\u663c\u98ef\u3092\u8cb7\u3044\u306b\u884c\u304f\u3064\u3044\u3067\u306b\u3001\u5199\u771f\u3067\u3082\u53d6\u308d\u3046\u3068\u4e00\u773c\u30ec\u30d5\u3092\u6301\u3063\u3066\u3044\u3063\u305f\u3051\u3069\u3001\u4eba\u306e\u591a\u3055\u306b\u5acc\u6c17\u304c\u3055\u3057\u305f\u306e\u3067\u3001\u3055\u3093\u307e\u3060\u3051\u8cb7\u3063\u3066\u5e30\u3063\u3066\u304d\u307e\u3057\u305f\u3002<\/p>\n
<\/p>\n
\u305f\u3051\u3051\u3093\u3055\u3093\u306f\u5927\u5b66\u306b\u5165\u3063\u3066\u304b\u3089\u5927\u4e8c\u75c5\u3092\u60a3\u3046\u307e\u3067\u306f\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u306e\u4ed5\u4e8b\u304c\u3057\u305f\u304b\u3063\u305f\u306e\u3067\u3001\u3080\u304b\u3057\u306eTCP\/IP\u306e\u672c\u304c\u305d\u3053\u305d\u3053\u3042\u308b\u306e\u3067\u3059\u3002
\n\u8863\u66ff\u3048\u306e\u3064\u3044\u3067\u306b\u672c\u3082\u89e6\u3063\u3066\u305f\u3093\u3060\u3051\u3069\u3001\u3055\u3059\u304c\u306bTCP\/IP\u306e\u4e2d\u8eab\u306f\u5909\u308f\u3089\u306a\u3044\u306e\u3067\u3001\u6700\u521d\u306f\u51e6\u5206\u3057\u3088\u3046\u3068\u601d\u3063\u3066\u305f\u3093\u3060\u3051\u3069\u3001\u7d50\u69cb\u8aad\u3093\u3067\u3057\u307e\u3063\u305f\u3002<\/p>\n
\u305d\u3093\u306a\u611f\u3058\u3067\u3001tcpdump\u306b\u3064\u3044\u3066\u8abf\u3079\u3088\u3046\u3068\u601d\u3063\u3066\u305f\u3068\u3053\u308d\u3067\u3061\u3087\u3046\u3069\u3088\u3055\u3052\u306a\u5185\u5bb9\u304c\u3042\u3063\u305f\u306e\u3067\u3061\u3087\u3063\u3068\u3084\u3063\u3066\u307f\u305f\u3002<\/p>\n
\u672c\u3092\u6368\u3066\u305a\u306b\u7f6e\u3044\u3066\u3044\u305f\u306e\u3082\u3059\u3054\u3044\u3053\u3068\u3060\u304c\u3001\u4eca\u306b\u306a\u3063\u3066\u5f79\u306b\u7acb\u3064\u3068\u306f\u3053\u306e\u672c\u3092\u8cb7\u3063\u305f\u5f53\u6642\u306e\u81ea\u5206\u306b\u306f\u60f3\u50cf\u3082\u3064\u304b\u3093\u3060\u308d\u3046\u3002
\n\u3046\u3080\u3001\u3088\u3044\u3053\u3068\u3067\u3059\u3002<\/p>\n
<\/p>\n
\u5b9f\u9a13\u306e\u305f\u3081\u306b\u524d\u306b\u4f5c\u3063\u3066\u3044\u305fVM\u30922\u500b\u7acb\u3061\u4e0a\u3052\u308b\u3002
\nfreebsd\u3068Scientific\u3067\u3059\u3002<\/p>\n
\u3069\u3046\u305b\u306a\u306e\u3067FreeBSD\u5074\u304c\u53d7\u4fe1\u5074\uff08tcpdump\u3057\u305f\u65b9\uff09\u3067Scientific\u5074\u304c\u9001\u4fe1\u5074\u306b\u3057\u3088\u3046\u3002<\/p>\n
\u3055\u304f\u3063\u3068\u7d42\u308f\u308b\u3068\u601d\u3063\u305f\u3089\u3001\u6700\u521d\u3060\u304b\u3089\u304b\uff08\u3093\u306a\u308f\u3051\u306d\u30fc\uff09ping\u304c\u901a\u3089\u306a\u3044\u3002<\/p>\n
$ ping 192.168.24.180\r\nPING 192.168.24.180 (192.168.24.180) 56(84) bytes of data.\r\n^C\r\n--- 192.168.24.180 ping statistics ---\r\n12 packets transmitted, 0 received, 100% packet loss, time 11136ms<\/pre>\nipf.rules\u3092\u898b\u308b\u3068\u901a\u3055\u306a\u3044\u3088\u3046\u306b\u3057\u3066\u3044\u305f\u3088\u3046\u3060\u3002<\/p>\n
block in log quick proto icmp all group 100\r\npass in log quick proto icmp all icmp-type 0 group 100<\/pre>\nPASS\u306b\u66f8\u304d\u63db\u3048\u305f\u3002<\/p>\n
pass in log quick proto icmp all group 100\r\npass in log quick proto icmp all icmp-type 0 group 100<\/pre>\n\u30eb\u30fc\u30eb\u3092\u9069\u7528\u3057\u3088\u3046\u3002<\/p>\n
% ipf -Fa -Z -f \/etc\/ipf.rules\r\nbad packets:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 in 0\u00a0\u00a0\u00a0 out 0\r\n\u00a0input packets:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 blocked 243 passed 3028 nomatch 0 counted 0\r\noutput packets:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 blocked 0 passed 2101 nomatch 3 counted 0\r\n\u00a0input packets logged:\u00a0 blocked 105 passed 0\r\noutput packets logged:\u00a0 blocked 0 passed 0\r\n\u00a0packets logged:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 input 0-0 output 0-0\r\nunknown name \"***.***.***.***\"\r\nunknown name \"***.***.***.***\"<\/pre>\n\u3053\u3093\u3069\u306f\u901a\u308a\u307e\u3057\u305f\u3002<\/p>\n
$ ping 192.168.24.180\r\nPING 192.168.24.180 (192.168.24.180) 56(84) bytes of data.\r\n64 bytes from 192.168.24.180: icmp_seq=1 ttl=64 time=0.191 ms\r\n64 bytes from 192.168.24.180: icmp_seq=2 ttl=64 time=0.762 ms\r\n64 bytes from 192.168.24.180: icmp_seq=3 ttl=64 time=0.647 ms\r\n^C\r\n--- 192.168.24.180 ping statistics ---\r\n3 packets transmitted, 3 received, 0% packet loss, time 2280ms\r\nrtt min\/avg\/max\/mdev = 0.191\/0.533\/0.762\/0.247 ms<\/pre>\n\u3067\u306fdump\u3057\u3066\u307f\u305f\u3093\u3060\u3051\u3069\u3001\u306a\u3093\u3060\u3053\u308a\u3083\uff01\u306a\u3093\u304b\u601d\u3063\u3066\u305f\u306e\u3068\u9055\u3046\u30fb\u30fb\u30fb<\/p>\n
% tcpdump -s 1 -i em0\r\ntcpdump: verbose output suppressed, use -v or -vv for full protocol decode\r\nlistening on em0, link-type EN10MB (Ethernet), capture size 1 bytes\r\n12:51:24.603812 [|ether]\r\n12:51:24.603820 [|ether]\r\n12:51:24.933780 [|ether]\r\n12:51:24.933918 [|ether]\r\n12:51:24.936318 [|ether]\r\n12:51:24.986176 [|ether]<\/pre>\n<\/p>\n
\u3088\u304f\u3042\u308b\u4e8b\u3060\u304cFreebsd\u3068Linux\u3067\u306f\u30aa\u30d7\u30b7\u30e7\u30f3\u304c\u9055\u3046\u307f\u305f\u3044\u306a\u306e\u3067\u3001\u30aa\u30d7\u30b7\u30e7\u30f3\u3092\u8abf\u3079\u308b\u306e\u306b\u3061\u3087\u3063\u3068\u6642\u9593\u304c\u304b\u304b\u3063\u305f\u3051\u3069\u3001\u307b\u3057\u3044\u60c5\u5831\u306f\u3068\u308c\u305f\u3002<\/p>\n
% tcpdump -s 0 -X -l -i em0 -p icmp\r\ntcpdump: verbose output suppressed, use -v or -vv for full protocol decode\r\nlistening on em0, link-type EN10MB (Ethernet), capture size 65535 bytes\r\n12:54:25.584215 IP 192.168.24.60 > 192.168.24.180: ICMP echo request, id 44584, seq 1, length 64\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 0x0000:\u00a0 4500 0054 0000 4000 4001 8868 c0a8 183c\u00a0 E..T..@.@..h...<\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 0x0010:\u00a0 c0a8 18b4 0800 0131 ae28 0001 71db 3c53\u00a0 .......1.(..q.<S\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 0x0020:\u00a0 0000 0000 d3a3 0800 0000 0000 1011 1213\u00a0 ................\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 0x0030:\u00a0 1415 1617 1819 1a1b 1c1d 1e1f 2021 2223\u00a0 .............!\"#\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 0x0040:\u00a0 2425 2627 2829 2a2b 2c2d 2e2f 3031 3233\u00a0 $%&'()*+,-.\/0123\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 0x0050:\u00a0 3435 3637\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 4567\r\n12:54:25.584257 IP 192.168.24.180 > 192.168.24.60: ICMP echo reply, id 44584, seq 1, length 64\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 0x0000:\u00a0 4500 0054 24cc 4000 4001 639c c0a8 18b4\u00a0 E..T$.@.@.c.....\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 0x0010:\u00a0 c0a8 183c 0000 0931 ae28 0001 71db 3c53\u00a0 ...<...1.(..q.<S\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 0x0020:\u00a0 0000 0000 d3a3 0800 0000 0000 1011 1213\u00a0 ................\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 0x0030:\u00a0 1415 1617 1819 1a1b 1c1d 1e1f 2021 2223\u00a0 .............!\"#\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 0x0040:\u00a0 2425 2627 2829 2a2b 2c2d 2e2f 3031 3233\u00a0 $%&'()*+,-.\/0123\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 0x0050:\u00a0 3435 3637\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 4567<\/pre>\n\u3053\u308c\u3060\u3088\u3001\u3053\u308c\u3002<\/p>\n
\u305d\u308c\u3067\u306fIP\u30d8\u30c3\u30c0\u30fc\u30d5\u30a9\u30fc\u30de\u30c3\u30c8\u3068\u6bd4\u3079\u3066\u307f\u3088\u3046\u304b\u3002<\/p>\n
1\u30d0\u30a4\u30c8\u76ee\u304c45\u3001IP\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u304c4\u3067\u3001IP\u30d8\u30c3\u30c0\u306e\u9577\u3055\u304c5\u3060\u3002
\n4×5\u306e20\u304cIP\u30d8\u30c3\u30c0\u9577\u3068\u306a\u308b\u3088\u3046\u3060\u3002<\/p>\nIP\u30d8\u30c3\u30c0\u306e10\u30d0\u30a4\u30c8\u76ee\u304c01\u306a\u306e\u3067\u3001ICMP\u3063\u3066\u3053\u3068\u304c\u5206\u304b\u308b\u3002<\/p>\n
IP\u30d8\u30c3\u30c0\u9577\u306f20\u30d0\u30a4\u30c8\u306a\u306e\u3067\u3001ICMP\u30d8\u30c3\u30c0\u306e\u5148\u982d\u306f21\u30d0\u30a4\u30c8\u76ee\u3002
\nICMP\u30e1\u30c3\u30bb\u30fc\u30b8\u306e\u7a2e\u985e\u3092\u793a\u3059\u30bf\u30a4\u30d7\u756a\u53f7\u304b\u3089\u59cb\u307e\u308b\u306e\u306708\u306f\u30e1\u30c3\u30bb\u30fc\u30b8\u756a\u53f7\u3068\u306a\u3063\u3066<\/p>\n8 \u00a0\u00a0 \u00a0\u30a8\u30b3\u30fc\u8981\u6c42\uff08echo request\uff09\u306a\u306e\u3067\u9593\u9055\u3044\u306a\u3044\u3002<\/p>\n
\u5fdc\u7b54\u5074\u306e21\u30d0\u30a4\u30c8\u76ee\u3092\u898b\u3066\u307f\u308b\u306800\u3060\u3002<\/p>\n
0 \u00a0\u00a0\u00a0 \u30a8\u30b3\u30fc\u5fdc\u7b54\uff08echo reply\uff09\u306a\u306e\u3067\u3001\u3053\u3061\u3089\u3082\u3061\u3083\u3093\u3068\u5408\u3063\u3066\u3044\u3066\u554f\u984c\u306a\u3044\u3002<\/p>\n
<\/p>\n
\u30d8\u30c3\u30c0\u30fc\u30d5\u30a9\u30fc\u30de\u30c3\u30c8\u306f\u3053\u3093\u306a\u5177\u5408\u306b\u898b\u3066\u3044\u304f\u3088\u3046\u3060\u306d\u3002\u3046\u3093\u3001\u52c9\u5f37\u306b\u306a\u3063\u305f\u3002<\/p>\n
<\/p>\n
\u3053\u306e\u611f\u52d5\u306f\u307e\u308b\u3067\u305a\u3044\u3076\u3093\u3068\u524d\u306b\u8cb7\u3063\u305f\u672c\u3092\u8aad\u3093\u3067\u611f\u52d5\u3057\u305f\u6642\u306e\u3088\u3046\u3060\u306a\u3002
\n\u3093\uff1f\u305f\u3068\u3048\u306b\u306a\u3063\u3066\u306a\u3044\uff1f<\/p>\n\u3088\u304f\u6c17\u3065\u3044\u305f\u306a\u3002<\/p>\n
<\/p>\n
\u3067\u306f\u305b\u3063\u304b\u304f\u306a\u306e\u3067TCP\u3067\u3082\u8efd\u304f\u3060\u3051\u3084\u3063\u3066\u307f\u3088\u3046\u3002<\/p>\n
13:31:41.800270 IP 192.168.24.60.52534 > 192.168.24.180.ssh: Flags [P.], seq 0:21, ack 50, win 229, options [nop,nop,TS val 8365109 ecr 1318760935], length 21\r\n 0x0000: 4500 0049 88a6 4000 4006 ffc7 c0a8 183c E..I..@.@......<\r\n 0x0010: c0a8 18b4 cd36 0016 6f0c 2c8e e252 2113 .....6..o.,..R!.\r\n 0x0020: 8018 00e5 f14d 0000 0101 080a 007f a435 .....M.........5\r\n 0x0030: 4e9a b1e7 5353 482d 322e 302d 4f70 656e N...SSH-2.0-Open\r\n 0x0040: 5353 485f 352e 330d 0a SSH_5.3..<\/pre>\n\u3055\u3063\u304d\u3068\u540c\u3058\u304f20\u30d0\u30a4\u30c8\u304cIP\u30d8\u30c3\u30c0\u3063\u3066\u306e\u306f\u4e00\u7dd2\u3060\u306d\u3002\u3060\u3051\u3069\u4eca\u56de\u306f10\u30d0\u30a4\u30c8\u76ee\u304c6\u306a\u306e\u3067TCP\u3060\u3063\u3066\u3053\u3068\u304c\u5206\u304b\u308b\u3002<\/p>\n
21\u30d0\u30a4\u30c8\u76ee\u304b\u3089\u304cTCP\u30d8\u30c3\u30c0\u3063\u3066\u3053\u3068\u3060\u306a\u3002
\nTCP\u30d8\u30c3\u30c0\u30d5\u30a9\u30fc\u30de\u30c3\u30c8\u3068\u5408\u308f\u305b\u3066\u307f\u3066\u307f\u308b\u3068\u3001\u6700\u521d\u306e2\u30d0\u30a4\u30c8\u306fsrc\u5074\u306e\u30dd\u30fc\u30c8\u756a\u53f7\u306a\u306e\u3067\u3001cd36\u309210\u9032\u6570\u306b\u3057\u3066\u307f\u308b\u306852534\u3002\u6b21\u306e2\u30d0\u30a4\u30c8\u304cdst\u5074\u306e\u30dd\u30fc\u30c8\u756a\u53f7\u306a\u306e\u3067\u30010016\u309210\u9032\u6570\u306b\u3059\u308b\u306822\u306a\u306e\u3067\u3001\u3053\u308c\u306fssh\u306e\u30dd\u30fc\u30c8\u3068\u4e00\u81f4\u3057\u307e\u3059\u306a\u3002<\/p>\n\u7d9a\u3044\u3066\u30b7\u30fc\u30b1\u30f3\u30b7\u30e3\u30eb\u756a\u53f7\u3068\u7d9a\u3044\u3066\u3044\u304f\u308f\u3051\u3067\u3042\u308b\u3002
\n\u3053\u3053\u307e\u3067\u306b\u3057\u3088\u3046\u304b\u306a\u3002\u3051\u3063\u3057\u3066\u3081\u3093\u3069\u304f\u3055\u3044\u308f\u3051\u3067\u306a\u3044\u3088\u3063\u3068\u3002<\/p>\n