   NET-3-HOWTO, Linux Networking.

   : Terry Dawson, VK2KTJ, terry@perf.no.itg.telstra.com.au
  <mailto:terry@perf.no.itg.telstra.com.au>

  Ͻ : 1997 7 12 (2/3 з)
   :  , sudoer@nownuri.net <mailto:sudoer@nownuri.net> van
  dal@danjae.skku.ac.kr <mailto:vandal@danjae.skku.ac.kr>

   ۷ ý  κ scratch ۼ Ŀα
  Ʈ ŷ  ڶ . ֱ Ŀο ԵǾ ִ tcp/ip
  implementa  tion     ؼ װ
  ġִ    ش.     Ʈŷ Ʈ,
  õ  ġ   ϴµ ǥ ΰִ.
  ______________________________________________________________________

  

  1.   ޶ .
  2. Ұ
     2.1 Feedback

  3.     ΰ(net-3-howto-howto?).
  4. General Information about Linux Networking.
     4.1  Ʈŷ Ŀ   .
     4.2  Ʈŷ  ٸ  𿡼 ΰ?
     4.3 𿡼  ѵ  Ʈũ   ִ°?

  5. Ϲ Ʈũ  õ .
     5.1 Ϸ  ʿѰ?
        5.1.1  Ŀ ҽ
        5.1.2  Ʈũ .
        5.1.3 Ʈũ  α׷
        5.1.4 Addresses.
     5.2    ־ ϴ°?
     5.3 Ʈũ ̽ 
     5.4 Ʈũ ̽ .
     5.5  ؼ(Name Resolver) .
        5.5.1 ̸  ֳ?
        5.5.2 п ʿ .
        5.5.3 /etc/resolv.conf
        5.5.4 /etc/host.conf
        5.5.5 /etc/hosts
     5.6  ̽ .
     5.7 .
        5.7.1 õ α׷  ϴ°?
     5.8 Ʈũ   .
        5.8.1 /etc/services
           5.8.1.1 /etc/services  .
        5.8.2 /etc/inetd.conf
           5.8.2.1 /etc/inetd.conf .
     5.9 Ʈũ  ٸ  ϵ.
        5.9.1 /etc/networks
     5.10 Ʈũ Ȱ ＼ Ʈ.
        5.10.1 /etc/ftpusers
        5.10.2 /etc/securetty
        5.10.3 tcpd ȣƮ ＼ Ʈ ī.
           5.10.3.1 /etc/hosts.allow
           5.10.3.2 /etc/hosts.deny
        5.10.4 /etc/hosts.equiv
        5.10.5 ftp   .
        5.10.6 Ʈũ ̾.
        5.10.7 ٸ ȵ.

  6. Network Technology Specific Information.
     6.1 ARCnet
     6.2 Appletalk(AF_APPLETALK)
        6.2.1 Appletalk Ʈ .
        6.2.2 Appletalk   Ͻý Ž.
        6.2.3 Appletalk    ϱ.
        6.2.4 Appletalk Ʈ ϱ.
        6.2.5 appletalk Ʈ ׽Ʈ.
        6.2.6 appletalk Ʈ .
        6.2.7 ׿ .
     6.3 ATM
     6.4 AX25 (AF_AX25)
     6.5 DECNet.
     6.6 EQL - multiple line traffic equaliser
     6.7 ̴.
     6.8 FDDI
     6.9 Frame Relay
     6.10 IP ī.
     6.11 IP ˸ƽ.
     6.12 IP ̾
     6.13 IPX (AF_IPX)
     6.14 IPv6

  ______________________________________________________________________

  1.    ޶ .

  Additions:
            lots of things.
    Corrections/Updates:
            everything.

  2.  Ұ

   NET-FAQ   ťƮ Ʈ ۵Ǳ 
  Matt Welsh   Ʈŷ õǾ  Ÿ 鿡
    ϱؼ ۼǾ. װ ʱ  Ʈŷ
  Ŀο  κ  ٷ ִ. net-2-howto net-faq ̾
  ̸,  LDP howt o  ϳ,  Ʈŷ
  Ʈ  2, Ŀ  3 Ҹ  ͵鿡  밡
  ϰ ִ.   ٽ net-2-howto ̾  ̸ ̰
    3  Ʈŷ Ŀΰ 谡 ִ.

    ʱ װ      
   ũⰡ ô Ŀ. ̷  ذϱ  Ư Ʈŷ
   ٷ howto ܳ Ǿ.   谡 Ǵ
  κп ׵  ͸ ϸ, ٸ  ٷ
  ʴ  ٷ  ̴.

  2.1.  Feedback

   feedback ġ ִ   ׻ Ѵ. 
  feedback̳   e-mail  ֱ ٶ.
  <terry@perf.no.itg.telstra.com.au
  <mailto:terry@perf.no.itg.telstra.com.au>>.

  3.      ΰ(net-3-howto-howto?).

      Ͱ 繵 ٸ.   
    ĥ ִ Ŀٶ   ͵ պκп, 
  κ   Ư  κ ϱ ؼ ݵ ˾Ƶξ
   Ϲ ͵   ֵ   ٽ ׷ Ҵ.

       Read the generic sections
         κ , ߿    κп Ǹ,
            ϱ ؼ ſ ߿ ͵̴.

       Consider your network
         ڽ Ʈũ  Ǿ ִ°(Ǵ 
         ɰΰ) ˾ƾϸ Ȯ  ϵ  
          ΰ ˰ ־ Ѵ.

       Read the technology specific sections related to your require
        ments
          ϴ ˰,   Ʈ
           ִ.  κ Ư    ׸
        ٷ.

       Do the configuration work
         ڽ Ʈũ ϵ ؾ ϸ, ߻ϴ 
           ؾ Ѵ.

       Look for further help if needed
          ذῡ  ʴ  ߻Ͽٸ, 
          , Ǵ  ׸ Ʈؾ ϴ 
        κ оƶ.

       Have fun!
        Ʈŷ̶ ſ ִ ̴. װ ܶ !

  4.  General Information about Linux Networking.

  4.1.   Ʈŷ Ŀ   .

  ̹ ִ implementation ŭ̳  ϴ  ο tcp/ip
     Ŀ implementation Ѵٴ  
  ƴϾ.   ִ implementation ϳ  ʱ ϴ
   U.S.L       ѵ īǶƮ
  ؼ ϴ implementat ion     Ȯ
  , Ǵ ̹ ִ°ͺ   ο  
     ̷.

  Ŀ Ʈũ ڵ  ̲   ڿڴ Ross
  Brio.  <biro@yggdrasil.com <mailto:biro@yggdrasil.com>>. Ross
  ϰ ҿϳ ſ  implementati on ƾ µ
  ̰ WD-8003 Ʈũ ̽ ī ̴  ̹
  ϵǾ. ̰    Ʈ ׽ð 
  ϱ⿡ ,      ڽ ӽ 
   ͳݻ ÷⵵ Ͽ. ̷ Ʈŷ  ϰ ִ
   ü з Ͼ, ᱹ Ross ־ Ұ
  з°   ġϴ  ȸ Ͽ Ross  
  ڸ   .

  ︸ ϻ ȯӿ Ʈ ϰ  
  𰡸    å ޾Ƶ̴    ۾
  ˸Ű Ǿ,       ҷ ڸ
  ִ.

  Orest Zborowski <obz@Kodak.COM <mailto:obz@Kodak.COM>>  
   BSD  α׷ ̽ ´. ̰ ̹
  ִ Ʈũ α׷     Ҽ
  ְ ν Ŀٶ  ̷´.

  ̶ ٸ 򰡿 Laurence Culhane <loz@holmes.demon.co.uk
  <mailto:loz@holmes.demon.co.uk>>   SILP  ϱ
    ̹  ´. ̰   Ʈŷ ＼
  Ҽ   ο Ʈŷ Ʈ Ҽ ֵ
  ־.     Ʈ ͳ  µ
  ϱ⵵ Ͽ. ̰   Ʈũ  Եȴٸ
  ɼִ ɼ    ְ Ͽ, 
  Ʈ ŷ Ʈ   ϰ ϴ ڼ
  þ ߴ.

  Ʈŷ  ϴµ    ѻ ٷ Fred Van
  Kempen̾ . <waltje@uwalt.nl.mugnet.org
  <mailto:waltje@uwalt.nl.mugnet.org>>. Ross  ڷμ
  ġ  Ȯ ⰣĿ Fred  ð 
  Ͽ      ޾Ƶ鿴. Fred
   Ʈŷ Ʈ ̲ ⿡  ߽ ȹ
   ־, ̷   .  Fred 'NET-2' Ŀ
  ڵ Ҹ Ϸ Ʈŷ ڵ带  ´µ(Ros s Ϳ
   'NET'), ̰   ϰ ̿Ҽ ־.

  Fred     ȿ ־µ, ̳
   ̽ ̽, Ƹ߾  AX.25  , 
    ε Ʈŷ implementation װ͵̴. Fred
  NET-2 ڵ    ڵ鿡  Ǿ,   
  Ʈ Ѵٴ    ؼ þ.  ñ
  Ʈŷ Ʈ Ĵٵ Ŀ ο   ġ Ұ,
    Ե ʾҴ. net -faq ̾ net-2-howto
   ͵ ϵ   ν  Ѵ. Fred 
  Ĵٵ Ʈũ implementation  ű  ߿ ־
  ̰ ð ɸ ̾. ڵ   ϰ ϰ
  80%  ڸ ų ִ  ϸ γ Ҿ
  Ross    ڷμ Fred  з
  ܳ.

  Alan Cox <iialan@www.linux.uk.org <mailto:iialan@www.linux.uk.org>>
  ̷ Ȳ Ÿϱ  ذå ߴ. ״ Fred net-2
  ڵ带   ϰ    γɾ 
  Ű, зκ Fred  ִµ   ڽ ۾
  Ҽ ְ ־. Alan `Net-2D(ebugged)' Ҹ ڽ ù°
    Ʈŷ ڵ带 Ű ̷ ϵ س . 
  ڵ   ȯӿ ϰ  ڵ 
  ϰ ־. Alan Ȯ  Ʈ   ִ ڽŸ
      ־, NET-2 ڵ   
  ǵ  . ű⿡  Ʈŷ ȸӿ δٸ
  ΰ ׷  µ, ϳ 'ϴ ϰ ,  ڿ  
  ' ö   ־, ٸ ϳ 'ƿ ó 
  ' ö  ־ . Linus ᱹ 縦 ϰ,
  Alan  ¿  ǥϸ,  ڵ带 Ĵٵ Ŀ 
  Խ״. ̰ Fred     . ӵǴ
  ߵ  ڵ带 ϰ ׽  Ұ Ǹ,   
      ǹߴ. Fred ª Ⱓ 
   ϴ ᱹ ϰ , Alan  Ʈŷ Ŀ 
    ο  Ǿ.

  Donald Becker <becker@cesdis.gsfc.nasa.gov
  <mailto:becker@cesdis.gsfc.nasa.gov>>  Ʈũ ο  
    ڽ  巯   ̴ ̹
  س´.   Ŀο    ̴ ̹
  Donald  ߵȰ ̴. ߿   ٸ 鵵 
  Donald   ǳ  Ư ̾ Ѵ.

  Alan 󸶵 ؼ NET-2-Debugged ڵ带   'TODO'
   Ʈ 巹 ä ִ   .
   Ŀ 1.3.* ̻ 巯 Ŀ Ʈŷ ڵ 
   ̵Ǵ NET-3  . Alan Ʈŷ ڵ 
  ٸ 鿡 ۾  س  Ʈŷ Ŀ´Ƽ 
   ִ    ޾  ⿡ ڵ带 
  . Alan ̳ Ʈũ  ̽  ǥ AX.25 ׸
  IPX implemenatation   ´. Alan  ؼ  ڵ带
  ֹŷȰ(? ^^;)  ¿ ̸   .

  PPP  Michel Callahan <callahan@maths.ox.ac.uk
  <mailto:callahan@maths.ox.ac.uk>> Al Longyear< longyear@netcom.com
  <mailto:longyear@netcom.com>> ؼ ߰Ǿµ ̰ ũŷ
      ϴ    ġ
  ̾.

  Jonathon Naylor <jsn@cs.nott.ac.uk <mailto:jsn@cs.nott.ac.uk>>
  Alan AX.25 ڵ忡 NetRom   ߰ν Ŀٶ 
  ߴ. AX>25/NetRom   ߿ ѵ   ٸ 
  ü ̸ ǥ     ̴.

   Ʈŷ Ʈ  ߿     
  ܿ  ִ. ̵    Ưκп ġ
  ɰ̴.    ٸ , ̹,  , ,
  ׽Ʈ Ʈ, ׸    ߴ.  ͵ 
  ߿  ߴٰ    ׵ Ҽִ ͵ ߴ.
   Ŀ Ʈŷ ڵ    Ÿ 
    Ǹ  ȴ. װ   ʾҴٸ,
  غ ϶. װ    ʾҴ.

  4.2.   Ʈŷ  ٸ  𿡼 ΰ?

   Ʈŷ Ͽ    ִ  Ұ ִ.

    Ŀ Ʈŷ ڵ ̳ Alan Cox 
  Ʈŷ   ׸  ߵǴ ͵ ϴ www 
  ϰ ִ.  <www.uk.linux.org/NetNews.html
  <http://www.uk.linux.org/NetNews.html>>.

  ٸ  Ҵ Olaf Kirch  Network Administration Guide
  å̴.   Linux Document Project ۾̸
  <sunsite.unc.edu/LDP/ <http://sunsite.unc.edu/LDP/>>   ̰
  Network Administration Guide HTML    ִ.
  <sunsite.unc.edu/LDP/LDP/nag/nag.html
  <http://sunsite.unc.edu/LDP/LDP/nag/nag.html>> ׷  
  the sunsite.unc.edu LDP ftp archive پ  Ȱ Ҽ
   . <sunsite.unc.edu/pub/Linux/docs/LDP/network-guide/
  <ftp://sunsite.unc.edu/pub/Linux/docs/LDP/network-guide/>> Olaf
  Kirch å ϱⰡ   󿡼 Ʈũ   
     Ѵ.

     Ʈŷ õ о߿ ϴ ׷쵵
  ִ.  comp.os.linux.networking <news:comp.os.linux.networking>

   Ʈŷ   Ҽִ  Ҽ ִ ϸ
   Ʈ ִ.  ϱ ؼ   :

  To: majordomo@vger.rutgers.edu <mailto:majordomo@vger.rutgers.edu>

         Subject: anything at all
         Message:
      subscribe linux-net

   IRC Ʈũ 󿡴   ä #linux  ⿡
    Ʈŷ     ִ.   
  Ҷ   õ   ؾ ϴ° ض.
  Ư  ڽ ϴ Ʈ  ؾ ϴ 
  Ư Ŀ , pppd dip  , ׸  
   Ư Ȯ ؾ Ѵ. ̰   ɰ Ÿ
  ޽  Ȯ  ؾ  ǹѴ.

  4.3.  𿡼  ѵ  Ʈũ   ִ°?

   tcp/ip Ʈŷ ⺻ н ģ¶  
  ã  Ѵ.

  tcp/ip introduction

  this document comes as both a text version
  <athos.rutgers.edu/runet/tcp-ip-admin.doc
  <ftp://athos.rutgers.edu/runet/tcp-ip-admin.doc>> and a postscript
  version <athos.rutgers.edu/runet/tcp-ip-admin.ps
  <ftp://athos.rutgers.edu/runet/tcp-ip-         admin.ps>>.

  tcp/ip     ˰ ڶ   
  õ Ѵ.
  "Internetworking with TCP/IP"

         by Douglas E. Comer
      ISBN 0-13-474321-0
         Prentice Hall publications.

  н ȣȯ ȯ濡 Ʈũ ø̼ ۼ   ʹٸ,
     õѴ.

  "Internetworking with TCP/IP"

         by Douglas E. Comer
      ISBN 0-13-474321-0
         Prentice Hall publications.

  comp.protocols.tcp-ip  ִ. <news:comp.protocols.tcp-ip>

  ͳݰ tcp-ip  suite õ Ư   ߿
  ҽϳ ٷ RFCs̴. RFC 'Request For Comment' Ӹ̸,
  ͳ   ǥ ϰ ť ϴ ǥ ̴.
  RFC ϰ ִ°   ִ.  Ʈ κ FTP
  Ʈ̸ Ư Ű RFC  ͺ̽ ˻Ҽ ְ ѳ
  www Ʈ ִ.

  RFC  ҽ ϳ  ִ.
  <pubweb.nexor.co.uk/public/rfc/index/rfc.html
  <http://pubweb.nexor.co.uk/public/rfc/index/rfc.html>>

  5.  Ϲ Ʈũ  õ .

   κе   ڽ Ʈũ ϱ ˰
   ʿ䰡 ִ ͵̴. ̵  ġϷ Ʈũ
  Ȯ Ư  Ǵ ⺻ ̴.

  5.1.  Ϸ  ʿѰ?

  Ʈũ ġϰ ϱ  ʿ   ִ. 
  ߿Ѱ  ͵̴.

  5.1.1.   Ŀ ҽ

    ϰ ִ Ŀ  ϰ ;ϴ Ʈũ
  Ÿ ̳ ī   ֱ⶧  ɼ Ŀ
  ٽ ϱ ؼ Ŀ ҽ ʿϴ.

   ftp.funet.fi ֽŹ Ŀ ҽ  ִ.
  <tp.funet.fi/pub/Linux/PEOPLE/Linus/v2.0
  <ftp://ftp.funet.fi/pub/Linux/PEOPLE/Linus/v2.0>>

   Ŀ ҼҴ  /usr/src/linux 丮 tar̹ Ǯ Ѵ.
    ġ ϰ Ŀ ΰ   ˱ ؼ
  kernel- howto о Ѵ. kernel-module   ˰ʹٸ
  module-howto о Ѵ.

  Ư  ʴ   ǥ Ŀ ( ѹ ι
  dig it ¦ Ȱ) ϱ ٶ.   Ŀ(ι°
  digit Ȧ  ) ýۻ ٸ Ʈ  ų ִ
   ü   ٸ ȭ  ִ.  ׷ 
   ذҼ ִٰ Ȯ ʴ,   Ʈ
   ó Ȯ   װ  .

  5.1.2.   Ʈũ .

  Ʈũ   Ʈũ ̽ ϱ  ϴ
   ׷̴.  ̷  ̽ ּҸ Ҵϰ
  ְų  Ʈ Ҽ ְ ش.

  κ ֽ   Ʈũ  Բ ǹǷ,
      νϰ, Ʈũ  ν
  ʾҴٸ ̰ ؾ  Ѵ.

   ġ ʾҴٸ   ҽ شٰ ؾ
   ʿ䰡 ִ. ̰ ״  ʴ.

  Ʈũ    Bernd Eckenfels  Ǹ, ftp.inka.de
    ִ.  <ftp.inka.de/pub/comp/Linux/networking/NetTools/
  <ftp://ftp.inka.de/pub/comp/Linux/networking/NetTools/>> and are 
   ̷Ǿ ִ.
  <ftp.linux.uk.org/pub/linux/Networking/PROGRAMS/NetTools/
  <ftp://ftp.linux.uk.org/pub/linux/Networking/PROGRAMS/NetTools/>>.
   ϰ ϴ Ŀ     ؾ 
   ϶. ׸ ν Ϸ Ű  ø .

  ̱ ۼϴ   νϰ ϰ Ѵٸ 
   ؾѴ.

  #
    # cd /usr/src
    # tar xvfz net-tools-1.32-alpha.tar.gz
    # cd net-tools-1.32-alpha
    # make config
    # make
    # make install
    #

  ߰, ̾  ϰ, IP ӽĿ̵带 ϰ ʹٸ
  ipfwadm   ־ Ѵ. װ ֱٹ  ftp.xos.nl
  <ftp://ftp.xos.nl> Ҽִ.  <ftp.xos.nl/pub/linux/ipfwadm
  <ftp://ftp.xos.nl/pub/linux/ipfwadm>>., װ Ҽִ 
    Ƿ,  Ŀΰ    
  ϵ ؾ .

    ۼϴ ñ  ġϰ Ϸ,  
  ϶.

  #
    # cd /usr/src
    # tar xvfz ipfwadm-2.3.0.tar.gz
    # cd ipfwadm-2.3.0
    # make
    # make install
    #

  5.1.3.  Ʈũ  α׷

  Ʈũ  α׷̶ telnet, ftp  α׷  
  α  Ѵ. David Holland<dholland@hcs.harvard.edu
  <mailto:dholland@hcs.harvard.edu>>  ̵ α׷  κ
  ϰ ִ.  ftp.linux.uk.org <ftp://ftp.linux.uk.org>
  װ Ҽ ִ.  <ftp.uk.linux.org/pub/linux/Networking/base
  <ftp://ftp.uk.linux.org/pub/linux/Networking/base>>.    ۼϴ
  ñ  ġ, Ϸ   ϶.

  #
    # cd /usr/src
    # tar xvfz /pub/net/NetKit-B-0.08.tar.gz
    # cd NetKit-B-0.08
    # more README
    # vi MCONFIG
    # make
    # make install
    #

  5.1.4.  Addresses.

  ͳ  巹 4 Ʈ ̷. ̰Ϳ  Ǵ
   Ҹ 'dotted decimal notation'̶ Ҹ ÷ ϴ ̴.
  ̷ for m  Ʈ 0 ƴ ̻󿡴  0 
  (0 255) 10 ȯǸ,  Ʈ '.' ڷ иǾ
  . װ   ȣƮ   ̽
  IP 巹 .  ȯ ӿ  ӽŻ  Ʈ
  Ͽ  IP 巹 ϴ   չ  
  ̽ ڽŸ ּҸ ⸶̴.

  ͳ  Ʈũ  ִ IP 巹 ̴.
  Ʈ ũ  巹   (digit)
  巹 ϰ ִ.  Ʈũ 巹  κ
  'network portion'̶  . 'network portion'  
  κ 'host portion'̶ Ҹ . Ʈũ  巹 
  Ǵ bit netmask Ҹµ,   巹 װ 
  Ʈũ ϴ,  ʴ   netmask ̴.
    캸.

  -----------------  ---------------
    Host Address       192.168.110.23
    Network Mask       255.255.255.0
    Network Portion    192.168.110.
    Host portion                  .23
    -----------------  ---------------
    Network Address    192.168.110.0
    Broadcast Address  192.168.110.255
    -----------------  ---------------

  netmask 'bitwise anded' 巹 ڽ  Ʈũ
  巹  ϰ ɰ̴. ׷Ƿ Ʈũ 巹 ߿
      巹 ׻ network address Ǵ°̴. 
  ׻ 0 ڵ

  εĳƮ 巹 ڽ Ư 巹 Ͽ Ʈũ
   ȣƮ  Ư 巹̴.  巹 Ʈũ 
   ȣƮ  ÿ Բ Ҷ ͱ׷  巹̴.
  'εĳƮ ̾ ϴ°'  Ǵ 
  Ǵ ΰ ǥػ  ִ.  θ ޾Ƶ鿩 ִ°
  ش Ʈũ    ϴ 巹 εĳƮ
  巹 ϴ ̴.     192.168.110.255
  ȴ. ٸ Ʈ   Ʈũ  
  εĳƮ 巹 ϴ  äߴ.  
  ϴ° ϴ°     Ʈũ  ȣƮ
    εĳƮ 巹 Ǿ ִ° ݵ Ȯؾ Ѵ.
  IP    ʱ     ׷
  巹 Ʈũ  Ǿ, ̷ Ʈũ 'class' Ҹ
   ׷ȭǾ.   Ŭ ҴҼ ִ ǥ  Ʈũ
   ش. Ҵ   .

  ----------------------------------------------------------
    | Network | Netmask       | Network Addresses            |
    | Class   |               |                              |
    ----------------------------------------------------------
    |    A    | 255.0.0.0     | 0.0.0.0    - 127.255.255.255 |
    |    B    | 255.255.0.0   | 128.0.0.0  - 191.255.255.255 |
    |    C    | 255.255.255.0 | 192.0.0.0  - 223.255.255.255 |
    |Multicast| 240.0.0.0     | 224.0.0.0  - 239.255.255.255 |
    ----------------------------------------------------------

   巹 ؾ ϴ° Ȯ  ؾ
  ΰ   ޶. ʿ  巹  ؼ 
  ؼ ؾ Ѵ.

   IP Ʈũ  ӽ ġѴ.  IP Ʈũ 
  ӽ ġϰ Ѵٸ Ʈũ ڿ Ͽ  
   Ѵ.

  o  Host IP Address

  o  IP network address

  o  IP broadcast address

  o  IP netmask

  o  Router address

  o  Domain Name Server Address

     ׷  Ʈũ ̽  λ  Ѵ.
     ̰ ʰ    ϸ Ҽ .

  ͳݿ  ʴ  ο Ʈũ  ͳݿ 
    Ʈũ ٸ  ƹ 巹 Ҽ
  ִ. ׷  ϰ  Ư Ǿִ IP
  巹 ִ. ̰   RFC1597 õǾ ִ.

       -----------------------------------------------------------
          |         RESERVED PRIVATE NETWORK ALLOCATIONS            |
          -----------------------------------------------------------
          | Network | Netmask       | Network Addresses             |
          | Class   |               |                               |
          -----------------------------------------------------------
          |    A    | 255.0.0.0     | 10.0.0.0    - 10.255.255.255  |
          |    B    | 255.255.0.0   | 172.16.0.0  - 172.31.255.255  |
          |    C    | 255.255.255.0 | 192.168.0.0 - 192.168.255.255 |
          -----------------------------------------------------------

  켱 Ʈũ ũ⸦ ѵ ϴ ŭ 巹 ؾ
  Ѵ.

  5.2.     ־ ϴ°?

   ý Ʈ ν δٵ ٹ  ִ. Ŀ
    ڿ װ ׻ 'init'̶ α׷ Ѵ. init
  /etc/inittab ̶  а Ʈ  Ѵ. init
   ٸ Ư(fla vours) , ̷ پ缺  
  ӽ پ缺  ū  ȴ.

   /etc/inittab    Ʈ ϰ ִ.

      si::sysinit:/etc/init.d/boot

     Ʈ  ϴ shell ũƮ ̸
  Ѵ.    MS-DOS autoexec.bat ϰ ټ ϴ.

   Ʈ ũƮ  ȣǴ ٸ ũƮ  Ʈũ
  ̵  ȴ.

   ̺  ý ̵  𸣰ڴ.

  ------------------------------------------------------------------------
   |Interface Config/Routing                    |Server Initialisation
   ------------------------------------------------------------------------
   |/etc/init.d/network                         |/etc/init.d/netbase
   |                                            |/etc/init.d/netstd_init
   |                                            |/etc/init.d/netstd_nfs
   |                                            |/etc/init.d/netstd_misc
   ------------------------------------------------------------------------
   |/etc/rc.d/rc.inet1                          |/etc/rc.d/rc.inet2
   ------------------------------------------------------------------------
   |/etc/sysconfig/network-scripts/ifup-<ifname>|/etc/rc.d/init.d/network
   ------------------------------------------------------------------------
                             < Debian, Slackware, RedHat>

  밳     Ǵ Ʈũ ̽
  Ҽ ִ α׷ ϰ ִ. ̰ ִٸ  
  õϱ    ϴ  ִ ˾ƺ Ѵ.

      -----------------------------------------
         Distrib   | Network configuration program
         -----------------------------------------
         RedHat    | /sbin/netcfg
         Slackware | /sbin/netconfig
         -----------------------------------------

  5.3.  Ʈũ ̽ 

   н ýۿ Ʈũ ̽ /dev 丮 δ.
  ׷   ׷ ʴ.  Ʈũ ̽
  Ʈ    ǹǷ ̽   ʿ䰡
  .

  밳  Ʈũ ̽ ʱȭϴ  ̽ ̹
   ڵ  ϵ ġѴ.  ̴ ̽
  ̹   eth[0...n] ̽  ̴
  ϵ ġŲ.  ù° ߰ߵǴ ̴ ī eth0
  ι° ̴ ī eth1 ȴ.

  ׷  , slip Ǵ ppp , Ʈũ ̽ 
  α  ۿ . ̽  ̸
  ̴°   ̽ ýÿ ڵ 
  ʴ´. ̷    ̹ ޸ Ȱȭ slip, ppp
  ̽  ӽ ۵ð  ſ پϰ ޶
  ̴. ̷   κп ڼ ٷ ̴.

  5.4.  Ʈũ ̽ .

  ʿ  α׷ Ʈũ 巹, Ʈũ   
     Ʈũ ̽   ִ. Ʈũ
  ̽   Ҷ 츮 Ʈũ ̽ 
  ּ Ҵ ٸ ȯ    ÿ  ̾߱⸦
  ϴ°̴. ̸   θ Ǵ  ifconfig(interface
  configure)̴.

   Ʒ    ̴.

   # ifconfig eth0 192.168.0.1 netmask 255.255.255.0 up

    'eth0' ̴ ̽ IP 巹 '192.168.0.1' net
  mask 255.255.255.0 ϴ ̴. ɾ κ 'up'
  ̽ Ȱ ȭ ɰ ϰ ִ.

  Ŀ ̽ Ҷ  Ʈ Ѵ.  
  Ʈũ 巹 εĳƮ 巹   , 
  ó   ´ٸ Ŀ  IP 巹 Ŭ ٰ
  ո   ̴.   Ŀ ̽
  Ŭ-C Ʈũ ȴٰ  ϰ Ʈũ 巹
  '192.168.0.0', εĳƮ 巹

  ifconfig ɿ  ٸ ɼ ִ.  ߿  
  ̴.

      up
        ̽ ȰȭŲ.

      down
        ̽  ȰȭŲ.

     -arp
         ̽ 󿡼 address resolution protocol 밡ϰ,
         Ұϰ Ѵ.

     -allmulti
        ̽ 󿡼 promiscuous 带 /Ұϰ Ѵ.
        Promoscu ous  ش ̽   Ŷ̶
        ޾Ƶϼ ֵ ϴ 带 Ѵ. ̰ tcpdump ٸ Ŷ
        Ǫ α׷ ſ ߿ϴ.

     mtu N
         ̽ MTU Ҽ ְ ش.

     netmask addr
         ̽ ϴ Ʈũ netmask ϰ ش.

      irq addr
         Ķʹ Ư Ÿ ϵ ϳ,  ̽
          IRQ Ҽ ְ ش.

     -broadcast addr
         Ķʹ εĳƮ 巹  ͱ׷ 
         ϰ ϰų, Ȥ  ͱ׷ Ұϰ Ѵ.

     -pointopoint addr
         Ķʹ slip, ppp point to point ũ ݴ볡 ִ
          ּҸ ϵ ش.

      hw <type> <addr>
         Ķʹ Ʈũ ̽ Ư Ÿ ϵ
        巹 ϵ ش. ̴ݿ ״  
        AX.25  ٸ Ÿ Ʈũ ϴ.

     ifconfig
          Ʈũ ̽ Ҽ ̴.
        pppd, dip   α׷ Ʈũ ̽ 鶧
        ڵ  ϹǷ  ifconfig ɻ ʿ ʴ.

  5.5.   ؼ(Name Resolver) .

   ģ IP 巹 ȯϴ 񽺸 ϴ ̴.

  5.5.1.  ̸  ֳ?

   ͳ ȣƮ   ͼϳ, װ 
  Ǵ    𸥴. ͳ  
   , ٽ ؼ Ʈ  ´. 'domain'̶
  ϴ°  Ǵ ׷ ̸̴. 'domain' 'subdomain'
    ִ. 'toplevel'  굵 ƴ 
  ǹѴ. Top Level Domain RFC920 õǾ ִ.   
   TOP LEVEL  ̴.

      COM
        Commercial Organisations()

      EDU
        Educational Organisations()

     GOV
        Government Organisations(α)

     MIL
        Millitary Organisations()

     ORG
        Other organisations(ٸ)

     Country Designator
        these are two letters codes that represent a particular country.

  (Ư  Ÿ  α ڵ. : ѹα -> kr)  top
  level  굵  ִ.  ̸  top
  level  com, edu, gov, mil, org ο  굵
  ȴ. ν, Ʈϸ  Ǵ α Ÿ
    com.au, gov.au  . '.us' ڵ带 
    ϰ,   top level   ʴ 
    ̱  Ÿ  ȴ.

      ̸ Ÿ ؼ ȴ.  
     ſ پѵ,     
   ι  ٰϰ ȴ. ׷ ̰  Ʈũ
  ڿ  ո ǹְ  ؿ  ΰ ȴ.

     κ ׻ ȣƮ ӽſ Ҵ Ư ̸̸
  'ȣƮ '̶ Ҹ. ӿ ȣƮ  κ '
  '̶   ̰ Ǯ 'Fully Qualified Domain Name'̴.

   ̸ ȣƮ   , 'Fully Qualified Domain Name'
  'perf.no.  itg.telstra.com.au'̴. ̰ ȣƮ 'perf'
  γ 'no.itg.t elstra.com.au' ǹѴ.   
   Australia ٰ to p level ο  θ  ̸
  巹  ϹǷ    '.com' 
  ִ. ȸ ̸ 'Telstra'̸  ۸  
  δµ,    ӽ Infomartion Technol ogy Group Network
  Operation μ Ѵ.

  5.5.2.  п ʿ .

  ڽ ȣƮ  ο ϰ Ǵ ˾ƾ  ʿ䰡 ִ.
  Name resolver Ʈ 'Domain Name Server' ó 
  ν    񽺸 Ѵ. ׷Ƿ ڽ Ҽ ִ
   Ӽ IP 巹 ˾ƾ  ʿ䰡 ִ.

   ʿ䰡 ִ  3 ִµ, ̰ ʷ ٷ ڴ.

  5.5.3.  /etc/resolv.conf

  /etc/resolv.conf  ؼ ڵ带    ̴. ̰
   ſ ϴ. ϳ ο ϳ Ű带  ؽƮ
  ̴.   Ǵ Ű 3 ִµ  .

     domain
         Ű   Ѵ.

     search
         Ű ȣƮ ã Ҽ ִ γ
        Ʈ  Ѵ.

     nameserver
         Ű  ٵ,  ؼ Ҷ Ǹ  
          IP 巹 ϱ  ȴ.

  /etc/resolv.conf    ó δ.

      domain maths.wu.edu.au
         search maths.wu.edu.au wu.edu.au
         nameserver 192.168.10.1
         nameserver 192.168.12.1

    з  (γ   ȣƮ) 
   Ʈ γ maths.wu.edu.au ϰ,  ȣƮ 
  ο ߰ߵ  wu.edu.au ο  ãƺ
  Ѵ. ΰ  Ӽ Ʈ Ǵµ, ̵  
  ؼҶ Ѵ.

  5.5.4.  /etc/host.conf

  /etc/host.conf  name resolver ڵ ൿ ϴ 
    ̴.    'resolv+'   ڼ
  Ǿ ִ.    ȯ濡    Ұ̴.

      order hosts,bind
         multi on

     ؼ⿡, Ӽ ϱ  /etc/hosts
  üũ   /etc/hosts Ͽ ߰ߵǴ ù° 巹 Ӹƴ϶
   ȿ   Ұ ش.

  5.5.5.  /etc/hosts

  /etc/hosts   ȣƮ Ӱ IP 巹 ִ ̴.
   Ͽ ȣƮ  IP 巹    
     ʿ䰡 .   ϴµ   ȣƮ
  IP 巹   ڽ Ʈ ؾѴٴ ̴.  Ǵ
  ý  Ͽ ̴ ȣƮ  ̽ 
  ȣƮ   Ʈ ̴.

      # /etc/hosts
         127.0.0.1      localhost loopback
         192.168.0.1    this.host.name

  ù° Ʈ ִ ٿͰ  ο Ѱ ̻ ȣƮ
      ִ.  ù° Ʈ  ̽
   ǥ Ʈ ̴.

  5.6.   ̽ .

  ̴̽. ̸ ϰ   ſ پѵ, Ʈũ ٸ
   ڸ  ʰ Ʈũ Ʈ ׽Ʈϰ  
  ..    ȴ. ӿ  IP 巹 '127.0.0.1' 
     Ǿ ִ. ׷Ƿ  ӽ ϴ,
  127.0.0.1 ڳ Ŀؼ   ȣƮ ϰ ȴ.

   ̽ ϴ° ϸ,  и ־
  Ѵ.

      # ifconfig lo 127.0.0.1
         # route add -host 127.0.0.1 lo

   κп 츮 route ɿ  ڼ ٷ̴.

  5.7.  .

   Ŵ ̴. ̰Ϳ ؼ û  ؽƮ
  ۼϴ   ϴ. κ  ÿ   䱸
  Ұ̳,   ׷ ʴ.    ⺻׸
  ٷ̴.     ִٸ   ۺκп
  ִ ۷   ٶ.

  ǿ Բ . IP ̶ ü ΰ?   ϴ
    ϳ ִ.

  IP ̶ ȣƮ  Ƽ Ʈũ ͱ׷  
  ̴.

    ϴ° ڴ.  ǽ ͸ غ.
  װ Ƹ ͳݿ   ppp ũ, ũ̼ǿ ϴ
   ̴  ׸Ʈ ٸ ǽ ppp ũ 
  ̴.  Ʈũ Ŀؼκ Ͱ ͱ׷ ,
  ̶  ͱ׷   Ʈ ΰ 
  Ŀ̴.  ȣƮ   ʿϸ  ͳ
  ȣƮ ΰ Ʈũ ̽ µ    
   ̸̽ ٸ ϳ ̴ Ȥ PPP, SLIP  
  Ʈũ ̾߱⸦ ϱ ϴ ̴̽.

  OK, ׷ ̶  ϴ ΰ?  ȣƮ 
  ̺  Ҹ   Ư Ʈ  ִ. 
  ̺ ּ 3 ʵ带   ϴµ, ù° ʵ 
  巹, ι° ʵ ͱ׷ õ ̽ ̸,
  ° ɼ Ʈũ     ͱ׷ 
  ٸ ӽ 巹  ִ.    ̿Ͽ 
   ̺ 캼 ִ.

       # cat /porc/net/route

   μ ſ ϴ:  ͱ׷ ް, 
  巹  Ͽ ̺  Ʈ Ѵ. ش 巹
     ϴ Ʈ ϰ õ ̽ ͱ׷
  Ѵ.  Ʈ ʵ尡 ä ִٸ ͱ׷ ̽
    ȣƮ Ǹ, ׷  ̽ ϴ
  Ʈũ ִٰ  .

   ̺ ϱ ؼ Ư  Ѵ.  
  Ŀǵ   ޾Ƽ Ŀ ̺ Ʈ ߰, ,
  ϵ û ϴ Ŀ ý ݷ ȯѴ.   'route'
  Ҹ.

    ִ.  ̴ Ʈũ  ִٰ غ.
    192.168.1.0 巹  class-C Ʈũ .
   ڽ  ϱ  192.168.1.10 ϰ, 192.168.1.1
  ͳݿ  Ͷ ´.

  ù°   Ѵ ̽ ϴ ̴. 
     Ѵ.

       # ifconfig eht0 192.168.1.10 netmask 255.255.255.0 up

   192.168.1.* ġǴ  巹  ͱ׷ 
  ̴  ̽   ̺ Ʈ ߰ؾ Ѵ.

       # route add -net 192.168.0.0 netmask 255.255.255.0 eth0

  ֱ ؼ̴. ⼭ Ҽִ ٸ  'ȣƮ' Ʈε
  ̰   IP 巹 õǴ route̴.

   Ʈ  ̴ ׸Ʈ ִ  ȣƮ Ŀؼ
    ϰ ش.  ڽ ̴ ׸Ʈ  
  ٸ  IP ȣƮ  Ǵ°?

     Ʈũ route ߰ϴ°  
  ̹Ƿ,  ۾ ϰ ִ Ư Ʈ ִ.  Ʈ
  'Ʈ' Ʈ  Ҹ. Ʈ Ʈ   
  ġ ϹǷ û  巹 ġϴ 巹 ִٸ
  Ʈ Ʈ ſ ̰  ȴ. Ʈ Ʈ ̵
  " ̰" ϴ°   ش.   
   Ʈ ϵ Ͽ.

       # route add default gw 192.168.1.1 eth0

   route ɿ ˷ش.  Ʈ ġϴ  ͱ׷
       Ʈ̷  Ѵ.

  ׷, ϼ    ϰ̴.

       # ifconfig eth0 192.168.1.10 netmask 255.255.255.0 up
          # route add -net 192.168.0.0 netmask 255.255.255.0 eth0
          # route add default gw 192.168.1.1 eth0

  ڽ Ʈũ 'rc'   캻ٸ ̿ ϰ ̴°
   ϳ ߰ϰ ɰ̴. ̰ ſ Ϲ ̴.

   ణ     캸. ͳ PPP ũ
  繫  ũ̼ǿ  ׸Ʈ ϴ ͸ Ѵٰ
  غ. P PP ũ ϳ ̴ ׸Ʈ 3  ͸
  Ѵٰ غ .     ϰ̴.

       # route add 192.168.1.0 netmask 255.255.255.0 eth0
          # route add 192.168.2.0 netmask 255.255.255.0 eht1
          # route add 192.168.3.0 netmask 255.255.255.0 eth2
          # route add default ppp0

   ũ̼  Ÿͺ   ϰ, ʹ
   Ʈũ Ʈ(route)  ʿ䰡 ִ. ũ̼ǿ ־
  Ʈ  Ŀ Ͱ  иؾ ϴ°  Ƴ̱
  ̴.    Ÿ Ʈ Ʈ 'gw'  
   ñ   𸥴.  ſ ѵ PPP SLIP 
  ø ũ  Ʈũ ܿ Ѵ뾿,  δ ȣƮۿ
   ̴. ũ ݴ볡  ִ ȣƮ Ʈ̷ ϴ
   ǹϰ  ̴.  ĸ ٸ   
   ̷ Ÿ Ʈũ Ŀؼǿ  Ʈ̸  ʿ䰡
  . ̴, ũ(arcnet), ū   Ʈ̸ 
  ϴµ ̵ Ʈũ  ȣƮ ֱ  .

  5.7.1.  õ α׷  ϴ°?

   ޵    ±  ϳ 
  Ʈũ Ʈ   ȴ.   Ʈũ
  ؾ    ϴ. ̵ κ 鿡 ̰
  ȭŸ ʴ´.

  ũ ӽ̳ ũ  ͱ׷ ٸ  
  Ѵٸ(ٸ  )  ̵ ϰ   ؾ
  Ѵٴ ̴.  翬 ̰ , û糳, ǿ̰,
  ٶ  ̴. Ʈ ũ     Ʈ
  ڵ Ű پ ũ  ߵǾµ, ̷ 
  ׷ '̳  '̶   ϰ ִ.

   Ϲ ̳  ݿ   𸥴.
   θ ˷  Ƹ RIP(Routing Information Protocol)
  OSPF(Open Shor test Path First Protocol) ̴. RIP ߰ 
   ü Ʈũ   Ʈũ   ȴ. OSPF
   ̰  ū Ʈ ũ ٷ ɷ ִ. 
  Ʈũ     (pat h) ִ ȯ濡 ϴ. 
  ݵ Ϲ  'routed'-RIP,   'NetKit'
  Ű ԵǾ ִ.

  ̳      ΰ ϴ ,
  ó ϰ̴.

        192.168.1.0 /                         192.168.2.0 /
           255.255.255.0                         255.255.255.0
         -                                     -
         |                                     |
         |   /-----\                 /-----\   |
         |   |     |ppp0   //    ppp0|     |   |
    eth0 |---|  A  |------//---------|  B  |---| eth0
         |   |     |     //          |     |   |
         |   \-----/                 \-----/   |
         |      \ ppp1             ppp1 /      |
         -       \                     /       -
                  \                   /
                   \                 /
                    \               /
                     \             /
                      \           /
                       \         /
                        \       /
                         \     /
                      ppp0\   /ppp1
                         /-----\
                         |     |
                         |  C  |
                         |     |
                         \-----/
                            |eth0
                            |
                       |---------|
                       192.168.3.0 /
                          255.255.255.0

  A,B,C  Ͱ ִ.  Class C IP Ʈũ(netmask
  255.255.25 5.0) ̴ ׸Ʈ Ѵ.   Ϳ ٸ
  ͷ PPP  ũ ִ. Ʈũ ﰢ ̷.

   A  ̺ ó ϰ ϴ.

       # route add -net 192.168.1.0 netmask 255.255.255.0 eth0
          # route add -net 192.168.2.0 netmask 255.255.255.0 ppp0
          # route add -net 192.168.3.0 netmask 255.255.255.0 ppp1

  ̰  A  B  ũ     
  ̴.   ũ      Ʈ
   A ̴  ׸Ʈ ȣƮ ̴ ׸Ʈ B  ִ
  ȣƮ  ϴµ, ͱ׷  A   ppp0
   ̴. ׵    ׸Ʈ C  ȣƮδ
  Ҽ , C ̴ ׸Ʈ ȣƮ  B ̴
  ׸Ʈ ȣƮ ̾߱⸦ Ҽִµ, B  C  ũ 
   ʰ ֱ ̴.

  , A  C  Ҽ ְ, C  B  Ҽ ִٸ ° A  C 
  B  C Ͽ ͱ׷ B  ʴ°? ̷
  ٷ RIP   ̳   ذϵ  ׷
  ̴. A, B, C  Ͱ     , ũ
  ϳ  ٸ  ̺ ο Ʈũ Ȳ ݿϿ
  ڵ ɰ̴. ̷ Ʈ ũ ϴ  ϸ, 
  Ϳ  ΰ ָ ȴ.    A  Ͽ,

       # route add -net 192.168.1.0 netmask 255.255.255.0 eth0
          # /usr/sbin/routed

    ȣƮ  ̺ ϰ Ʈ   ֵ 
  Ʈ ũ ̽ ޼   ´.

  ̰  ̳     ִ  
   ̴.  ڼ  Ѵٸ  ùκп õ
    ٶ.

  ̳ ÿ Ͽ ߿ ..

  1.   ӽ   پ Ʈ 
     ̳    ʿ䰡 ִ.

  2. ̳   Ʈũ ȭ Ͽ ڵ 
        ̴.

  3. RIP  Ǵ ߰  Ʈũ ϴ.

  5.8.  Ʈũ   .

  Ʈũ  񽺴  ڰ   ӽ
  Ҽְ ϱ α׷̴.  ڴ  ӽ, 
  α׷ Ǵ  Ʈũ  Ŀؼ Ͽ ش Ʈ
  Ŀؼ ޾Ƶ  Ѵ. Ʈũ  ϴ 
  ΰ ִ.

     standalone
        Ʈũ   Ʈũ Ʈ ޼  
        Ŀ ؼ Ǿ Ʈũ Ŀؼ ϰ 񽺸
        Ѵ.

     slave to the inetd server
        inetd   Ŀؼ  ϴ Ư Ʈũ
          α׷̴. tcp Ȥ udp  Ʈ Ư 
         ,  α׷ Ǿ ϴ° ִ
          ִ.  Ʈ ٸ Ͽ Ǿ 
        ̿ ؼ  ̾߱  Ұ̴.

   ؾߵ ΰ ߿  ִ.  Ʈѹ Ҵϴ
  /etc/services ϰ inetd Ʈũ    /etc/inetd.conf
   ̴.

  5.8.1.  /etc/services

  /etc/services  ΰ ģ  Ӱ 迡 ģ
  Ʈѹ  ִ  ͺ̽ ̴. ̰  ſ
  ϴ.     ͺ̽ Ʈ Ÿ ؽƮ
  ̴.   Ʈ   ̽(tab Ǵ space)
    ʵ   ִ.  ʵ Ʒ .

  name       port/protocol       aliases         #comment

     name
        Ǵ 񽺸 Ÿ  ̴ܾ.

     port/protocol
         ʵ ΰ  ʵ .

     port
         񽺰  Ʈѹ ϴ ̴. 
        ϴ 񽺿 Ҵ  ѹ ִ. ̵ RFC-1340
         ִ.

      protocol
         ʵ tcp udp õȴ.

        18/tcp  18/udp  Ʈ  ٸ ϸ,  
         񽺰 ΰ  ؾ ϴ   
          Ƶδ° ߿ϴ.  Ϲ  θ
        ְ, Ư   tcp, udp   ϴٸ  
        ο  Ʈ   ̴.

     aliases
          Ʈ Ÿ  Ǵ ٸ ̸

  5.8.1.1.  /etc/services  .

     Ǹ /etc/services  Ѵ. 
   ο ӽ  Ҷ,   ϴ
  /etc/services   ִ.

  # /etc/services:
    # $Id: services,v 1.3 1996/05/06 21:42:37 tobias Exp $
    #
    # Network services, Internet style
    #
    # Note that it is presently the policy of IANA to assign a single well-kn
  own
    # port number for both TCP and UDP; hence, most entries here have two ent
  ries
    # even if the protocol doesn't support UDP operations.
    # Updated from RFC 1340, ``Assigned Numbers'' (July 1992).  Not all ports
    # are included, only the more common ones.
  tcpmux          1/tcp                           # TCP port service multip
  lexer
    echo            7/tcp
    echo            7/udp
    discard         9/tcp           sink null
    discard         9/udp           sink null
    systat          11/tcp          users
    daytime         13/tcp
    daytime         13/udp
    netstat         15/tcp
    qotd            17/tcp          quote
    msp             18/tcp                          # message send protocol
    msp             18/udp                          # message send protocol
    chargen         19/tcp          ttytst source
    chargen         19/udp          ttytst source
    ftp-data        20/tcp
    ftp             21/tcp
    ssh             22/tcp                          # SSH Remote Login Protoc
  ol
    ssh             22/udp                          # SSH Remote Login Protoc
  ol
    telnet          23/tcp
    # 24 - private
    smtp            25/tcp          mail
    # 26 - unassigned
    time            37/tcp          timserver
    time            37/udp          timserver
    rlp             39/udp          resource        # resource location
    nameserver      42/tcp          name            # IEN 116
    whois           43/tcp          nicname
    re-mail-ck      50/tcp                          # Remote Mail Checking Pr
  otocol
    re-mail-ck      50/udp                          # Remote Mail Checking Pr
  otocol
    domain          53/tcp          nameserver      # name-domain server
    domain          53/udp          nameserver
    mtp             57/tcp                          # deprecated
    bootps          67/tcp                          # BOOTP server
    bootps          67/udp
    bootpc          68/tcp                          # BOOTP client
    bootpc          68/udp
    tftp            69/udp
    gopher          70/tcp                          # Internet Gopher
    gopher          70/udp
    rje             77/tcp          netrjs
    finger          79/tcp
    www             80/tcp          http            # WorldWideWeb HTTP
    www             80/udp                          # HyperText Transfer Prot
  ocol
    link            87/tcp          ttylink
    kerberos        88/tcp          kerberos5 krb5  # Kerberos v5
    kerberos        88/udp          kerberos5 krb5  # Kerberos v5
    supdup          95/tcp
    # 100 - reserved
    hostnames       101/tcp         hostname        # usually from sri-nic
    iso-tsap        102/tcp         tsap            # part of ISODE.
    csnet-ns        105/tcp         cso-ns          # also used by CSO name s
  erver
    csnet-ns        105/udp         cso-ns
    rtelnet         107/tcp                         # Remote Telnet
    rtelnet         107/udp
    pop-2           109/tcp         postoffice      # POP version 2
    pop-2           109/udp
    pop-3           110/tcp                         # POP version 3
    pop-3           110/udp
    sunrpc          111/tcp         portmapper      # RPC 4.0 portmapper TCP
    sunrpc          111/udp         portmapper      # RPC 4.0 portmapper UDP
    auth            113/tcp         authentication tap ident
    sftp            115/tcp
    uucp-path       117/tcp
    nntp            119/tcp         readnews untp   # USENET News Transfer Pr
  otocol
    ntp             123/tcp
    ntp             123/udp                         # Network Time Protocol
    netbios-ns      137/tcp                         # NETBIOS Name Service
    netbios-ns      137/udp
    netbios-dgm     138/tcp                         # NETBIOS Datagram Servic
  e
    netbios-dgm     138/udp
    netbios-ssn     139/tcp                         # NETBIOS session service
    netbios-ssn     139/udp
    imap2           143/tcp                         # Interim Mail Access Pro
  to v2
    imap2           143/udp
    snmp            161/udp                         # Simple Net Mgmt Proto
    snmp-trap       162/udp         snmptrap        # Traps for SNMP
    cmip-man        163/tcp                         # ISO mgmt over IP (CMOT)
    cmip-man        163/udp
    cmip-agent      164/tcp
    cmip-agent      164/udp
    xdmcp           177/tcp                         # X Display Mgr. Control
  Proto
    xdmcp           177/udp
    nextstep        178/tcp         NeXTStep NextStep       # NeXTStep window
    nextstep        178/udp         NeXTStep NextStep       # server
    bgp             179/tcp                         # Border Gateway Proto.
    bgp             179/udp
    prospero        191/tcp                         # Cliff Neuman's Prospero
    prospero        191/udp
    irc             194/tcp                         # Internet Relay Chat
    irc             194/udp
    smux            199/tcp                         # SNMP Unix Multiplexer
    smux            199/udp
    at-rtmp         201/tcp                         # AppleTalk routing
    at-rtmp         201/udp
    at-nbp          202/tcp                         # AppleTalk name binding
    at-nbp          202/udp
    at-echo         204/tcp                         # AppleTalk echo
    at-echo         204/udp
    at-zis          206/tcp                         # AppleTalk zone informat
  ion
    at-zis          206/udp
    z3950           210/tcp         wais            # NISO Z39.50 database
    z3950           210/udp         wais
    ipx             213/tcp                         # IPX
    ipx             213/udp
    imap3           220/tcp                         # Interactive Mail Access
    imap3           220/udp                         # Protocol v3
    ulistserv       372/tcp                         # UNIX Listserv
    ulistserv       372/udp
    #
    # UNIX specific services
    #
    exec            512/tcp
    biff            512/udp         comsat
    login           513/tcp
    who             513/udp         whod
    shell           514/tcp         cmd             # no passwords used
    syslog          514/udp
    printer         515/tcp         spooler         # line printer spooler
    talk            517/udp
    ntalk           518/udp
    route           520/udp         router routed   # RIP
    timed           525/udp         timeserver
    tempo           526/tcp         newdate
    courier         530/tcp         rpc
    conference      531/tcp         chat
    netnews         532/tcp         readnews
    netwall         533/udp                         # -for emergency broadcas
  ts
    uucp            540/tcp         uucpd           # uucp daemon
    remotefs        556/tcp         rfs_server rfs  # Brunhoff remote filesys
  tem
    klogin          543/tcp                         # Kerberized `rlogin' (v
  5)
    kshell          544/tcp         krcmd           # Kerberized `rsh' (v5)
    kerberos-adm    749/tcp                         # Kerberos `kadmin' (v5)
    #
    webster         765/tcp                         # Network dictionary
    webster         765/udp
    #
    # From ``Assigned Numbers'':
    #
    #> The Registered Ports are not controlled by the IANA and on most system
  s
    #> can be used by ordinary user processes or programs executed by ordinar
  y
    #> users.
    #
    #> Ports are used in the TCP [45,106] to name the ends of logical
    #> connections which carry long term conversations.  For the purpose of
    #> providing services to unknown callers, a service contact port is
    #> defined.  This list specifies the port used by the server process as i
  ts
    #> contact port.  While the IANA can not control uses of these ports it
    #> does register or list uses of these ports as a convienence to the
    #> community.
    #
    ingreslock      1524/tcp
    ingreslock      1524/udp
    prospero-np     1525/tcp                # Prospero non-privileged
    prospero-np     1525/udp
    rfe             5002/tcp                # Radio Free Ethernet
    rfe             5002/udp                # Actually uses UDP only
    bbs             7000/tcp                # BBS service
    #
    #
    # Kerberos (Project Athena/MIT) services
    # Note that these are for Kerberos v4, and are unofficial.  Sites running
    # v4 should uncomment these and comment out the v5 entries above.
    #
    kerberos4       750/udp         kdc     # Kerberos (server) udp
    kerberos4       750/tcp         kdc     # Kerberos (server) tcp
    kerberos_master 751/udp                 # Kerberos authentication
    kerberos_master 751/tcp                 # Kerberos authentication
    passwd_server   752/udp                 # Kerberos passwd server
    krb_prop        754/tcp                 # Kerberos slave propagation
    krbupdate       760/tcp         kreg    # Kerberos registration
    kpasswd         761/tcp         kpwd    # Kerberos "passwd"
    kpop            1109/tcp                # Pop with Kerberos
    knetd           2053/tcp                # Kerberos de-multiplexor
    zephyr-srv      2102/udp                # Zephyr server
    zephyr-clt      2103/udp                # Zephyr serv-hm connection
    zephyr-hm       2104/udp                # Zephyr hostmanager
    eklogin         2105/tcp                # Kerberos encrypted rlogin
    #
    # Unofficial but necessary (for NetBSD) services
    #
    supfilesrv      871/tcp                 # SUP server
    supfiledbg      1127/tcp                # SUP debugging
    #
    # Datagram Delivery Protocol services
    #
    rtmp            1/ddp                   # Routing Table Maintenance Proto
  col
    nbp             2/ddp                   # Name Binding Protocol
    echo            4/ddp                   # AppleTalk Echo Protocol
    zip             6/ddp                   # Zone Information Protocol
    #
    # Debian GNU/Linux services
    rmtcfg          1236/tcp                # Gracilis Packeten remote config
  server
    xtel            1313/tcp                # french minitel
    cfinger         2003/tcp                # GNU Finger
    postgres        4321/tcp                # POSTGRES
    mandelspawn     9359/udp        mandelbrot      # network mandelbrot
  # Local services

  5.8.2.  /etc/inetd.conf

  /etc/inetd.conf  inetd    ̴. ̰
   Ư  񽺿  ӿû   ؾϴ
  inetd ˷ ִ ̴. ޾Ƶ̱⸦ ϴ  񽺿 
  inetd     Ұ  ˷־ Ѵ.

  ̰  ſ ϴ.   ϰ 񽺸 Ÿִ
  ؽ Ʈ ̴. '#'  ؽƮ õǸ ּ ֵȴ. 
    (tab Ǵ space) еǴ 7 ʵ带 ´.
  Ϲ    .

   service  socket_type   proto  flags   user  server_path  server_args

     service
        /etc/services Ͽó   ̴.

     socket_type
         ʵ ش Ʈ ȴٰ   Ÿ
        Ѵ.    stream, dgram, raw, rdw Ǵ
        seqpacket̴. ̰ ڿ  ణ ε, ù° Ģ
          tcp  񽺴 stream ϰ   udp
         񽺴 dgram Ѵ.  ٸ  ϴ° ſ
        Ư  ϶ ̴.

      proto
         Ʈ ȿϴٰ ֵǴ . ̰ /etc/services
           Ʈ ġǾ ϸ  tcp Ǵ udp
         ϳ ̴.Sun RPC(Remote Procedure Call) 
        rpc/tcp Ǵ rpc/udp   Ѵ.

      flags
         ʵ带  ÿ ΰ ۿ . α׷ ѵ
          ־  Ŀؼ û  ο ϰ
        ϴ³, ƴϸ ٸ ٸ  ̹ Ѵٰ Ͽ
         ͳؼ ٷ Ұ̳ϴ ΰ̴.  ̰ ٷ
         ణ ָ , tcp   Ʈ nowait
        ϰ udp  ̰ wait ϴ° ù°
        ̴. ̰Ϳ ܰ    ׷Ƿ Ȯ
          ̵带 ϶.

     user
        Ʈũ  Ҷ /etc/passwd    
          ɰΰ ش. ̰ ȹ 
        ġ Ҷ ϴ.  Ʈ  nobody ν
        Ʈũ     ظ ּȭ Ҽִ. ׷
         ʵ  root Ǵµ   
        ϱ ؼ root  䱸ϱ ̴.

     server_path
         Ʈ     α׷ ̴.

     server_args
         ʵ   κ ̷ ̴.  ʵ 
         α׷ ɶ α׷ Ѱְ Ŀǵ 
         ־ִ κ̴.

  5.8.2.1.  /etc/inetd.conf .

  /etc/services Ͽ ؼ ó    Ǹ
  /etc/inetd.co nf  ϰ ִ. ⿡   ԵǾ
  ִ  /etc/ inetd.conf   ִ.

  # /etc/inetd.conf:  see inetd(8) for further informations.
    #
    # Internet server configuration database
    #
    #
    # Modified for Debian by Peter Tobias <<url url="mailto:tobias@et-inf.fho-emden.de" name="tobias@et-inf.fho-emden.de">>
    #
    # <service_name> <sock_type> <proto> <flags> <user> <server_path> <args>
    #
    # Internal services
    #
    #echo           stream  tcp     nowait  root    internal
    #echo           dgram   udp     wait    root    internal
    discard         stream  tcp     nowait  root    internal
    discard         dgram   udp     wait    root    internal
    daytime         stream  tcp     nowait  root    internal
    daytime         dgram   udp     wait    root    internal
    #chargen        stream  tcp     nowait  root    internal
    #chargen        dgram   udp     wait    root    internal
    time            stream  tcp     nowait  root    internal
    time            dgram   udp     wait    root    internal
    #
    # These are standard services.
    #
    telnet  stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.teln
  etd
    ftp     stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.ftpd
    #fsp    dgram   udp     wait    root    /usr/sbin/tcpd  /usr/sbin/in.fspd
    #
    # Shell, login, exec and talk are BSD protocols.
    #
    shell   stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.rshd
    login   stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.rlog
  ind
    #exec   stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.rexe
  cd
    talk    dgram   udp     wait    root    /usr/sbin/tcpd  /usr/sbin/in.talk
  d
    ntalk   dgram   udp     wait    root    /usr/sbin/tcpd  /usr/sbin/in.ntal
  kd
    #
    # Mail, news and uucp services.
    #
    smtp    stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.smtp
  d
    #nntp   stream  tcp     nowait  news    /usr/sbin/tcpd  /usr/sbin/in.nntp
  d
    #uucp   stream  tcp     nowait  uucp    /usr/sbin/tcpd  /usr/lib/uucp/uuc
  ico
    #comsat dgram   udp     wait    root    /usr/sbin/tcpd  /usr/sbin/in.coms
  at
    #
    # Pop et al
    #
    #pop-2  stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.pop2
  d
    #pop-3  stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.pop3
  d
    #
    # `cfinger' is for the GNU finger server available for Debian.  (NOTE: Th
  e
    # current implementation of the `finger' daemon allows it to be run as `r
  oot'.)
    #
    #cfinger stream tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.cfin
  gerd
    #finger stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.fing
  erd
    #netstat        stream  tcp     nowait  nobody  /usr/sbin/tcpd  /bin/nets
  tat
    #systat stream  tcp     nowait  nobody  /usr/sbin/tcpd  /bin/ps -auwwx
    #
    # Tftp service is provided primarily for booting.  Most sites
    # run this only on machines acting as "boot servers."
    #
    #tftp   dgram   udp     wait    nobody  /usr/sbin/tcpd  /usr/sbin/in.tftp
  d
    #tftp   dgram   udp     wait    nobody  /usr/sbin/tcpd  /usr/sbin/in.tftp
  d /boot
    #bootps dgram   udp     wait    root    /usr/sbin/bootpd        bootpd -i
  -t 120
    #
    # Kerberos authenticated services (these probably need to be corrected)
    #
    #klogin         stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin
  /in.rlogind -k
    #eklogin        stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin
  /in.rlogind -k -x
    #kshell         stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin
  /in.rshd -k
    #
    # Services run ONLY on the Kerberos server (these probably need to be cor
  rected)
    #
    #krbupdate      stream tcp      nowait  root    /usr/sbin/tcpd  /usr/sbin
  /registerd
    #kpasswd        stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin
  /kpasswdd
    #
    # RPC based services
    #
    #mountd/1       dgram   rpc/udp wait    root    /usr/sbin/tcpd  /usr/sbin
  /rpc.mountd
    #rstatd/1-3     dgram   rpc/udp wait    root    /usr/sbin/tcpd  /usr/sbin
  /rpc.rstatd
    #rusersd/2-3    dgram   rpc/udp wait    root    /usr/sbin/tcpd  /usr/sbin
  /rpc.rusersd
    #walld/1        dgram   rpc/udp wait    root    /usr/sbin/tcpd  /usr/sbin
  /rpc.rwalld
    #
    # End of inetd.conf.
    ident           stream  tcp     nowait  nobody  /usr/sbin/identd        i
  dentd -i

  5.9.  Ʈũ  ٸ  ϵ.

  /etc/protocol     ̵ ִ
  ͺ ̴̽. ̰ α׷Ӱ α׷  
   Ҽ ֵ ָ tcpdump  α׷ 
  ѹ ̸ ϵ  .   Ϲ ý 
  .

       protocolname number aliases

    Բ Ǵ /etc/protocols   .

  # /etc/protocols:
    # $Id: protocols,v 1.1 1995/02/24 01:09:41 imurdock Exp $
    #
    # Internet (IP) protocols
    #
    #       from: @(#)protocols     5.1 (Berkeley) 4/17/89
    #
    # Updated for NetBSD based on RFC 1340, Assigned Numbers (July 1992).
  ip      0       IP              # internet protocol, pseudo protocol numb
  er
    icmp    1       ICMP            # internet control message protocol
    igmp    2       IGMP            # Internet Group Management
    ggp     3       GGP             # gateway-gateway protocol
    ipencap 4       IP-ENCAP        # IP encapsulated in IP (officially ``IP
    st      5       ST              # ST datagram mode
    tcp     6       TCP             # transmission control protocol
    egp     8       EGP             # exterior gateway protocol
    pup     12      PUP             # PARC universal packet protocol
    udp     17      UDP             # user datagram protocol
    hmp     20      HMP             # host monitoring protocol
    xns-idp 22      XNS-IDP         # Xerox NS IDP
    rdp     27      RDP             # "reliable datagram" protocol
    iso-tp4 29      ISO-TP4         # ISO Transport Protocol class 4
    xtp     36      XTP             # Xpress Tranfer Protocol
    ddp     37      DDP             # Datagram Delivery Protocol
    idpr-cmtp       39      IDPR-CMTP       # IDPR Control Message Transport
    rspf    73      RSPF            # Radio Shortest Path First.
    vmtp    81      VMTP            # Versatile Message Transport
    ospf    89      OSPFIGP         # Open Shortest Path First IGP
    ipip    94      IPIP            # Yet Another IP encapsulation
    encap   98      ENCAP           # Yet Another IP encapsulation

  5.9.1.  /etc/networks

  /etc/networks  /etc/hosts ϰ    ִ.
  ̰ Ʈũ ӿ  巹 ϴ 
  ͺ̴̽. δ  ΰ ʵ带 ´ٴ  ٸ 
  ʵ   ڵȴ.

       # networkname networkaddress

    :

       loopnet     127.0.0.0
          localnet    192.168.0.0
          amprnet     44.0.0.0

  route   ϸ,  Ʈũϰ  Ʈũ
  /etc/net works Ʈ  route  巹 ſ 
  ÷  ̴ٰ.

  5.10.  Ʈũ Ȱ ＼ Ʈ.

   ݿ  ڽ ӽŰ Ʈũ Ű° ſ 
   ̶° ϸ  κ ϰڴ.   ڽ 
  о    ʴ´.     ī
   ȴ   ȹ  ɰϴٸ  ΰ
       õѴ. ͳݿ õ   ִ.

   ߿  '    !' ̴. 
     񽺰 ǰ ڵ ϵ Ǿִ.
  ּҷ   ؼ Ȯϰ ϰʹٸ /etc/inetd.conf 
  캸    Ʈ  ּóض. 
  ĺ(?)   ̴.

  shell, login, exec, uucp, ftp ׸ finger, netstat, systat 
   ̴.

  װ   Ȱ ＼ Ʈ ī   ׵
    ҿ   ̴.

  5.10.1.  /etc/ftpusers

  /etc/ftpusers  Ư  ftp  ӽ  
     ī̴. /etc/ftpusers   ftp Ŀؼ
   ftp   .   α  ʴ
  ڵ ~Tg~PA Ʈ̴. ̰   ϰ̴.

       # /etc/ftpusers - ftp α ȵǴ .
          root
          uucp
          bin
          mail

  5.10.2.  /etc/securetty

  /etc/securetty root  α Ǵ tty ̽ ϵ
   . /etc/securetty α׷ login α׷( /bin/login)
    . ̰  root α Ǵ tty ̽
  Ʈ̴.  (̿ tty root login Ұ)

       #/etc/securetty - tty's on which root is allowed to login
          tty1
          tty2
          tty3
          tty4

  5.10.3.  tcpd ȣƮ ＼ Ʈ ī.

  /etc/inetd.conf Ʈ Ȱ  tcpd α׷ ȣϵ
    αΰ ＼ Ʈ ī Ѵ.  ̰
  inetd α׷  ȣǾ, ̰ ＼  ȣ 
  ִ   ƴ ϰ ִ ΰ  д´.

  ̰ ù° ġ(match) ߰ߵɶ    ã̴. ġ
      ＼ Գ Ѱ Ѵ. ̰
  ã    /etc/hosts.allow /etc/hosts.deny ̴. 
  ̰ ʷ  ϰڴ.   Ϻ  ؼ 
   ؾ ʿ  ִ. (hosts_access(5)  
  ȴ.).

  5.10.3.1.  /etc/hosts.allow

  /etc/hosts.allow  /usr/sbin/tcpd α׷ ̴.
  hosts.allo w    ȣƮ  ӽŻ 񽺿
  Ǵ ϴ  ϴ ̴.

    ſ ϴ.

  # /etc/hosts.allow # #<service list>: <host list> [: commnad]

      service list
          Ǵ   Ʈ ȣ̴. 
          : ftpd, telnetd, fingerd

      host list
        ȣƮ   Ʈ ȣ̴. ⿡ IP 巹
          ִ. Դٰ ׷ ȣƮ ̿ϵ ȣƮ IP
        巹 ϵ ī带 ̿Ͽ Ҽ ִ.  :
        gw.vk2ktj.ampr.o rg õ ȣƮ Ӱ ġǰ,
        .uts.edu.au   Ʈ   ȣƮӰ
        ġɰ̸, 44.  ̰ ϴ  IP ġɰ̴.
         ϰ ϱ  Ư ǥ  ִµ, ̵
          : ALL  ȣƮ ġ , LOCAL
        '.'  ʴ  ȣƮ ġȴ. PARANOID IP
        巹 ġ ʴ  ȣƮӰ ġȴ(name spoofi
        ng).    ū ϳ  ִ. EXCEPT ܸ
         Ʈ ϴ  Ұ̴.

     command
        ̰ ɼ Ķ̴. ̰   ɶ Ǵ
          Ǯ н̴. ̰ ν ȣƮ 
        αߴ°  ϴ  õҼ ְ, Ǵ 
         õѴٰ ý ڿ  ų ޼
         ִ.   ɼִ Ȯ ִµ, 
          : %h Ŀ ȣ Ʈ  Ǵ  ƴ϶
        IP 巹 Ȯ¡ϸ, %d ȣ    ȮѴ.

  :

  #/etc/hosts.allow
   #
   # Allow mail to anyone
   in.smtpd: ALL
   # All telnet and ftp to only hosts within my domain and my host at home.
   telnetd, ftpd: LOCAL, myhost.athome.org.au
   # Allow finger anyone but keep a record of who they are.
   fingerd: ALL: (finger @%h | mail -s "finger from %h" root)

  5.10.3.2.  /etc/hosts.deny

  /etc/hosts.deny  /usr/sbin/tcpd α׷ ̴.
  hosts.deny   ӽŻ 񽺿 ＼  ʴ
  ȣƮ ϴ  Ѵ.

      ִ.

       # /etc/hosts.deny
          # Disallow all hosts with suspect hostnames
          ALL: PARANOID
          #
          # Disallow all hosts.
          ALL: ALL

  ̰  Ʈ  ȣƮ Ƿ PARANOID Ʈ
  ǹ ̴.  ϳ Ʈ  䱸  ո
  Ʈ ɰ .

  /etc/hosts.deny ALL: ALL Ʈ  /etc/hosts.allow ϴ
    ȣƮ ϴ°   ̴.

  5.10.4.  /etc/hosts.equiv

  hosts.equiv  Ư ȣƮ Ư  н 
  ӽŻ   ＼  ֱ ȴ. ̰  
  ӽ  Ҽ ִ  ȯ濡 ſ ϳ, ׷ 
   Ȼ   ȴ.  ȣƮ   ӹ޴
  ȣƮŭ һ̴.   ִȭϱ ؼ  
    ڵ鵵 .rhosts    ʵ Ǹ
  ־.

  5.10.5.  ftp   .

   Ʈ  Ͽ Ư ̵ 䱸 ʰ  
  Ǵ ٿε Ҽֵ ͸ ftp ϴµ  ΰ ִ.
  ̰   ߴٸ anonymous ＼   
  ־ Ȯ . κ fptd(8)  ̰Ϳ 
   ϰ ִ.   ׻  Ǹ  ִ Ȯؾ
  Ѵ.  ߿  anonymous  /etc 丮 /etc/passwd
  纻  ʴ°̴. ݵ ʿ  ϰ 
  ֹ ض. ׷     ũŷݿ 
    ϰ ɰ̴.

  5.10.6.  Ʈũ ̾.

  ͱ׷   ӽſ  ϰ ϴ° پ
  ȼ ̴. ̰Ϳ  ڼ  firewall-howto
  ٷ.

  5.10.7.  ٸ ȵ.

  ⿡ ٸ,    غ   ִ.

     sendmail
        װ ߼ ұϰ      
          ηϴ ó δ. װ п ޷,
           ʰڴ.

     NFS  ׿ Sun RPC .
        ̰ ϶.  񽺿   exploit ִ. NFS
          ɼ ߰Ѵٴ   ƴ. ׷
         װ Ѵٸ Ʈ Ǹ  οϴ°
         ϶.

  6.  Network Technology Specific Information.

    κе Ư Ʈũ    ̴. 
  κп  Ե  ٸ Ÿ Ʈũ  ݵ Ǵ 
  ƴϴ.

  6.1.  ARCnet

  ARCNET ̽ 'arc0s', 'arc1e', 'arc2e'  ̸ٿ.
  Ŀο   ó ߰ߵǴ ī 'eth0' ҴǸ 
  ׵ ߰ߵǴ    ʴ Ҵȴ.  ڴ ̴
  ĸ̼ Ŷ  ߴ, RFC1051 Ŷ  ߴ
  ˷ش.

  Ŀ  ɼ:

  Network device support  ---> [*] Network device support <*> ARCnet
  support [ ]   Enable arc0e (ARCnet "Ether-Encap" packet format) [ ]
  Enable arc0s (ARCnet RFC1051 packet format)

  ѹ̶ ̴ ī   Ŀ   
  ִٸ  ī  ̴.

      ̴:

       # ifconfig arc0e 192.168.0.1 netmask 255.255.255.0 up
          # route add 192.168.0.0 netmask 255.255.255.0 arc0e

  ڼ  /usr/src/linx/Documentation/networking/arcnet-hard
  ware.txt  ϶.

  ARCNet  Avery Pennarun, apenwarr@foxnet.net
  <mailto:apenwarr@foxnet.net> ؼ ߵǾ.

  6.2.  Appletalk(AF_APPLETALK)

  Appletalk  Ư ̽  ʴµ, ̰ 
  Ʈũ ̽ ϱ ̴. ̰ ߿  
  ӽŰ  ǻ Ͱ ͳ ũ ڿ ϱ ؼ̴.
  ߰ Ʈ ʿϸ ̰ netatalk Ҹ. Wesley Craig
  netatalk@umich.edu <mailto:netatalk@umich.edu>  ð 
  'Research Systems Unix Groups'̶  ǥ ׵ neta talk
  Ű  µ, ̰ Appletalk  ð  
  ƿƼ ϴ Ʈ Ѵ. netatalk Ű 
    ǰų ƴϸ ̽ð п ִ ȨƮ ftp
    .

  <terminator.rs.itd.umich.edu/unix/netatalk/
  <ftp://terminator.rs.itd.umich.edu/unix/netatalk/>>

   Ű ġϱ ؼ   ϶.

       # cd /usr/src
          # tar xvfz .../netatalk-1.4b2.tar.Z
          - ⼭ 'Makefile' ϰ  ִµ, Ư ϵ 

   ġ ΰ ִ DESTDIR  ٲپ ֱ   
  ̴. Ʈ /usr/local/atalk Ǿִµ ſ ϴ.

          # make
          - as root:
          # make install

  6.2.1.  Appletalk Ʈ .

  ̰ ϰ ϱ   ؾ /etc/services Ͽ
  ο Ʈ ߰ϴ ̴. ߰ Ʈ  :

      rtmp    1/ddp   # Routing Table Maintenance Protocol
         nbp     2/ddp   # Name Binding Protocol
         echo    4/ddp   # AppleTalk Echo Protocol
         zip     6/ddp   # Zone Information Protocol

   /usr/local/atalk/etc 丮(Ȥ Ű ġ
  丮) ap pletalk   ִ ̴.
  ó  ϴ  /usr/local/atalk/etc/atalkd.conf
  ̴.  ó    ӽ ִ Ʈũ ϴ
  Ʈũ ̽  ̸ ϴ ϳ θ ʿһ̴.

       eth0

  Appletalk   λ׵ ڿ ߰Ұ̴.

  6.2.2.  Appletalk   Ͻý Ž.

  Ʈũ øӽ ϵ  Ͻý Ʈũ
  export Ҽ ִ.

  ̰ ؼ /usr/local/atalk/etc/AppleVolumes.system 
  ؾ Ѵ. /usr/local/atalk/etc/AppleVolumes.default Ҹ ٸ
   ϵ ִµ ̰     , ԽƮ
      ڰ   ý  ΰ
  Ѵ.

       λװ  پ ɼ ִ° afpd
    ã ִ.

      ִ:

       /tmp Scratch
          /home/ftp/pub "Public Area"

  ̰ /tmp Ͻý AppleShare Volume 'Scratch', ftp public
   丮 AppleShare Volume 'Public Area' export Ұ̴. Vol
  ume ̸    ƴϰ   ϸ, ¶
  ׵  ƶ.

  6.2.3.  Appletalk    ϱ.

   ϰ  ͸  ӽŰ Ҽ ִ. 
  Apple Pr inter Access Protocol Daemon papd  ʿ䰡 ִ. 
  α׷  ϸ ̰  ӽ  û ޾Ƶ̰ 
      Ʈ  ǮҰ̴.

     ؼ /usr/local/atalk/etc/papd.conf  
   䰡 ִ. ǿ ־ ̸ Appletalk naming ݰ Բ
  ϵɰ ̴.

      ִ:

       TricWriter:\
              :pr=lp:op=cg:

  ̰ Appletalk Ʈũ  'TricWriter' ̸ ͸
    job lpd ϴ 'lp'(/etc/printcap ǵ ٿ
  )  ͷ Ʈ ɰ̴. 'op=cg' Ʈ   'cg'
   ۷  ش.

  6.2.4.  Appletalk Ʈ ϱ.

  ok,   ⺻  ׽Ʈ غ Ǿ. netatalk
  Ű   Ǹ  ϴ rc.atalk  ִ. ׷Ƿ
     ָ ȴ.

       # /usr/local/atalk/etc/rc.atalk

   ϰ  ư̴. ƹ ޼  ̰, 
    Ҷ  Ʈ ַܼ ޼ ̴.

  6.2.5.  appletalk Ʈ ׽Ʈ.

   Ʈ ϰ ϴ° ׽Ʈϱ ؼ øӽ
   , Apple ޴ Ǯٿϰ, Chooser ѵ, AppleShare
  Ŭ . ׷  ڽ ϰ̴.

  6.2.6.  appletalk Ʈ .

  1. IP Ʈũ ϱ  appletalk  ؾ 
     𸥴.  Appletalk α׷ ϴµ  ִٸ, Ȥ װ
     ѵڿ IP Ʈũ  ٸ, /etc/rc.d/rc.inet1 
     ϱ  Appletalk α׷  ƶ.

  2. afpd(Apple Filing Protocol Daemon) ϰ ϵũ
     ƸԴ´.  Ʈ Ʈ Ʒ ̰  丮 .
     ̰ .AppleDouble 丮  resource fork  
     ִ. ׷Ƿ '/' ͽ (exporting)ϱ  ι ϶.
     ߿ ϴµ  ð ɸ̴.

  3. afpd α׷ κ Ŭ ؽƮ н带 Ѵ.
         Ƿ ͳݿ  ӽſ  
     Ҷ ϶.   Ѵٸ  ڽ
     ؾ Ѵ.

  4. netstat, ifconfig  м Appletalk  ʴ´.
     ʿ ٸ /proc/net 丮   ִ.

  6.2.7.  ׿ .

   Aplletalk ϴ    ڼ 
  thehamptons.c om <thehamptons.com/anders/netatalk/
  <http://thehamptons.com/anders/netatalk/>> Anders Brownworth Linux
  Net atalk-HOWTO  ϶.

  6.3.  ATM

   Asynchronous Transfer Mode ϱ  Ʈ Werner
  Alme sberger <werner.almesberger@lrc.di.epfl.ch
  <mailto:werner.almesberger@lrc.di.epfl.ch>> ̴. Ʈ
  Ȳ       ִ.<www.epfl.ch/linux-atm
  <http://www.epfl.ch/linux-atm>>

  6.4.  AX25 (AF_AX25)

  AX.25 ̽ Ŀ 2.0.* 'sl0', 'sl1' ̰, Ŀ 2.1.*
  'ax0',

  Kernel Compile Options: Networking options  ---> [*] Amateur Radio
  AX.25 Level 2

  AX25, Netrom, Rose Ŭ AX25-HOWTO  ٷ . 
   Ŷ    Ƹ߾  ۷Ϳ 
  ȴ.

    implementation κ ۾ Jonathon Naylor,
  jsn@cs.not.ac.uk <mailto:jsn@cs.not.ac.uk>  ̷.
  6.5.  DECNet.

  DECNet  絵  ۾̴.  2.1.* Ŀο 
   ڴ.

  6.6.  EQL - multiple line traffic equaliser

  EQL ̽ ̸ 'eql'̴. ǥ Ŀμҽδ  ӽŴ ϳ
  EQL  ̽ ´. EQL tcp/ip ϴ ̱ 
  ũμ PPP, sli p, plip  point to point Ȱ 
  Ѵ.        Ѱ  
  °ͺ  δ.

  Kernel Compile Options: Networking options  ---> [*] Amateur Radio
  AX.25 Level 2

   ī ϱ ؼ  ٸ  ִ ӽŵ EQL
    Ѵ. Linux, Livingstone, Portmaster ׸ ο ̾
   ȣȯ ɷ Ѵ.

  EQL ϱ ؼ  Ҽ ִ eql  ־ Ѵ.
  sunsite.unc.edu
  <sunsite.unc.edu/pub/linux/system/Serial/eql-1.2.tar.gz
  <ftp://sunsite.unc.edu/pub/linux/system/Serial/eql-1.2.tar.gz>>

    ϴ. eql ̽ ϸ鼭 Ѵ. eql
    ٸ Ʈũ ̽ ϴ.  
  ifconfig ƿƼ ̿Ͽ IP 巹 myu Ѵ.

   ifconfig eql 192.168.10.1 mtu 1006
      route add default eql

       ʱȭ ʿ䰡 ִ. ̰
  point to point ̽  Ÿ. Ŀؼ 
  ʱȭҰΰ ϴ°     ޶,  ڼ 
   κ ϱ  .

   EQL ̽ ø ũ  ʿ䰡 , ̰
  'ensl aving'̶ Ҹ ̴ ٿ  eql_enslave 
  ̷.

       eql_enslave eql sl0 28800
          eql_enslave eql ppp0 14400

   eql_enslave ϴ 'estimated speed' Ķʹ
  δ ƹ͵   ̴. ̰ EQL ̹ 
  ̽ ŭ ͱ׷ ΰ ϱ  ȴ.
  ׷Ƿ     ν   Ҽ ִ.

  EQL ̽     ؼ  
  eql_emancipate  Ѵ.

       eql_emancipate eql sl0

  Ʈ  ø ̽ ſ eql ̽ ϴ 
    ٸ point to point ũ  ߰Ҽ ִ.
     Ͽϰ:

       route add default eql0

  EQL ̹ Simon Janes simon@ncm.com <mailto:simon@ncm.com> 
  ߵǾ.

  6.7.  ̴.

  ̴ ̽ ̸ 'eth0', 'eth1' ,'eth2' ̴. Ŀο 
  ù°  ߰ߵǴ ī 'eth0' ҴǸ  ߰ߵǴ ߰ߵǴ
   Ҵȴ.

   󿡼 ̴ ī ۹ ˰ʹٸ Ethernet-HOWTO
  ϶.

  ̴ ī带 ϵ Ŀ  Ҵٸ   ̴.

  ü   Ÿ̴.

   # ifconfig eth0 192.168.0.1 netmask 255.255.255.0 up
      # route add 192.168.0.0 netmask 255.255.255.0 eth0

  κ ̴ ̹ Donald Becker, becker@CESDIS.gsfc.nasa.gov
  <mailto:becker@CESDIS.gsfc.nasa.gov>   ߵǾ.

  6.8.  FDDI

  FDDI ̽  'fddi0', 'fddi1', 'fddi2' ̴. Ŀο 
  ó  ߰ߵǴ ̽ 'fddi0' Ҵǰ,  ߰ߵǴ
    ȴ.

  Lawrence V. Stefani, stefani@lkg.dec.com
  <mailto:stefani@lkg.dec.com>  Digital Equipment Corporation FDDI
  EISA ׸ PCI ī带 ߴ.

  Kernel Compile Options: Network device support  ---> [*] FDDI driver
  support [*] Digital DEFEA and DEFPA adapter support

  FDDI ̹ ϴ Ŀ  ġߴٸ, FDDI ̽
    ̴ ̽   ϴ.  FDDI
  ̽ ̸  ifconfig route ɿ ؾ Ѵ.

  6.9.  Frame Relay

  DLCI ĸ̼ ̽    ̽ ̸
  'dlci00' , 'dlci01' ̸, FRAD   'sdla0', 'sdla1'̴.

   ̴  Ǵ  Ŀ Ŀ´̼ Ʈȿ
      ο Ʈŷ ̴. Frame Relay Access
  Device(FRAD)    Ʈũ Ҽ ִ. 
   ̴ RFC- 1490 ȴ   󿡼 IP
  Ѵ.

  Kernel Compile Options: Network device support  ---> <*> Frame relay
  DLCI support (EXPERIMENTAL) (24)   Max open DLCI (8)   Max DLCI per
  device <*>   SDLA (Sangoma S502/S508) support

  Mike McLagan, mike.mclagan@linux.org <mailto:mclagan@linux.org>
       ߴ.

   Ǵ   ̴ Sangoam Technology S502A,
  S502E, S5 08̴.

  Ŀ 缳ġĿ FRAD DLCI ϱ ؼ ftp.invlogic.com
    ִ    ʿϴ.
  <ftp://ftp.invlogic.com/pub/linux/fr/frad-0.15.tgz>. ϰ ġ
  ſ ϳ, top  Makefile Ƿ  ־ Ѵ.

       # cd /usr/src
          # tar xvfz .../frad-0.15.tgz
          # cd frad-0.15
          # for i in common dlci frad; do cd $i; make clean; make; cd ..;done
          # mkdir /etc/frad
          # install -m 644 -o root -g bin/*.sfm /etc/frad
          # install -m 700 -o root -g root frad/fradcfg /sbin
          # install -m 700 -o root -g root dlci/dlcicfg /sbin

   ġѵڿ /etc/frad/router.conf   ʿ䰡 ִ. 
  ø ̿Ҽ , ̰    ̴.

  # /etc/frad/router.conf
    # This is a template configuration for frame relay.
    # All tags are included. The default values are based on the code
    # supplied with the DOS drivers for the Sangoma S502A card.
    #
    # A '#' anywhere in a line constitutes a comment
    # Blanks are ignored (you can indent with tabs too)
    # Unknown [] entries and unknown keys are ignored
    #
  [Devices]
    Count=1                 # number of devices to configure
    Dev_1=sdla0             # the name of a device
    #Dev_2=sdla1            # the name of a device
  # Specified here, these are applied to all devices, and can be overriden
  for
    # each individual board.
    #
    Access=CPE
    Clock=Internal
    KBaud=64
    Flags=TX
    #
    # MTU=1500              # Maximum transmit IFrame length, default is 4096
    # T391=10               # T391 value    5 - 30, default is 10
    # T392=15               # T392 value    5 - 30, default is 15
    # N391=6                # N391 value    1 - 255, default is 6
    # N392=3                # N392 value    1 - 10, default is 3
    # N393=4                # N393 value    1 - 10, default is 4
  # Specified here, these set the defaults for all boards
    # CIRfwd=16             # CIR forward   1 - 64
    # Bc_fwd=16             # Bc forward    1 - 512
    # Be_fwd=0              # Be forward    0 - 511
    # CIRbak=16             # CIR backward  1 - 64
    # Bc_bak=16             # Bc backward   1 - 512
    # Be_bak=0              # Be backward   0 - 511
  #
    #
    # Device specific configuration
    #
    #
  #
    # The first device is a Sangoma S502E
    #
    [sdla0]
    Type=Sangoma            # Type of the device to configure, currently only
                            # SANGOMA is recognised
    #
    # These keys are specific to the 'Sangoma' type
    #
    # The type of Sangoma board - S502A, S502E, S508
    Board=S502E
    #
    # The name of the test firmware for the Sangoma board
    # Testware=/usr/src/frad-0.10/bin/sdla_tst.502
    #
    # The name of the FR firmware
    # Firmware=/usr/src/frad-0.10/bin/frm_rel.502
    #
    Port=360                # Port for this particular card
    Mem=C8                  # Address of memory window, A0-EE, depending on c
  ard
    IRQ=5                   # IRQ number, do not supply for S502A
    DLCIs=1                 # Number of DLCI's attached to this device
    DLCI_1=16               # DLCI #1's number, 16 - 991
    # DLCI_2=17
    # DLCI_3=18
    # DLCI_4=19
    # DLCI_5=20
    #
    # Specified here, these apply to this device only,
    # and override defaults from above
    #
    # Access=CPE            # CPE or NODE, default is CPE
    # Flags=TXIgnore,RXIgnore,BufferFrames,DropAborted,Stats,MCI,AutoDLCI
    # Clock=Internal        # External or Internal, default is Internal
    # Baud=128              # Specified baud rate of attached CSU/DSU
    # MTU=2048              # Maximum transmit IFrame length, default is 4096
    # T391=10               # T391 value    5 - 30, default is 10
    # T392=15               # T392 value    5 - 30, default is 15
    # N391=6                # N391 value    1 - 255, default is 6
    # N392=3                # N392 value    1 - 10, default is 3
    # N393=4                # N393 value    1 - 10, default is 4
  #
    # The second device is some other card
    #
    # [sdla1]
    # Type=FancyCard        # Type of the device to configure.
    # Board=                # Type of Sangoma board
    # Key=Value             # values specific to this type of device
  #
    # DLCI Default configuration parameters
    # These may be overridden in the DLCI specific configurations
    #
    CIRfwd=64               # CIR forward   1 - 64
    # Bc_fwd=16             # Bc forward    1 - 512
    # Be_fwd=0              # Be forward    0 - 511
    # CIRbak=16             # CIR backward  1 - 64
    # Bc_bak=16             # Bc backward   1 - 512
    # Be_bak=0              # Be backward   0 - 511
  #
    # DLCI Configuration
    # These are all optional. The naming convention is
    # [DLCI_D<devicenum>_<DLCI_Num>]
    #
  [DLCI_D1_16]
    # IP=
    # Net=
    # Mask=
    # Flags defined by Sangoma: TXIgnore,RXIgnore,BufferFrames
    # DLCIFlags=TXIgnore,RXIgnore,BufferFrames
    # CIRfwd=64
    # Bc_fwd=512
    # Be_fwd=0
    # CIRbak=64
    # Bc_bak=512
    # Be_bak=0
  [DLCI_D2_16]
    # IP=
    # Net=
    # Mask=
    # Flags defined by Sangoma: TXIgnore,RXIgnore,BufferFrames
    # DLCIFlags=TXIgnore,RXIgnore,BufferFrames
    # CIRfwd=16
    # Bc_fwd=16
    # Be_fwd=0
    # CIRbak=16
    # Bc_bak=16
    # Be_bak=0

  /etc/frad/router.conf  ,  ̽ ϴ ϸ
   Ҵ. ̰  Ʈũ ̽   ϸ, DLCI
  ĸ ̼ ̽  FRAD ̽ ;  ؾ
  Ѵ.

   # Configure the frad hardware and the DLCI parameter
      /sbin/fradcfg /etc/frad/router.conf || exit 1
      /sbin/dlcicfg file /etc/frad/router.conf
      # Bring up the FRAD device
      ifconfig sdla0 up
      #
      # Configure the DLCI encapsulation interface and routing
      ifconfig dlci00 192.168.10.1 pointopoint 192.168.10.2 up
      route add 192.168.10.0 netmask 255.255.255.0 dlci00
      #
      ifconfig dlci01 192.168.11.1 pointopoint 192.168.11.2 up
      route add 192.168.11.0 netmask 255.255.255.0 dlci00
      #
      route add default dev dlci00
      #

  6.10.  IP ī.

   Ŀ IP ī feature  Ʈũ  ͸
  ϰ мҼ ְ ش.  ʹ װ 
  µ Ŀ   Ŷ   Ʈ ̷.
   ڽ  °  figure зϴ پ  Ҽ
  ִ.

  Kernel Compile Options: Networking options  ---> [*] IP: accounting

  Ŀ ϰ ġѵڿ IP ī ϱ ؼ ipfwadm
     ʿ䰡 ִ. Ҽ ִ IP ī з
   ִ.   ϱ    ϳ , 
  ڼ  ϸ ipfwadm  о ٶ.

  ó: PPP ͳݿ  ̴ Ʈũ ִ. ̴ 󿡴
  y  񽺸 ϴ ӽ ְ, telnet, rogin, ftp, www 
   ߻  Ʈ ˰; Ѵ.

  Ƹ   ̴ ɾ  Ұ̴.

      #
         # Flush the accounting rules
         ipfwadm -A -f
         #
         # Add rules for local ethernet segment
         ipfwadm -A in -a -P tcp -D 44.136.8.96/29 20
         ipfwadm -A out -a -P tcp -S 44.136.8.96/29 20
         ipfwadm -A in -a -P tcp -D 44.136.8.96/29 23
         ipfwadm -A out -a -P tcp -S 44.136.8.96/29 23
         ipfwadm -A in -a -P tcp -D 44.136.8.96/29 80
         ipfwadm -A out -a -P tcp -S 44.136.8.96/29 80
         ipfwadm -A in -a -P tcp -D 44.136.8.96/29 513
         ipfwadm -A out -a -P tcp -S 44.136.8.96/29 513
         ipfwadm -A in -a -P tcp -D 44.136.8.96/29
         ipfwadm -A out -a -P tcp -D 44.136.8.96/29
         ipfwadm -A in -a -P udp -D 44.136.8.96/29
         ipfwadm -A out -a -P udp  -D 44.136.8.96/29
         ipfwadm -A in -a -P icmp -D 44.136.8.96/29
         ipfwadm -A out -a -P icmp -D 44.136.8.96/29
         #
         # Rules for default
         ipfwadm -A in -a -P tcp -D 0/0 20
         ipfwadm -A out -a -P tcp -S 0/0 20
         ipfwadm -A in -a -P tcp -D 0/0 23
         ipfwadm -A out -a -P tcp -S 0/0 23
         ipfwadm -A in -a -P tcp -D 0/0 80
         ipfwadm -A out -a -P tcp -S 0/0 80
         ipfwadm -A in -a -P tcp -D 0/0 513
         ipfwadm -A out -a -P tcp -S 0/0 513
         ipfwadm -A in -a -P tcp -D 0/0
         ipfwadm -A out -a -P tcp -D 0/0
         ipfwadm -A in -a -P udp -D 0/0
         ipfwadm -A out -a -P udp  -D 0/0
         ipfwadm -A in -a -P icmp -D 0/0
         ipfwadm -A out -a -P icmp -D 0/0
         #
         # List the rules
         ipfwadm -A -l -n
         #

     ī  ϰ   
  ش.

  IP ī мҶ ؾ  ߿  ġϴ  꿡 
   Ż ɰ̶ ε, ׷Ƿ ٸ figure  ؼ
     ó ؾ ʿ䰡 ִ.   󸶳 
  Ͱ ftp, teln et, rlogin, www Ͱ ƴ  ˰
  ʹٸ,  Ʈ ġǴ 꿡 (ftp, telnet, rlogin,
  www) Ż ڴ.

  # ipfwadm -A -l -n
    IP accounting rules
     pkts bytes dir prot source               destination          ports
        0     0 in  tcp  0.0.0.0/0            44.136.8.96/29       * -> 20
        0     0 out tcp  44.136.8.96/29       0.0.0.0/0            20 -> *
        0     0 in  tcp  0.0.0.0/0            44.136.8.96/29       * -> 23
        0     0 out tcp  44.136.8.96/29       0.0.0.0/0            23 -> *
       10  1166 in  tcp  0.0.0.0/0            44.136.8.96/29       * -> 80
       10   572 out tcp  44.136.8.96/29       0.0.0.0/0            80 -> *
      242  9777 in  tcp  0.0.0.0/0            44.136.8.96/29       * -> 513
      220 18198 out tcp  44.136.8.96/29       0.0.0.0/0            513 -> *
      252 10943 in  tcp  0.0.0.0/0            44.136.8.96/29       * -> *
      231 18831 out tcp  0.0.0.0/0            44.136.8.96/29       * -> *
        0     0 in  udp  0.0.0.0/0            44.136.8.96/29       * -> *
        0     0 out udp  0.0.0.0/0            44.136.8.96/29       * -> *
        0     0 in  icmp 0.0.0.0/0            44.136.8.96/29       *
        0     0 out icmp 0.0.0.0/0            44.136.8.96/29       *
        0     0 in  tcp  0.0.0.0/0            0.0.0.0/0            * -> 20
        0     0 out tcp  0.0.0.0/0            0.0.0.0/0            20 -> *
        0     0 in  tcp  0.0.0.0/0            0.0.0.0/0            * -> 23
        0     0 out tcp  0.0.0.0/0            0.0.0.0/0            23 -> *
       10  1166 in  tcp  0.0.0.0/0            0.0.0.0/0            * -> 80
       10   572 out tcp  0.0.0.0/0            0.0.0.0/0            80 -> *
      243  9817 in  tcp  0.0.0.0/0            0.0.0.0/0            * -> 513
      221 18259 out tcp  0.0.0.0/0            0.0.0.0/0            513 -> *
      253 10983 in  tcp  0.0.0.0/0            0.0.0.0/0            * -> *
      231 18831 out tcp  0.0.0.0/0            0.0.0.0/0            * -> *
        0     0 in  udp  0.0.0.0/0            0.0.0.0/0            * -> *
        0     0 out udp  0.0.0.0/0            0.0.0.0/0            * -> *
        0     0 in  icmp 0.0.0.0/0            0.0.0.0/0            *
        0     0 out icmp 0.0.0.0/0            0.0.0.0/0            *
    #

  6.11.  IP ˸ƽ.

  ϳ Ʈũ  IP 巹   ִ  
  α  ִµ ̰  ϴ. ͳ  ڴ 
  ϴ w ww̳ ftp  'customized' Ѵ.

  Kernel Compile Options: Networking options  ---> ....  [*] Network
  aliasing ....  <*> IP: aliasing support

  IP ˸ƽ  Ͽ Ŀ ϰ ġ   ſ
   ϴ. ˸ƽ  Ʈũ ̽   Ʈũ
  ̽ ߰ȴ.  ̸ Ծ  ̽
  <devname>:<virtual dev num> ,  eth0:0, ppp0:10 ·
  ȴ.

  ν, ΰ δٸ IP  ÿ ϴ ̴ Ʈũ
    ִٰ ϰ ΰ η ̷Ʈ ＼ Ҽִٸ
    Ҽ ִ.

       #
          # ifconfig eth0:0 192.168.1.1 netmask 255.255.255.0 up
          # route add -net 192.168.1.0 netmask 255.255.255.0 eth0:0
          #
          # ifconfig eth0:1 192.168.10.1 netmask 255.255.255.0 up
          # route add -net 192.168.10.0 netmask 255.255.255.0
          #

  ˸ƽ  װ ̸ڿ  '-' ߰ϸ ȴ.

       # ifconfig eth0:0- 0

   ˸ƽ õ  Ʈ ڵ ̴.

  6.12.  IP ̾

  IP ̾ ̾  ̽ firewall-howto  ٷ.
  IP ̾ ͸  IPκ ͱ׷ ϴ 
    㰡  Ʈũ ＼κ ӽ ȣش.
   Ŭ  ִµ, incoming filtering, outgoing filtering,
  forwarding filtering ̴. Incoming  Ʈũ ̽κ
  ޾Ƶ̴ ͱ׷  ȴ. Outgoing  Ʈũ ̽
   ۵Ǵ ͱ׷  . Filterling  
  õ ͱ׷   ӽ   ޾Ƶ̴
  ͱ׷ ȴ.

  Kernel Compile Options: Networking options  ---> [*] Network firewalls
  ....  [*] IP: forwarding/gatewaying ....  [*] IP: firewalling [ ] IP:
  firewall packet logging

  IP ̾   ipfwadm  ؼ ̷. ̹
  ߴٽ ,   о߰ ƴϸ   Ҽ ִ
     ϴ,  ڽſ ߿ϴٸ  ΰ
  ϰ ؾ Ѵ.

  IP ̾ ϴ    㰡  Ʈũ
  ܺηκ  ＼ Ͽ ӽ ͳ ̾
  Ʈ̷ ̿   ̴.

    Arnt Gulbrandsen, <agulbra@troll.no
  <mailto:agulbra@troll.no>>  ٰ ̴.

  Ʒ   ̾׷ ׷Ͱ   ̾/
  ӽ ̾  ϰ ִ.

         -                                   -
          \                                  | 172.16.37.0
           \                                 |   /255.255.255.0
            \                 ---------      |
             |  172.16.174.30 | Linux |      |
         NET =================|  f/w  |------|    ..37.19
             |    PPP         | router|      |  --------
            /                 ---------      |--| Mail |
           /                                 |  | /DNS |
          /                                  |  --------
         -                                   -

     rc Ͽ ־ ý õɶ ڵ
   ɰ̴. ִ  ؼ ̰ Ʈũ  ڿ
  ׷ Ʈũ  غǱ , (̾ ϴ ȿ
      ° ؼ), Ǿ Ѵ.

  #!/bin/sh

  # Flush the 'Forwarding' rules table
   # Change the default policy to 'accept'
   #
   /sbin/ipfwadm -F -f
   /sbin/ipfwadm -F -p accept
   #
   #.. and for 'Incoming'
   #
   /sbin/ipfwadm -I -f
   /sbin/ipfwadm -I -p accept

  # First off, seal off the PPP interface
   # I'd love to use '-a deny' instead of '-a reject -y' but then it
   # would be impossible to originate connections on that interface too.
   # The -o causes all rejected datagrams to be logged. This trades
   # disk space against knowledge of an attack of configuration error.
   #
   /sbin/ipfwadm -I -a reject -y -o -P tcp -S 0/0 -D 172.16.174.30

  # Throw away certain kinds of obviously forged packet packets right away.
   # Nothing should come from multicast/anycast/broadcast addresses.
   #
   /sbin/ipfwadm -F -a deny -o -S 224.0/3 -D 172.16.37.0/24
   #
   # and nothing coming from the loopback network should ever be
   # seen on a wire
   /sbin/ipfwadm -F -a deny -o -S 127.0/8 -D 172.16.37.0/24

  # accept incoming SMTP and DNS connections, but only
   # to the Mail/Name Server
   #
   /sbin/ipfwadm -F -a accept -P tcp -S 0/0 -D 172.16.37.19 25 53
   #
   # DNS uses UDP as well as TCP, so allow that too
   # for question to our name server
   #
   /sbin/ipfwadm -F -a accept -P udp -S 0/0 -D 172.16.37.19 53
   #
   # but not "answers" coming to dangerous ports like NFS and
   # Larry McVoy's NFS extension. If you run squid, add its port here.
   #
   /sbin/ipfwadm -F -a deny -o -P udp -S 0/0 53 \
          -D 172.16.37.0/24 2049 2050

  # answers to other user port are okay
   #
   /sbin/ipfwadm-F -a accept -P udp -S 0/0 53 \
          -D 172.16.37.0/24 53 1024:65535

  # Reject incoming connections to identd
   # We use 'reject' here so that the connecting host is told
   # straight away not to bother continuing, otherwise we'd experience
   # delays while ident timed out.
   #
   /sbin/ipfwadm -F -a reject -o -P tcp -S 0/0 -D 172.16.37.0/24 113

  # Accept some common service connections from the 192.168.64 and
   # 192.168.65 networks, they are friends that we trust.
   #
   /sbin/ipfwadm -F -a accept -P tcp -S 192.168.64.0/23 \
          -D 172.16.37.0/24 20:23

  # accept and pass thruough anything originating inside
   #
   /sbin/ipfwadm -F -a accept -P tcp -S 172.16.37.0/24 -D 0/0

  # deny most other incoming TCP connections, and log them
   # (append 1:1023 if you have problems with ftp not working)
   #
   /sbin/ipfwadm -F -a deny -o -y - tcp -S 0/0 -D 172.16.37.0/24

  # ... for UDP too
   #
   /sbin/ipfwadm -F -a deny -o -P udp -S 0/0 -D 172.16.37.0/24

  Ǹ ̾ ϴ   ϴ.   п
  ո  ɰ̴. ipfwadm    ϴ
   ־    ̴ٰ.  ̾ ϰ
  Ѵٸ,  ϴٰ  ϴ ҽ   ̽ 
  Ʈũ ܺο ׽ũ غ  ٶ.

  6.13.  IPX (AF_IPX)

  IPX  밳 뺧 Ʈ   Ʈũ ȯ濡
  Ȱ .     ϰ , IPX
  Ʈũ  Ʈ(endpoint) Ǵ ͷ ɰ̴.

  Kernel Compile Options: Networking options  ---> [*] The IPX protocol
  [ ] Full internal IPX network

  IPX ݰ NCPFS IPX-HOWTO  ٷ.

  6.14.  IPv6

    IP Ʈũ ϱ ߴٰ Ҷ  ȴ!
  IPv6  ͳ   6   ̴. IPv6 ͳ
  ȸ Ҵ 巹 ϴٴ  غϱ ؼ ߵǾ.
  IPv6   32byte(128bit) ̴. IPv6 ٸ 
  ϰ ִµ 밳 ȭ Ѱ̰ ̰ IPv4  IPv6
  ٷ    .

   2.1.* Ŀο IPv6 ϰ  Ѱ ƴϴ.

  ż ͳ  ϰ ʹٸ, Ǵ ̰ ʿϴٸ,
  www.terra.  net Ҽִ IPv6-FAQ о ٶ.
  <www.terra.net/ipv6/ <http://www.terra.net/ipv6/>>.

   7 23  øϴ.      Ʈ
  sudoer@nownuri.net <mailto:sudoer@nownuri.net> ֽñ ٶϴ.

