱ ؼ̴. ߰ Ʈ 
 ʿϸ ̰ netatalk Ҹ. Wesley Craig netatalk@umich.edu   
 ð  'Research Systems Unix Groups'̶  ǥ ׵ neta 
 talk Ű  µ, ̰ Appletalk  ð    
 ƿƼ ϴ Ʈ Ѵ. netatalk Ű   
  ǰų ƴϸ ̽ð п ִ ȨƮ ftp   
 .  
 <ftp://terminator.rs.itd.umich.edu/unix/netatalk/>
 
  Ű ġϱ ؼ   ϶.
 
        # cd /usr/src
        # tar xvfz .../netatalk-1.4b2.tar.Z
        - ⼭ 'Makefile' ϰ  ִµ, Ư ϵ   
    
    ġ ΰ ִ DESTDIR  ٲپ ֱ           
  ̴. Ʈ /usr/local/atalk Ǿִµ ſ ϴ. 
        # make 
        - as root:
        # make install
 
 6.2.1. Appletalk Ʈ .
 
 ̰ ϰ ϱ   ؾ /etc/services Ͽ ο 
 Ʈ ߰ϴ ̴. ߰ Ʈ  :
 
       rtmp    1/ddp   # Routing Table Maintenance Protocol
       nbp     2/ddp   # Name Binding Protocol
       echo    4/ddp   # AppleTalk Echo Protocol
       zip     6/ddp   # Zone Information Protocol
        
  /usr/local/atalk/etc 丮(Ȥ Ű ġ 丮) ap
 pletalk   ִ ̴. 
 
 ó  ϴ  /usr/local/atalk/etc/atalkd.conf ̴. 
 ó    ӽ ִ Ʈũ ϴ Ʈũ ̽
  ̸ ϴ ϳ θ ʿһ̴. 
 
        eth0
 
 Appletalk   λ׵ ڿ ߰Ұ̴. 
 
 6.2.2. Appletalk   Ͻý Ž.
 
 Ʈũ øӽ ϵ  Ͻý Ʈũ export 
 Ҽ ִ. 
 
 ̰ ؼ /usr/local/atalk/etc/AppleVolumes.system  ؾ 
 Ѵ. /usr/local/atalk/etc/AppleVolumes.default Ҹ ٸ  ϵ  
 ִµ ̰     , ԽƮ     
  ڰ   ý  ΰ Ѵ. 
 
      λװ  پ ɼ ִ° afpd 
  ã ִ. 
 
     ִ:
 
        /tmp Scratch 
        /home/ftp/pub "Public Area"
 
 ̰ /tmp Ͻý AppleShare Volume 'Scratch', ftp public 
 丮 AppleShare Volume 'Public Area' export Ұ̴. Volume ̸  
    ƴϰ   ϸ, ¶ ׵    
 ƶ.
 
 6.2.3. Appletalk    ϱ.
 
  ϰ  ͸  ӽŰ Ҽ ִ.  Apple Pr
 inter Access Protocol Daemon papd  ʿ䰡 ִ.  α׷ 
 ϸ ̰  ӽ  û ޾Ƶ̰    
  Ʈ  ǮҰ̴. 
 
    ؼ /usr/local/atalk/etc/papd.conf   
 䰡 ִ. ǿ ־ ̸ Appletalk naming ݰ Բ ϵɰ
 ̴. 
 
     ִ:
 
        TricWriter:\
            :pr=lp:op=cg:
 
 ̰ Appletalk Ʈũ  'TricWriter' ̸ ͸  
  job lpd ϴ 'lp'(/etc/printcap ǵ ٿ ) 
 ͷ Ʈ ɰ̴. 'op=cg' Ʈ   'cg'  ۷
  ش. 
 
 6.2.4. Appletalk Ʈ ϱ.
 
 ok,   ⺻  ׽Ʈ غ Ǿ. netatalk Ű 
  Ǹ  ϴ rc.atalk  ִ. ׷Ƿ   
 ָ ȴ. 
 
        # /usr/local/atalk/etc/rc.atalk
 
  ϰ  ư̴. ƹ ޼  ̰,  
  Ҷ  Ʈ ַܼ ޼ ̴. 
 
 6.2.5. appletalk Ʈ ׽Ʈ.
 
  Ʈ ϰ ϴ° ׽Ʈϱ ؼ øӽ 
 , Apple ޴ Ǯٿϰ, Chooser ѵ, AppleShare Ŭ
 . ׷  ڽ ϰ̴. 
 
 6.2.6. appletalk Ʈ .
 
 A IP Ʈũ ϱ  appletalk  ؾ  𸥴. 
   Appletalk α׷ ϴµ  ִٸ, Ȥ װ ѵڿ 
   IP Ʈũ  ٸ, /etc/rc.d/rc.inet1  ϱ  
   Appletalk α׷  ƶ. 
 
 A afpd(Apple Filing Protocol Daemon) ϰ ϵũ ƸԴ´. 
   Ʈ Ʈ Ʒ ̰  丮 . ̰ .AppleDouble 
   丮  resource fork   ִ. ׷Ƿ '/' ͽ
   (exporting)ϱ  ι ϶. ߿ ϴµ  ð 
   ɸ̴. 
 A afpd α׷ κ Ŭ ؽƮ н带 Ѵ.  
      Ƿ ͳݿ  ӽſ   Ҷ 
   ϶.   Ѵٸ  ڽ ؾ Ѵ. 
 
 A netstat, ifconfig  м Appletalk  ʴ´. ʿ
   ٸ /proc/net 丮   ִ. 
 
 6.2.7. ׿ .
 
  Aplletalk ϴ    ڼ  thehamptons.c
 om <http://thehamptons.com/anders/netatalk/> Anders Brownworth Linux Net
 atalk-HOWTO  ϶. 
 
 6.3. ATM
 
  Asynchronous Transfer Mode ϱ  Ʈ Werner Alme
 sberger <werner.almesberger@lrc.di.epfl.ch> ̴. Ʈ Ȳ
       ִ.<http://rlcwww.epfl.ch/linux-atm>
 
 6.4. AX25 (AF_AX25)
 
 AX.25 ̽ Ŀ 2.0.* 'sl0', 'sl1' ̰, Ŀ 2.1.* 'ax0', 
 'ax1' ̴. 
 
  Kernel Compile Options:

       Networking options  --->
           [*] Amateur Radio AX.25 Level 2

 AX25, Netrom, Rose Ŭ AX25-HOWTO  ٷ .   
 Ŷ    Ƹ߾  ۷Ϳ  ȴ.
 
   implementation κ ۾ Jonathon Naylor, jsn@cs.no
 t.ac.uk  ̷. 
 
 6.5. DECNet.
 
 DECNet  絵  ۾̴.  2.1.* Ŀο  
 ڴ. 
 
 6.6. EQL - multiple line traffic equaliser
 
 EQL ̽ ̸ 'eql'̴. ǥ Ŀμҽδ  ӽŴ ϳ EQL 
 ̽ ´. EQL tcp/ip ϴ ̱  ũμ PPP, sli
 p, plip  point to point Ȱ  Ѵ.   
    Ѱ   °ͺ  δ. 

   Kernel Compile Options:

       Networking options  --->
           [*] Amateur Radio AX.25 Level 2
 
  ī ϱ ؼ  ٸ  ִ ӽŵ EQL 
  Ѵ. Linux, Livingstone, Portmaster ׸ ο ̾  ȣȯ
 ɷ Ѵ. 
 
 EQL ϱ ؼ  Ҽ ִ eql  ־ Ѵ. 
 sunsite.unc.edu
 <ftp://sunsite.unc.edu/pub/linux/system/Serial/eql-1.2.tar.gz>
 
   ϴ. eql ̽ ϸ鼭 Ѵ. eql 
  ٸ Ʈũ ̽ ϴ.   ifconfig ƿƼ 
 ̿Ͽ IP 巹 myu Ѵ. 
 
    ifconfig eql 192.168.10.1 mtu 1006
    route add default eql
 
      ʱȭ ʿ䰡 ִ. ̰ point to 
 point ̽  Ÿ. Ŀؼ  ʱȭҰΰ ϴ°
     ޶,  ڼ   κ ϱ 
 . 
 
  EQL ̽ ø ũ  ʿ䰡 , ̰ 'ensl
 aving'̶ Ҹ ̴ ٿ  eql_enslave  ̷. 
 
        eql_enslave eql sl0 28800
        eql_enslave eql ppp0 14400
 
  eql_enslave ϴ 'estimated speed' Ķʹ δ 
 ƹ͵   ̴. ̰ EQL ̹  ̽ ŭ 
 ͱ׷ ΰ ϱ  ȴ. ׷Ƿ   
  ν   Ҽ ִ.
 
 EQL ̽     ؼ   eql_emancipate 
  Ѵ. 
 
        eql_emancipate eql sl0
 
 Ʈ  ø ̽ ſ eql ̽ ϴ  
  ٸ point to point ũ  ߰Ҽ ִ.   
  Ͽϰ:
 
        route add default eql0
 
 EQL ̹ Simon Janes simon@ncm.com  ߵǾ. 
 
 6.7. ̴.
 
 ̴ ̽ ̸ 'eth0', 'eth1' ,'eth2' ̴. Ŀο  ù°
  ߰ߵǴ ī 'eth0' ҴǸ  ߰ߵǴ ߰ߵǴ  
 Ҵȴ. 
 
  󿡼 ̴ ī ۹ ˰ʹٸ Ethernet-HOWTO ϶. 
 
 ̴ ī带 ϵ Ŀ  Ҵٸ   ̴. 
 
 ü   Ÿ̴. 
 
    # ifconfig eth0 192.168.0.1 netmask 255.255.255.0 up
    # route add 192.168.0.0 netmask 255.255.255.0 eth0
 
 κ ̴ ̹ Donald Becker, becker@CESDIS.gsfc.nasa.gov 
  ߵǾ. 
 
 6.8. FDDI
 
 FDDI ̽  'fddi0', 'fddi1', 'fddi2' ̴. Ŀο  ó
  ߰ߵǴ ̽ 'fddi0' Ҵǰ,  ߰ߵǴ  
 ȴ. 
 
 Lawrence V. Stefani, stefani@lkg.dec.com  Digital Equipment Corporation 
 FDDI EISA ׸ PCI ī带 ߴ. 
 
   Kernel Compile Options:

       Network device support  --->
           [*] FDDI driver support
           [*] Digital DEFEA and DEFPA adapter support
 FDDI ̹ ϴ Ŀ  ġߴٸ, FDDI ̽ 
  ̴ ̽   ϴ.  FDDI ̽ ̸
  ifconfig route ɿ ؾ Ѵ. 
 
 6.8. Frame Relay
 
 DLCI ĸ̼ ̽    ̽ ̸ 'dlci00'
 , 'dlci01' ̸, FRAD   'sdla0', 'sdla1'̴. 
 
  ̴  Ǵ  Ŀ Ŀ´̼ Ʈȿ 
    ο Ʈŷ ̴. Frame Relay Access Device(FRAD) 
    Ʈũ Ҽ ִ.   ̴ RFC-
 1490 ȴ   󿡼 IP Ѵ. 
 
   Kernel Compile Options:

       Network device support  --->
           <*> Frame relay DLCI support (EXPERIMENTAL)
           (24)   Max open DLCI
           (8)   Max DLCI per device
           <*>   SDLA (Sangoma S502/S508) support
 
 Mike McLagan, mike.mclagan@linux.org     
 ߴ. 
 
  Ǵ   ̴ Sangoam Technology S502A, S502E, S5
 08̴. 
 
 Ŀ 缳ġĿ FRAD DLCI ϱ ؼ ftp.invlogic.com 
  ִ    ʿϴ. 
 <ftp://ftp.invlogic.com/pub/linux/fr/frad-0.15.tgz>. ϰ ġ ſ 
 ϳ, top  Makefile Ƿ  ־ Ѵ. 
 
        # cd /usr/src
        # tar xvfz .../frad-0.15.tgz
        # cd frad-0.15
        # for i in common dlci frad; do cd $i; make clean; make; cd ..;done
        # mkdir /etc/frad
        # install -m 644 -o root -g bin/*.sfm /etc/frad
        # install -m 700 -o root -g root frad/fradcfg /sbin
        # install -m 700 -o root -g root dlci/dlcicfg /sbin
 
  ġѵڿ /etc/frad/router.conf   ʿ䰡 ִ.  ø 
 ̿Ҽ , ̰    ̴.
 
  # /etc/frad/router.conf
  # This is a template configuration for frame relay.
  # All tags are included. The default values are based on the code
  # supplied with the DOS drivers for the Sangoma S502A card.
  #
  # A '#' anywhere in a line constitutes a comment
  # Blanks are ignored (you can indent with tabs too)
  # Unknown [] entries and unknown keys are ignored
  #

  [Devices]
  Count=1                 # number of devices to configure
  Dev_1=sdla0             # the name of a device
  #Dev_2=sdla1            # the name of a device

  # Specified here, these are applied to all devices, and can be overriden 
for
  # each individual board.
  #
  Access=CPE
  Clock=Internal
  KBaud=64
  Flags=TX
  #
  # MTU=1500              # Maximum transmit IFrame length, default is 4096
  # T391=10               # T391 value    5 - 30, default is 10
  # T392=15               # T392 value    5 - 30, default is 15
  # N391=6                # N391 value    1 - 255, default is 6
  # N392=3                # N392 value    1 - 10, default is 3
  # N393=4                # N393 value    1 - 10, default is 4

  # Specified here, these set the defaults for all boards
  # CIRfwd=16             # CIR forward   1 - 64
  # Bc_fwd=16             # Bc forward    1 - 512
  # Be_fwd=0              # Be forward    0 - 511
  # CIRbak=16             # CIR backward  1 - 64
  # Bc_bak=16             # Bc backward   1 - 512
  # Be_bak=0              # Be backward   0 - 511

  #
  #
  # Device specific configuration
  #
  #

  #
  # The first device is a Sangoma S502E
  #
  [sdla0]
  Type=Sangoma            # Type of the device to configure, currently only
                          # SANGOMA is recognised
  #
  # These keys are specific to the 'Sangoma' type
  #
  # The type of Sangoma board - S502A, S502E, S508
  Board=S502E
  #
  # The name of the test firmware for the Sangoma board
  # Testware=/usr/src/frad-0.10/bin/sdla_tst.502
  #
  # The name of the FR firmware
  # Firmware=/usr/src/frad-0.10/bin/frm_rel.502
  #
  Port=360                # Port for this particular card
  Mem=C8                  # Address of memory window, A0-EE, depending on c
ard
  IRQ=5                   # IRQ number, do not supply for S502A
  DLCIs=1                 # Number of DLCI's attached to this device
  DLCI_1=16               # DLCI #1's number, 16 - 991
  # DLCI_2=17
  # DLCI_3=18
  # DLCI_4=19
  # DLCI_5=20
  #
  # Specified here, these apply to this device only,
  # and override defaults from above
  #
  # Access=CPE            # CPE or NODE, default is CPE
  # Flags=TXIgnore,RXIgnore,BufferFrames,DropAborted,Stats,MCI,AutoDLCI
  # Clock=Internal        # External or Internal, default is Internal
  # Baud=128              # Specified baud rate of attached CSU/DSU
  # MTU=2048              # Maximum transmit IFrame length, default is 4096
  # T391=10               # T391 value    5 - 30, default is 10
  # T392=15               # T392 value    5 - 30, default is 15
  # N391=6                # N391 value    1 - 255, default is 6
  # N392=3                # N392 value    1 - 10, default is 3
  # N393=4                # N393 value    1 - 10, default is 4

  #
  # The second device is some other card
  #
  # [sdla1]
  # Type=FancyCard        # Type of the device to configure.
  # Board=                # Type of Sangoma board
  # Key=Value             # values specific to this type of device

  #
  # DLCI Default configuration parameters
  # These may be overridden in the DLCI specific configurations
  #
  CIRfwd=64               # CIR forward   1 - 64
  # Bc_fwd=16             # Bc forward    1 - 512
  # Be_fwd=0              # Be forward    0 - 511
  # CIRbak=16             # CIR backward  1 - 64
  # Bc_bak=16             # Bc backward   1 - 512
  # Be_bak=0              # Be backward   0 - 511

  #
  # DLCI Configuration
  # These are all optional. The naming convention is
  # [DLCI_D<devicenum>_<DLCI_Num>]
  #

  [DLCI_D1_16]
  # IP=
  # Net=
  # Mask=
  # Flags defined by Sangoma: TXIgnore,RXIgnore,BufferFrames
  # DLCIFlags=TXIgnore,RXIgnore,BufferFrames
  # CIRfwd=64
  # Bc_fwd=512
  # Be_fwd=0
  # CIRbak=64
  # Bc_bak=512
  # Be_bak=0

  [DLCI_D2_16]
  # IP=
  # Net=
  # Mask=
  # Flags defined by Sangoma: TXIgnore,RXIgnore,BufferFrames
  # DLCIFlags=TXIgnore,RXIgnore,BufferFrames
  # CIRfwd=16
  # Bc_fwd=16
  # Be_fwd=0
  # CIRbak=16
  # Bc_bak=16
  # Be_bak=0
 
 /etc/frad/router.conf  ,  ̽ ϴ ϸ 
 Ҵ. ̰  Ʈũ ̽   ϸ, DLCI ĸ
 ̼ ̽  FRAD ̽ ;  ؾ Ѵ. 
 
    # Configure the frad hardware and the DLCI parameter
    /sbin/fradcfg /etc/frad/router.conf || exit 1
    /sbin/dlcicfg file /etc/frad/router.conf 
    # Bring up the FRAD device
    ifconfig sdla0 up
    #
    # Configure the DLCI encapsulation interface and routing
    ifconfig dlci00 192.168.10.1 pointopoint 192.168.10.2 up
    route add 192.168.10.0 netmask 255.255.255.0 dlci00
    #
    ifconfig dlci01 192.168.11.1 pointopoint 192.168.11.2 up
    route add 192.168.11.0 netmask 255.255.255.0 dlci00
    #
    route add default dev dlci00
    #
 
 6.10. IP ī.
 
  Ŀ IP ī feature  Ʈũ  ͸ ϰ 
 мҼ ְ ش.  ʹ װ  µ Ŀ 
  Ŷ   Ʈ ̷.  ڽ  ° 
  figure зϴ پ  Ҽ ִ. 
 
   Kernel Compile Options:

       Networking options  --->
           [*] IP: accounting

 Ŀ ϰ ġѵڿ IP ī ϱ ؼ ipfwadm 
   ʿ䰡 ִ. Ҽ ִ IP ī з  ִ. 
  ϱ    ϳ ,  ڼ  ϸ 
 ipfwadm  о ٶ. 
 
 ó: PPP ͳݿ  ̴ Ʈũ ִ. ̴ 󿡴 y
  񽺸 ϴ ӽ ְ, telnet, rogin, ftp, www   ߻
  Ʈ ˰; Ѵ. 
 
 Ƹ   ̴ ɾ  Ұ̴. 
 
       #
       # Flush the accounting rules
       ipfwadm -A -f
       #
       # Add rules for local ethernet segment
       ipfwadm -A in -a -P tcp -D 44.136.8.96/29 20
       ipfwadm -A out -a -P tcp -S 44.136.8.96/29 20
       ipfwadm -A in -a -P tcp -D 44.136.8.96/29 23
       ipfwadm -A out -a -P tcp -S 44.136.8.96/29 23
       ipfwadm -A in -a -P tcp -D 44.136.8.96/29 80
       ipfwadm -A out -a -P tcp -S 44.136.8.96/29 80
       ipfwadm -A in -a -P tcp -D 44.136.8.96/29 513
       ipfwadm -A out -a -P tcp -S 44.136.8.96/29 513
       ipfwadm -A in -a -P tcp -D 44.136.8.96/29
       ipfwadm -A out -a -P tcp -D 44.136.8.96/29
       ipfwadm -A in -a -P udp -D 44.136.8.96/29
       ipfwadm -A out -a -P udp  -D 44.136.8.96/29
       ipfwadm -A in -a -P icmp -D 44.136.8.96/29
       ipfwadm -A out -a -P icmp -D 44.136.8.96/29
       #
       # Rules for default
       ipfwadm -A in -a -P tcp -D 0/0 20
       ipfwadm -A out -a -P tcp -S 0/0 20
       ipfwadm -A in -a -P tcp -D 0/0 23
       ipfwadm -A out -a -P tcp -S 0/0 23
       ipfwadm -A in -a -P tcp -D 0/0 80
       ipfwadm -A out -a -P tcp -S 0/0 80
       ipfwadm -A in -a -P tcp -D 0/0 513
       ipfwadm -A out -a -P tcp -S 0/0 513
       ipfwadm -A in -a -P tcp -D 0/0
       ipfwadm -A out -a -P tcp -D 0/0
       ipfwadm -A in -a -P udp -D 0/0
       ipfwadm -A out -a -P udp  -D 0/0
       ipfwadm -A in -a -P icmp -D 0/0
       ipfwadm -A out -a -P icmp -D 0/0
       #
       # List the rules
       ipfwadm -A -l -n
       #

    ī  ϰ    ش. 
 
 IP ī мҶ ؾ  ߿  ġϴ  꿡  
 Ż ɰ̶ ε, ׷Ƿ ٸ figure  ؼ  
  ó ؾ ʿ䰡 ִ.   󸶳  Ͱ ftp, teln
 et, rlogin, www Ͱ ƴ  ˰ ʹٸ,  Ʈ ġǴ 
 꿡 (ftp, telnet, rlogin, www) Ż ڴ. 
 
  # ipfwadm -A -l -n
  IP accounting rules
   pkts bytes dir prot source               destination          ports
      0     0 in  tcp  0.0.0.0/0            44.136.8.96/29       * -> 20
      0     0 out tcp  44.136.8.96/29       0.0.0.0/0            20 -> *
      0     0 in  tcp  0.0.0.0/0            44.136.8.96/29       * -> 23
      0     0 out tcp  44.136.8.96/29       0.0.0.0/0            23 -> *
     10  1166 in  tcp  0.0.0.0/0            44.136.8.96/29       * -> 80
     10   572 out tcp  44.136.8.96/29       0.0.0.0/0            80 -> *
    242  9777 in  tcp  0.0.0.0/0            44.136.8.96/29       * -> 513
    220 18198 out tcp  44.136.8.96/29       0.0.0.0/0            513 -> *
    252 10943 in  tcp  0.0.0.0/0            44.136.8.96/29       * -> *
    231 18831 out tcp  0.0.0.0/0            44.136.8.96/29       * -> *
      0     0 in  udp  0.0.0.0/0            44.136.8.96/29       * -> *
      0     0 out udp  0.0.0.0/0            44.136.8.96/29       * -> *
      0     0 in  icmp 0.0.0.0/0            44.136.8.96/29       *
      0     0 out icmp 0.0.0.0/0            44.136.8.96/29       *
      0     0 in  tcp  0.0.0.0/0            0.0.0.0/0            * -> 20
      0     0 out tcp  0.0.0.0/0            0.0.0.0/0            20 -> *
      0     0 in  tcp  0.0.0.0/0            0.0.0.0/0            * -> 23
      0     0 out tcp  0.0.0.0/0            0.0.0.0/0            23 -> *
     10  1166 in  tcp  0.0.0.0/0            0.0.0.0/0            * -> 80
     10   572 out tcp  0.0.0.0/0            0.0.0.0/0            80 -> *
    243  9817 in  tcp  0.0.0.0/0            0.0.0.0/0            * -> 513
    221 18259 out tcp  0.0.0.0/0            0.0.0.0/0            513 -> *
    253 10983 in  tcp  0.0.0.0/0            0.0.0.0/0            * -> *
    231 18831 out tcp  0.0.0.0/0            0.0.0.0/0            * -> *
      0     0 in  udp  0.0.0.0/0            0.0.0.0/0            * -> *
      0     0 out udp  0.0.0.0/0            0.0.0.0/0            * -> *
      0     0 in  icmp 0.0.0.0/0            0.0.0.0/0            *
      0     0 out icmp 0.0.0.0/0            0.0.0.0/0            *
  #

 6.11. IP ˸ƽ.
 
 ϳ Ʈũ  IP 巹   ִ   α
  ִµ ̰  ϴ. ͳ  ڴ  ϴ w
 ww̳ ftp  'customized' Ѵ. 
 
   Kernel Compile Options:

       Networking options  --->
           ....
           [*] Network aliasing
           ....
           <*> IP: aliasing support
 
 IP ˸ƽ  Ͽ Ŀ ϰ ġ   ſ 
 ϴ. ˸ƽ  Ʈũ ̽   Ʈũ ̽ 
 ߰ȴ.  ̸ Ծ  ̽ <devname>:<virtual dev num>
 ,  eth0:0, ppp0:10 · ȴ. 
 
 ν, ΰ δٸ IP  ÿ ϴ ̴ Ʈũ 
  ִٰ ϰ ΰ η ̷Ʈ ＼ Ҽִٸ   
 Ҽ ִ. 
 
        #   
        # ifconfig eth0:0 192.168.1.1 netmask 255.255.255.0 up
        # route add -net 192.168.1.0 netmask 255.255.255.0 eth0:0
        #
        # ifconfig eth0:1 192.168.10.1 netmask 255.255.255.0 up
        # route add -net 192.168.10.0 netmask 255.255.255.0 
        #
 
 ˸ƽ  װ ̸ڿ  '-' ߰ϸ ȴ.
 
        # ifconfig eth0:0- 0
 
  ˸ƽ õ  Ʈ ڵ ̴. 
 
 6.12. IP ̾
 
 IP ̾ ̾  ̽ firewall-howto  ٷ. IP 
 ̾ ͸  IPκ ͱ׷ ϴ  
  㰡  Ʈũ ＼κ ӽ ȣش.  Ŭ 
  ִµ, incoming filtering, outgoing filtering, forwarding filtering
 ̴. Incoming  Ʈũ ̽κ ޾Ƶ̴ ͱ׷ 
 ȴ. Outgoing  Ʈũ ̽  ۵Ǵ ͱ׷ 
 . Filterling   õ ͱ׷   ӽ  
  ޾Ƶ̴ ͱ׷ ȴ. 
 
   Kernel Compile Options:

       Networking options  --->
           [*] Network firewalls
           ....
           [*] IP: forwarding/gatewaying
           ....
           [*] IP: firewalling
           [ ] IP: firewall packet logging

 IP ̾   ipfwadm  ؼ ̷. ̹ ߴٽ
 ,   о߰ ƴϸ   Ҽ ִ  
  ϴ,  ڽſ ߿ϴٸ  ΰ ϰ ؾ 
 Ѵ. 
 
 IP ̾ ϴ    㰡  Ʈũ ܺηκ
  ＼ Ͽ ӽ ͳ ̾ Ʈ̷ ̿
   ̴. 
 
   Arnt Gulbrandsen, <agulbra@troll.no>  ٰ ̴. 
 
 Ʒ   ̾׷ ׷Ͱ   ̾/ ӽ 
 ̾  ϰ ִ. 
       -                                   -
        \                                  | 172.16.37.0
         \                                 |   /255.255.255.0
          \                 ---------      |
           |  172.16.174.30 | Linux |      |
       NET =================|  f/w  |------|    ..37.19
           |    PPP         | router|      |  --------
          /                 ---------      |--| Mail |
         /                                 |  | /DNS |
        /                                  |  --------
       -                                   -
    rc Ͽ ־ ý õɶ ڵ 
 ɰ̴. ִ  ؼ ̰ Ʈũ  ڿ ׷ 
 Ʈũ  غǱ , (̾ ϴ ȿ  
   ° ؼ), Ǿ Ѵ. 
 
 #!/bin/sh
 
 # Flush the 'Forwarding' rules table
 # Change the default policy to 'accept'
 #
 /sbin/ipfwadm -F -f
 /sbin/ipfwadm -F -p accept
 #
 #.. and for 'Incoming'
 #
 /sbin/ipfwadm -I -f
 /sbin/ipfwadm -I -p accept
 
 # First off, seal off the PPP interface
 # I'd love to use '-a deny' instead of '-a reject -y' but then it
 # would be impossible to originate connections on that interface too.
 # The -o causes all rejected datagrams to be logged. This trades
 # disk space against knowledge of an attack of configuration error.
 #
 /sbin/ipfwadm -I -a reject -y -o -P tcp -S 0/0 -D 172.16.174.30
 
 # Throw away certain kinds of obviously forged packet packets right away.
 # Nothing should come from multicast/anycast/broadcast addresses.
 #
 /sbin/ipfwadm -F -a deny -o -S 224.0/3 -D 172.16.37.0/24
 #
 # and nothing coming from the loopback network should ever be
 # seen on a wire
 /sbin/ipfwadm -F -a deny -o -S 127.0/8 -D 172.16.37.0/24
 
 # accept incoming SMTP and DNS connections, but only 
 # to the Mail/Name Server
 #
 /sbin/ipfwadm -F -a accept -P tcp -S 0/0 -D 172.16.37.19 25 53
 #
 # DNS uses UDP as well as TCP, so allow that too
 # for question to our name server
 #
 /sbin/ipfwadm -F -a accept -P udp -S 0/0 -D 172.16.37.19 53
 #
 # but not "answers" coming to dangerous ports like NFS and
 # Larry McVoy's NFS extension. If you run squid, add its port here.
 #
 /sbin/ipfwadm -F -a deny -o -P udp -S 0/0 53 \
        -D 172.16.37.0/24 2049 2050
 
 # answers to other user port are okay
 #
 /sbin/ipfwadm-F -a accept -P udp -S 0/0 53 \
        -D 172.16.37.0/24 53 1024:65535
 
 # Reject incoming connections to identd
 # We use 'reject' here so that the connecting host is told 
 # straight away not to bother continuing, otherwise we'd experience
 # delays while ident timed out.
 #
 /sbin/ipfwadm -F -a reject -o -P tcp -S 0/0 -D 172.16.37.0/24 113
 
 # Accept some common service connections from the 192.168.64 and 
 # 192.168.65 networks, they are friends that we trust.
 #
 /sbin/ipfwadm -F -a accept -P tcp -S 192.168.64.0/23 \
        -D 172.16.37.0/24 20:23
 
 # accept and pass thruough anything originating inside 
 #
 /sbin/ipfwadm -F -a accept -P tcp -S 172.16.37.0/24 -D 0/0
 
 # deny most other incoming TCP connections, and log them
 # (append 1:1023 if you have problems with ftp not working)
 # 
 /sbin/ipfwadm -F -a deny -o -y - tcp -S 0/0 -D 172.16.37.0/24
 
 # ... for UDP too
 #
 /sbin/ipfwadm -F -a deny -o -P udp -S 0/0 -D 172.16.37.0/24
 
 Ǹ ̾ ϴ   ϴ.   п ո 
  ɰ̴. ipfwadm    ϴ  ־ 
   ̴ٰ.  ̾ ϰ Ѵٸ,  ϴٰ 
 ϴ ҽ   ̽  Ʈũ ܺο ׽ũ غ
  ٶ. 
 
 6.13. IPX (AF_IPX)
 
 IPX  밳 뺧 Ʈ   Ʈũ ȯ濡 Ȱ
 .     ϰ , IPX Ʈũ 
 Ʈ(endpoint) Ǵ ͷ ɰ̴. 
 
   Kernel Compile Options:

       Networking options  --->
           [*] The IPX protocol
           [ ] Full internal IPX network
 
 IPX ݰ NCPFS IPX-HOWTO  ٷ. 
 
 6.14. IPv6 
 
   IP Ʈũ ϱ ߴٰ Ҷ  ȴ! IPv6
  ͳ   6   ̴. IPv6 ͳ ȸ 
 Ҵ 巹 ϴٴ  غϱ ؼ ߵǾ. IPv6 
  32byte(128bit) ̴. IPv6 ٸ  ϰ ִµ 
 밳 ȭ Ѱ̰ ̰ IPv4  IPv6 ٷ   
 . 
 
  2.1.* Ŀο IPv6 ϰ  Ѱ ƴϴ. 
 
 ż ͳ  ϰ ʹٸ, Ǵ ̰ ʿϴٸ, www.terra.
 net Ҽִ IPv6-FAQ о ٶ. 
 <http://www.terra.net/ipv6/>.
 
  7 23  øϴ.
     Ʈ sudoer@nownuri.net ֽñ ٶϴ. 
 
