svn commit: r51445 - head/ja_JP.eucJP/books/handbook/security

Ryusuke SUZUKI ryusuke at FreeBSD.org
Sun Feb 25 00:19:06 UTC 2018


Author: ryusuke
Date: Sun Feb 25 00:19:05 2018
New Revision: 51445
URL: https://svnweb.freebsd.org/changeset/doc/51445

Log:
  - Merge the following from the English version:
  
  	r42266 -> r42267	head/ja_JP.eucJP/books/handbook/security/chapter.xml

Modified:
  head/ja_JP.eucJP/books/handbook/security/chapter.xml

Modified: head/ja_JP.eucJP/books/handbook/security/chapter.xml
==============================================================================
--- head/ja_JP.eucJP/books/handbook/security/chapter.xml	Sat Feb 24 08:34:51 2018	(r51444)
+++ head/ja_JP.eucJP/books/handbook/security/chapter.xml	Sun Feb 25 00:19:05 2018	(r51445)
@@ -3,7 +3,7 @@
      The FreeBSD Documentation Project
      The FreeBSD Japanese Documentation Project
 
-     Original revision: r42266
+     Original revision: r42267
      $FreeBSD$
 -->
 <chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="security">
@@ -2705,61 +2705,63 @@ device    crypto</screen>
 	</listitem>
       </itemizedlist>
 
-    <sect3>
-      <info><title>&os; ¾å¤Ç IPsec ¤òÀßÄꤹ¤ë¡£</title>
-	<authorgroup>
-	  <author>
-	    <personname>
-	      <firstname>Tom</firstname>
-	      <surname>Rhodes</surname>
-	    </personname>
-	    <affiliation>
-	      <address><email>trhodes at FreeBSD.org</email></address>
-	    </affiliation>
-	    <contrib>´ó¹Æ: </contrib>
-	  </author>
-	</authorgroup>
-      </info>
+      <sect3>
+	<info>
+	  <title>&os; ¾å¤Ç IPsec ¤òÀßÄꤹ¤ë¡£</title>
+	  <authorgroup>
+	    <author>
+	      <personname>
+		<firstname>Tom</firstname>
+		<surname>Rhodes</surname>
+	      </personname>
+	      <affiliation>
+		<address><email>trhodes at FreeBSD.org</email></address>
+	      </affiliation>
+	      <contrib>´ó¹Æ: </contrib>
+	    </author>
+	  </authorgroup>
+	</info>
 
-      <para>ºÇ½é¤Ë Ports Collection ¤«¤é
-	<filename role="package">security/ipsec-tools</filename>
-	¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤Æ¤¯¤À¤µ¤¤¡£
-	¤³¤Î¥½¥Õ¥È¥¦¥§¥¢¤Ï¡¢
-	ÀßÄê¤ò¥µ¥Ý¡¼¥È¤¹¤ë¿ô¿¤¯¤Î¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤òÄ󶡤·¤Þ¤¹¡£</para>
+	<para>ºÇ½é¤Ë Ports Collection ¤«¤é
+	  <filename role="package">security/ipsec-tools</filename>
+	  ¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤Æ¤¯¤À¤µ¤¤¡£
+	  ¤³¤Î¥½¥Õ¥È¥¦¥§¥¢¤Ï¡¢
+	  ÀßÄê¤ò¥µ¥Ý¡¼¥È¤¹¤ë¿ô¿¤¯¤Î¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤òÄ󶡤·¤Þ¤¹¡£</para>
 
-      <para>¼¡¤Ë¡¢¥Ñ¥±¥Ã¥È¤ò¥È¥ó¥Í¥ê¥ó¥°¤·¡¢
-	ξÊý¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤¬Å¬ÀÚ¤ËÄÌ¿®¤¹¤ë¤è¤¦¤Ë¡¢
-	2 ¤Ä¤Î &man.gif.4; µ¿»÷¥Ç¥Ð¥¤¥¹¤òºîÀ®¤·¤Þ¤¹¡£
-	<systemitem class="username">root</systemitem>
-	¸¢¸Â¤Ç°Ê²¼¤Î¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤·¤Æ¤¯¤À¤µ¤¤¡£
-	¤¿¤À¤·¡¢¼Â¹Ô¤¹¤ëºÝ¤Ë¤Ï¡¢°Ê²¼¤Î¥³¥Þ¥ó¥É¤ÎÃæ¤Î
-	<replaceable>internal</replaceable> ¤ª¤è¤Ó
-	<replaceable>external</replaceable> ¤ò¡¢
-	2 ¤Ä¤Î¥²¡¼¥È¥¦¥§¥¤¤ÎÆâÉô¤ª¤è¤Ó³°Éô¥¤¥ó¥¿¥Õ¥§¡¼¥¹¤Î¼ÂºÝ¤Î
-	IP ¥¢¥É¥ì¥¹¤ËÃÖ¤­´¹¤¨¤Æ¤¯¤À¤µ¤¤¡£</para>
+	<para>¼¡¤Ë¡¢¥Ñ¥±¥Ã¥È¤ò¥È¥ó¥Í¥ê¥ó¥°¤·¡¢
+	  ξÊý¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤¬Å¬ÀÚ¤ËÄÌ¿®¤¹¤ë¤è¤¦¤Ë¡¢
+	  2 ¤Ä¤Î &man.gif.4; µ¿»÷¥Ç¥Ð¥¤¥¹¤òºîÀ®¤·¤Þ¤¹¡£
+	  <systemitem class="username">root</systemitem>
+	  ¸¢¸Â¤Ç°Ê²¼¤Î¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤·¤Æ¤¯¤À¤µ¤¤¡£
+	  ¤¿¤À¤·¡¢¼Â¹Ô¤¹¤ëºÝ¤Ë¤Ï¡¢°Ê²¼¤Î¥³¥Þ¥ó¥É¤ÎÃæ¤Î
+	  <replaceable>internal</replaceable> ¤ª¤è¤Ó
+	  <replaceable>external</replaceable> ¤ò¡¢
+	  2 ¤Ä¤Î¥²¡¼¥È¥¦¥§¥¤¤ÎÆâÉô¤ª¤è¤Ó³°Éô¥¤¥ó¥¿¥Õ¥§¡¼¥¹¤Î¼ÂºÝ¤Î
+	  IP ¥¢¥É¥ì¥¹¤ËÃÖ¤­´¹¤¨¤Æ¤¯¤À¤µ¤¤¡£</para>
 
-      <screen>&prompt.root; <userinput>ifconfig gif0 create</userinput></screen>
+	<screen>&prompt.root; <userinput>ifconfig gif0 create</userinput></screen>
 
-      <screen>&prompt.root; <userinput>ifconfig gif0 <replaceable>internal1 internal2</replaceable></userinput></screen>
+	<screen>&prompt.root; <userinput>ifconfig gif0 <replaceable>internal1 internal2</replaceable></userinput></screen>
 
-      <screen>&prompt.root; <userinput>ifconfig gif0 tunnel <replaceable>external1 external2</replaceable></userinput></screen>
+	<screen>&prompt.root; <userinput>ifconfig gif0 tunnel <replaceable>external1 external2</replaceable></userinput></screen>
 
-      <para>¤³¤ÎÎã¤Ç¤Ï¡¢²ñ¼Ò¤Î <acronym>LAN</acronym> ¤Î³°Éô
-	<acronym>IP</acronym> ¥¢¥É¥ì¥¹¤ò
-	<systemitem class="ipaddress">172.16.5.4</systemitem>¡¢
-	ÆâÉô <acronym>IP</acronym> ¥¢¥É¥ì¥¹¤ò
-	<systemitem class="ipaddress">10.246.38.1</systemitem>
-	¤È¤·¤Þ¤¹¡£¤Þ¤¿¡¢²ÈÄí
-	<acronym>LAN</acronym> ¤Î³°Éô <acronym>IP</acronym> ¥¢¥É¥ì¥¹¤ò
-	<systemitem class="ipaddress">192.168.1.12</systemitem>¡¢
-	ÆâÉô¤Î¥×¥é¥¤¥Ù¡¼¥È <acronym>IP</acronym> ¥¢¥É¥ì¥¹¤ò
-	<systemitem class="ipaddress">10.0.0.5</systemitem>
-	¤È¤·¤Þ¤¹¡£</para>
+	<para>¤³¤ÎÎã¤Ç¤Ï¡¢²ñ¼Ò¤Î <acronym>LAN</acronym> ¤Î³°Éô
+	  <acronym>IP</acronym> ¥¢¥É¥ì¥¹¤ò
+	  <systemitem class="ipaddress">172.16.5.4</systemitem>¡¢
+	  ÆâÉô <acronym>IP</acronym> ¥¢¥É¥ì¥¹¤ò
+	  <systemitem class="ipaddress">10.246.38.1</systemitem>
+	  ¤È¤·¤Þ¤¹¡£¤Þ¤¿¡¢²ÈÄí
+	  <acronym>LAN</acronym> ¤Î³°Éô <acronym>IP</acronym> ¥¢¥É¥ì¥¹¤ò
+	  <systemitem class="ipaddress">192.168.1.12</systemitem>¡¢
+	  ÆâÉô¤Î¥×¥é¥¤¥Ù¡¼¥È <acronym>IP</acronym> ¥¢¥É¥ì¥¹¤ò
+	  <systemitem class="ipaddress">10.0.0.5</systemitem>
+	  ¤È¤·¤Þ¤¹¡£</para>
 
-      <para>¤³¤ÎÀâÌÀ¤Çʬ¤«¤ê¤Ë¤¯¤¤¾ì¹ç¤Ï¡¢°Ê²¼¤Î
-	&man.ifconfig.8; ¥³¥Þ¥ó¥É¤Î½ÐÎÏÎã¤ò¤´Í÷¤¯¤À¤µ¤¤¡£</para>
+	<para>¤³¤ÎÀâÌÀ¤Çʬ¤«¤ê¤Ë¤¯¤¤¾ì¹ç¤Ï¡¢°Ê²¼¤Î
+	  &man.ifconfig.8; ¥³¥Þ¥ó¥É¤Î½ÐÎÏÎã¤ò¤´Í÷¤¯¤À¤µ¤¤¡£</para>
 
-      <programlisting>Gateway 1:
+	<programlisting>Gateway 1:
+
 gif0: flags=8051 mtu 1280
 tunnel inet 172.16.5.4 --> 192.168.1.12
 inet6 fe80::2e0:81ff:fe02:5881%gif0 prefixlen 64 scopeid 0x6
@@ -2772,11 +2774,11 @@ tunnel inet 192.168.1.12 --> 172.16.5.4
 inet 10.0.0.5 --> 10.246.38.1 netmask 0xffffff00
 inet6 fe80::250:bfff:fe3a:c1f%gif0 prefixlen 64 scopeid 0x4</programlisting>
 
-      <para>ÀßÄ꤬´°Î»¤·¤¿¤é¡¢Î¾Êý¤ÎÆâÉô <acronym>IP</acronym>
-	¥¢¥É¥ì¥¹¤Ï¡¢&man.ping.8;
-	¤ÇÅþã¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤Ï¤º¤Ç¤¹¡£</para>
+	<para>ÀßÄ꤬´°Î»¤·¤¿¤é¡¢Î¾Êý¤ÎÆâÉô <acronym>IP</acronym>
+	  ¥¢¥É¥ì¥¹¤Ï¡¢&man.ping.8;
+	  ¤ÇÅþã¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤Ï¤º¤Ç¤¹¡£</para>
 
-      <programlisting>priv-net# ping 10.0.0.5
+	<programlisting>priv-net# ping 10.0.0.5
 PING 10.0.0.5 (10.0.0.5): 56 data bytes
 64 bytes from 10.0.0.5: icmp_seq=0 ttl=64 time=42.786 ms
 64 bytes from 10.0.0.5: icmp_seq=1 ttl=64 time=19.255 ms
@@ -2797,27 +2799,26 @@ PING 10.246.38.1 (10.246.38.1): 56 data bytes
 5 packets transmitted, 5 packets received, 0% packet loss
 round-trip min/avg/max/stddev = 28.106/94.594/154.524/49.814 ms</programlisting>
 
-      <para>ͽÁÛÄ̤ꡢ¥×¥é¥¤¥Ù¡¼¥È¥¢¥É¥ì¥¹¤ò»È¤Ã¤Æ¡¢
-	ξÊý¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤«¤é <acronym>ICMP</acronym>
-	¥Ñ¥±¥Ã¥È¤òÁ÷¼õ¿®¤Ç¤­¤Þ¤¹¡£
-	¼¡¤Ë¡¢¤É¤Á¤é¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤«¤é¤â¥á¥Ã¥»¡¼¥¸¤òÁ÷¿®¤Ç¤­¤ë¤è¤¦¤Ë¡¢
-	¥Ñ¥±¥Ã¥È¤Î¥ë¡¼¥Æ¥£¥ó¥°¾ðÊó¤ò
-	ξÊý¤Î¥²¡¼¥È¥¦¥§¥¤¤ËÀßÄꤹ¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
-	¤³¤ì¤Ï°Ê²¼¤Î¥³¥Þ¥ó¥É¤ÇÀßÄê¤Ç¤­¤Þ¤¹¡£</para>
+	<para>ͽÁÛÄ̤ꡢ¥×¥é¥¤¥Ù¡¼¥È¥¢¥É¥ì¥¹¤ò»È¤Ã¤Æ¡¢
+	  ξÊý¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤«¤é <acronym>ICMP</acronym>
+	  ¥Ñ¥±¥Ã¥È¤òÁ÷¼õ¿®¤Ç¤­¤Þ¤¹¡£
+	  ¼¡¤Ë¡¢¤É¤Á¤é¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤«¤é¤â¥á¥Ã¥»¡¼¥¸¤òÁ÷¿®¤Ç¤­¤ë¤è¤¦¤Ë¡¢
+	  ¥Ñ¥±¥Ã¥È¤Î¥ë¡¼¥Æ¥£¥ó¥°¾ðÊó¤òξÊý¤Î¥²¡¼¥È¥¦¥§¥¤¤ËÀßÄꤹ¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
+	  ¤³¤ì¤Ï°Ê²¼¤Î¥³¥Þ¥ó¥É¤ÇÀßÄê¤Ç¤­¤Þ¤¹¡£</para>
 
-      <screen>&prompt.root; <userinput>corp-net# route add <replaceable>10.0.0.0 10.0.0.5 255.255.255.0</replaceable></userinput></screen>
+	<screen>&prompt.root; <userinput>corp-net# route add <replaceable>10.0.0.0 10.0.0.5 255.255.255.0</replaceable></userinput></screen>
 
-      <screen>&prompt.root; <userinput>corp-net# route add net <replaceable>10.0.0.0: gateway 10.0.0.5</replaceable></userinput></screen>
+	<screen>&prompt.root; <userinput>corp-net# route add net <replaceable>10.0.0.0: gateway 10.0.0.5</replaceable></userinput></screen>
 
-      <screen>&prompt.root; <userinput>priv-net# route add <replaceable>10.246.38.0 10.246.38.1 255.255.255.0</replaceable></userinput></screen>
+	<screen>&prompt.root; <userinput>priv-net# route add <replaceable>10.246.38.0 10.246.38.1 255.255.255.0</replaceable></userinput></screen>
 
-      <screen>&prompt.root; <userinput>priv-net# route add host <replaceable>10.246.38.0: gateway 10.246.38.1</replaceable></userinput></screen>
+	<screen>&prompt.root; <userinput>priv-net# route add host <replaceable>10.246.38.0: gateway 10.246.38.1</replaceable></userinput></screen>
 
-      <para>¤³¤ì¤Ç¡¢¥Í¥Ã¥È¥ï¡¼¥¯Æâ¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Ï¡¢
-	¥²¡¼¥È¥¦¥§¥¤¤ª¤è¤Ó¥²¡¼¥È¥¦¥§¥¤¤Î±ü¤Î¥³¥ó¥Ô¥å¡¼¥¿¤«¤éÅþã²Äǽ¤È¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£
-	¤â¤¦°ìÅÙ &man.ping.8; ¤Ç³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+	<para>¤³¤ì¤Ç¡¢¥Í¥Ã¥È¥ï¡¼¥¯Æâ¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Ï¡¢
+	  ¥²¡¼¥È¥¦¥§¥¤¤ª¤è¤Ó¥²¡¼¥È¥¦¥§¥¤¤Î±ü¤Î¥³¥ó¥Ô¥å¡¼¥¿¤«¤éÅþã²Äǽ¤È¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£
+	  ¤â¤¦°ìÅÙ &man.ping.8; ¤Ç³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
 
-      <programlisting>corp-net# ping 10.0.0.8
+	<programlisting>corp-net# ping 10.0.0.8
 PING 10.0.0.8 (10.0.0.8): 56 data bytes
 64 bytes from 10.0.0.8: icmp_seq=0 ttl=63 time=92.391 ms
 64 bytes from 10.0.0.8: icmp_seq=1 ttl=63 time=21.870 ms
@@ -2839,15 +2840,15 @@ PING 10.246.38.1 (10.246.38.107): 56 data bytes
 5 packets transmitted, 5 packets received, 0% packet loss
 round-trip min/avg/max/stddev = 21.145/31.721/53.491/12.179 ms</programlisting>
 
-      <para>¥È¥ó¥Í¥ê¥ó¥°¤ÎÀßÄê¤Ï°Ê¾å¤Î¤è¤¦¤Ë´Êñ¤Ç¤¹¤¬¡¢
-	¥ê¥ó¥¯¤ò°ÂÁ´¤Ë¤¹¤ë¤Ë¤Ï¡¢¤â¤¦¾¯¤··¡¤ê²¼¤²¤¿ÀßÄ꤬ɬÍפȤʤê¤Þ¤¹¡£
-	°Ê²¼¤ÎÀßÄê¤Ç¤Ï¡¢»öÁ°¶¦Í­ (<acronym>PSK</acronym>)
-	<acronym>RSA</acronym> ¸°¤ò»È¤¤¤Þ¤¹¡£
-	<acronym>IP</acronym> ¥¢¥É¥ì¥¹¤ò½ü¤±¤Ð¡¢Î¾Êý¤Î¥²¡¼¥È¥¦¥§¥¤¤Î
-	<filename>/usr/local/etc/racoon/racoon.conf</filename>
-	¤ÏƱ¤¸¤Ç¡¢°Ê²¼¤Î¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£</para>
+	<para>¥È¥ó¥Í¥ê¥ó¥°¤ÎÀßÄê¤Ï°Ê¾å¤Î¤è¤¦¤Ë´Êñ¤Ç¤¹¤¬¡¢
+	  ¥ê¥ó¥¯¤ò°ÂÁ´¤Ë¤¹¤ë¤Ë¤Ï¡¢¤â¤¦¾¯¤··¡¤ê²¼¤²¤¿ÀßÄ꤬ɬÍפȤʤê¤Þ¤¹¡£
+	  °Ê²¼¤ÎÀßÄê¤Ç¤Ï¡¢»öÁ°¶¦Í­ (<acronym>PSK</acronym>)
+	  <acronym>RSA</acronym> ¸°¤ò»È¤¤¤Þ¤¹¡£
+	  <acronym>IP</acronym> ¥¢¥É¥ì¥¹¤ò½ü¤±¤Ð¡¢Î¾Êý¤Î¥²¡¼¥È¥¦¥§¥¤¤Î
+	  <filename>/usr/local/etc/racoon/racoon.conf</filename>
+	  ¤ÏƱ¤¸¤Ç¡¢°Ê²¼¤Î¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£</para>
 
-      <programlisting>path    pre_shared_key  "/usr/local/etc/racoon/psk.txt"; #location of pre-shared key file
+	<programlisting>path    pre_shared_key  "/usr/local/etc/racoon/psk.txt"; #location of pre-shared key file
 log     debug;	#log verbosity setting: set to 'notify' when testing and debugging is complete
 
 padding	# options are not to be changed
@@ -2905,37 +2906,37 @@ sainfo  (address 10.246.38.0/24 any address 10.0.0.0/2
         compression_algorithm   deflate;
 }</programlisting>
 
-      <para>ÍøÍѲÄǽ¤Ê¥ª¥×¥·¥ç¥ó¤ÎÀâÌÀ¤Ë¤Ä¤¤¤Æ¤Ï¡¢
-	<application>racoon</application>
-	¤Î¥Þ¥Ë¥å¥¢¥ë¥Ú¡¼¥¸¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+	<para>ÍøÍѲÄǽ¤Ê¥ª¥×¥·¥ç¥ó¤ÎÀâÌÀ¤Ë¤Ä¤¤¤Æ¤Ï¡¢
+	  <application>racoon</application>
+	  ¤Î¥Þ¥Ë¥å¥¢¥ë¥Ú¡¼¥¸¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
 
-      <para>&os; ¤ª¤è¤Ó <application>racoon</application>
-	¤¬¥Û¥¹¥È´Ö¤Î¥Í¥Ã¥È¥ï¡¼¥¯¥È¥é¥Õ¥£¥Ã¥¯¤ò°Å¹æ²½¡¢
-	Éü¹æ²½¤Ç¤­¤ë¤è¤¦¤Ë¤¹¤ë¤Ë¤Ï¡¢
-	Security Policy Database (<acronym>SPD</acronym>)
-	¤ÎÀßÄ꤬ɬÍפǤ¹¡£</para>
+	<para>&os; ¤ª¤è¤Ó <application>racoon</application>
+	  ¤¬¥Û¥¹¥È´Ö¤Î¥Í¥Ã¥È¥ï¡¼¥¯¥È¥é¥Õ¥£¥Ã¥¯¤ò°Å¹æ²½¡¢
+	  Éü¹æ²½¤Ç¤­¤ë¤è¤¦¤Ë¤¹¤ë¤Ë¤Ï¡¢
+	  Security Policy Database (<acronym>SPD</acronym>)
+	  ¤ÎÀßÄ꤬ɬÍפǤ¹¡£</para>
 
-      <para>¤³¤ì¤Ï¡¢²ñ¼Ò¤Î¥²¡¼¥È¥¦¥§¥¤¾å¤Ç¡¢
-	°Ê²¼¤Î¤è¤¦¤Ê¥·¥§¥ë¥¹¥¯¥ê¥×¥È¤ÇÀßÄê¤Ç¤­¤Þ¤¹¡£
-	¤³¤Î¥Õ¥¡¥¤¥ë¤ò¥·¥¹¥Æ¥à¤Î½é´ü²½Ãæ¤Ë»È¤ï¤ì¤ë¤è¤¦¤Ë¤¹¤ë¤Ë¤Ï¡¢
-	<filename>/usr/local/etc/racoon/setkey.conf</filename>
-	¤ËÊݸ¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£</para>
+	<para>¤³¤ì¤Ï¡¢²ñ¼Ò¤Î¥²¡¼¥È¥¦¥§¥¤¾å¤Ç¡¢
+	  °Ê²¼¤Î¤è¤¦¤Ê¥·¥§¥ë¥¹¥¯¥ê¥×¥È¤ÇÀßÄê¤Ç¤­¤Þ¤¹¡£
+	  ¤³¤Î¥Õ¥¡¥¤¥ë¤ò¥·¥¹¥Æ¥à¤Î½é´ü²½Ãæ¤Ë»È¤ï¤ì¤ë¤è¤¦¤Ë¤¹¤ë¤Ë¤Ï¡¢
+	  <filename>/usr/local/etc/racoon/setkey.conf</filename>
+	  ¤ËÊݸ¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£</para>
 
-      <programlisting>flush;
+	<programlisting>flush;
 spdflush;
 # To the home network
 spdadd 10.246.38.0/24 10.0.0.0/24 any -P out ipsec esp/tunnel/172.16.5.4-192.168.1.12/use;
 spdadd 10.0.0.0/24 10.246.38.0/24 any -P in ipsec esp/tunnel/192.168.1.12-172.16.5.4/use;</programlisting>
 
-      <para>ÀßÄê¥Õ¥¡¥¤¥ë¤òŬÀÚ¤ËÃÖ¤¯¤È¡¢°Ê²¼¤Î¥³¥Þ¥ó¥É¤Ë¤è¤ê¡¢
-	ξÊý¤Î¥²¡¼¥È¥¦¥§¥¤¾å¤Ç <application>racoon</application>
-	¤òµ¯Æ°¤Ç¤­¤Þ¤¹¡£</para>
+	<para>ÀßÄê¥Õ¥¡¥¤¥ë¤òŬÀÚ¤ËÃÖ¤¯¤È¡¢°Ê²¼¤Î¥³¥Þ¥ó¥É¤Ë¤è¤ê¡¢
+	  ξÊý¤Î¥²¡¼¥È¥¦¥§¥¤¾å¤Ç <application>racoon</application>
+	  ¤òµ¯Æ°¤Ç¤­¤Þ¤¹¡£</para>
 
-      <screen>&prompt.root; <userinput>/usr/local/sbin/racoon -F -f /usr/local/etc/racoon/racoon.conf -l /var/log/racoon.log</userinput></screen>
+	<screen>&prompt.root; <userinput>/usr/local/sbin/racoon -F -f /usr/local/etc/racoon/racoon.conf -l /var/log/racoon.log</userinput></screen>
 
-      <para>½ÐÎϤϰʲ¼¤Î¤è¤¦¤Ë¤Ê¤ë¤Ç¤·¤ç¤¦¡£</para>
+	<para>½ÐÎϤϰʲ¼¤Î¤è¤¦¤Ë¤Ê¤ë¤Ç¤·¤ç¤¦¡£</para>
 
-      <programlisting>corp-net# /usr/local/sbin/racoon -F -f /usr/local/etc/racoon/racoon.conf
+	<programlisting>corp-net# /usr/local/sbin/racoon -F -f /usr/local/etc/racoon/racoon.conf
 Foreground mode.
 2006-01-30 01:35:47: INFO: begin Identity Protection mode.
 2006-01-30 01:35:48: INFO: received Vendor ID: KAME/racoon
@@ -2948,45 +2949,45 @@ n2006-01-30 01:36:04: INFO: ISAKMP-SA established 172.
 2006-01-30 01:36:18: INFO: IPsec-SA established: ESP/Tunnel 192.168.1.12[0]->172.16.5.4[0] spi=124397467(0x76a279b)
 2006-01-30 01:36:18: INFO: IPsec-SA established: ESP/Tunnel 172.16.5.4[0]->192.168.1.12[0] spi=175852902(0xa7b4d66)</programlisting>
 
-      <para>¥È¥ó¥Í¥ê¥ó¥°¤¬Å¬Àڤ˹Ԥï¤ì¤Æ¤¤¤ë¤«¤É¤¦¤«¤ò³Îǧ¤¹¤ë¤¿¤á¡¢
-	Ê̤Υ³¥ó¥½¡¼¥ë¾å¤Ç &man.tcpdump.1; ¤ò»È¤¤¡¢
-	°Ê²¼¤Î¤è¤¦¤Ê¥³¥Þ¥ó¥É¤Ç¥Í¥Ã¥È¥ï¡¼¥¯¤ÎÄÌ¿®¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£
-	¤¿¤À¤·¡¢°Ê²¼¤ÎÎã¤Î <literal>em0</literal> ¤ÎÉôʬ¤Ï¡¢
-	ɬÍפ˱þ¤¸¤Æ»ÈÍѤ·¤Æ¤¤¤ë¥Í¥Ã¥È¥ï¡¼¥¯¥¤¥ó¥¿¥Õ¥§¡¼¥¹¤ËÃÖ¤­´¹¤¨¤Æ¤¯¤À¤µ¤¤¡£</para>
+	<para>¥È¥ó¥Í¥ê¥ó¥°¤¬Å¬Àڤ˹Ԥï¤ì¤Æ¤¤¤ë¤«¤É¤¦¤«¤ò³Îǧ¤¹¤ë¤¿¤á¡¢
+	  Ê̤Υ³¥ó¥½¡¼¥ë¾å¤Ç &man.tcpdump.1; ¤ò»È¤¤¡¢
+	  °Ê²¼¤Î¤è¤¦¤Ê¥³¥Þ¥ó¥É¤Ç¥Í¥Ã¥È¥ï¡¼¥¯¤ÎÄÌ¿®¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£
+	  ¤¿¤À¤·¡¢°Ê²¼¤ÎÎã¤Î <literal>em0</literal> ¤ÎÉôʬ¤Ï¡¢
+	  ɬÍפ˱þ¤¸¤Æ»ÈÍѤ·¤Æ¤¤¤ë¥Í¥Ã¥È¥ï¡¼¥¯¥¤¥ó¥¿¥Õ¥§¡¼¥¹¤ËÃÖ¤­´¹¤¨¤Æ¤¯¤À¤µ¤¤¡£</para>
 
-      <screen>&prompt.root; <userinput>tcpdump -i em0 host <replaceable>172.16.5.4 and dst 192.168.1.12</replaceable></userinput></screen>
+	<screen>&prompt.root; <userinput>tcpdump -i em0 host <replaceable>172.16.5.4 and dst 192.168.1.12</replaceable></userinput></screen>
 
-      <para>°Ê²¼¤Î¤è¤¦¤Ê¥Ç¡¼¥¿¤¬¥³¥ó¥½¡¼¥ë¤Ëɽ¼¨¤µ¤ì¤Þ¤¹¡£
-	¤â¤·¡¢É½¼¨¤µ¤ì¤Ê¤¤¾ì¹ç¤Ï¡¢ÀßÄê¤Ë²¿¤«ÌäÂ꤬¤¢¤ë¤Î¤Ç¡¢
-	ɽ¼¨¤µ¤ì¤ë¥Ç¡¼¥¿¤ò»È¤Ã¤Æ¥Ç¥Ð¥Ã¥°¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£</para>
+	<para>°Ê²¼¤Î¤è¤¦¤Ê¥Ç¡¼¥¿¤¬¥³¥ó¥½¡¼¥ë¤Ëɽ¼¨¤µ¤ì¤Þ¤¹¡£
+	  ¤â¤·¡¢É½¼¨¤µ¤ì¤Ê¤¤¾ì¹ç¤Ï¡¢ÀßÄê¤Ë²¿¤«ÌäÂ꤬¤¢¤ë¤Î¤Ç¡¢
+	  ɽ¼¨¤µ¤ì¤ë¥Ç¡¼¥¿¤ò»È¤Ã¤Æ¥Ç¥Ð¥Ã¥°¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£</para>
 
-      <programlisting>01:47:32.021683 IP corporatenetwork.com > 192.168.1.12.privatenetwork.com: ESP(spi=0x02acbf9f,seq=0xa)
+	<programlisting>01:47:32.021683 IP corporatenetwork.com > 192.168.1.12.privatenetwork.com: ESP(spi=0x02acbf9f,seq=0xa)
 01:47:33.022442 IP corporatenetwork.com > 192.168.1.12.privatenetwork.com: ESP(spi=0x02acbf9f,seq=0xb)
 01:47:34.024218 IP corporatenetwork.com > 192.168.1.12.privatenetwork.com: ESP(spi=0x02acbf9f,seq=0xc)</programlisting>
 
-      <para>¤³¤ì¤Ç 2 ¤Ä¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤Ï¡¢
-	1 ¤Ä¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤Î¤è¤¦¤ËÍøÍѤǤ­¤Þ¤¹¡£
-	¿¤¯¤Î¾ì¹ç¡¢
-	ξÊý¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤Ï¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Ë¤è¤êÊݸ¤ì¤Æ¤¤¤Þ¤¹¡£
-	ξÊý¤òή¤ì¤ëÄÌ¿®¤òµö²Ä¤¹¤ë¤Ë¤Ï¡¢
-	¥Ñ¥±¥Ã¥È¤¬Î¾Êý¤ò¹Ô¤­Íè¤Ç¤­¤ë¤è¤¦¤Ë¥ë¡¼¥ë¤òÄɲ乤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
-	&man.ipfw.8; ¤ò»È¤Ã¤¿¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Î¾ì¹ç¤Ï¡¢
-	¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤Ë¡¢°Ê²¼¤Î¹Ô¤òÄɲ䷤Ƥ¯¤À¤µ¤¤¡£</para>
+	<para>¤³¤ì¤Ç 2 ¤Ä¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤Ï¡¢
+	  1 ¤Ä¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤Î¤è¤¦¤ËÍøÍѤǤ­¤Þ¤¹¡£
+	  ¿¤¯¤Î¾ì¹ç¡¢
+	  ξÊý¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤Ï¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Ë¤è¤êÊݸ¤ì¤Æ¤¤¤Þ¤¹¡£
+	  ξÊý¤òή¤ì¤ëÄÌ¿®¤òµö²Ä¤¹¤ë¤Ë¤Ï¡¢
+	  ¥Ñ¥±¥Ã¥È¤¬Î¾Êý¤ò¹Ô¤­Íè¤Ç¤­¤ë¤è¤¦¤Ë¥ë¡¼¥ë¤òÄɲ乤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
+	  &man.ipfw.8; ¤ò»È¤Ã¤¿¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤Î¾ì¹ç¤Ï¡¢
+	  ¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤Ë¡¢°Ê²¼¤Î¹Ô¤òÄɲ䷤Ƥ¯¤À¤µ¤¤¡£</para>
 
-      <programlisting>ipfw add 00201 allow log esp from any to any
+	<programlisting>ipfw add 00201 allow log esp from any to any
 ipfw add 00202 allow log ah from any to any
 ipfw add 00203 allow log ipencap from any to any
 ipfw add 00204 allow log udp from any 500 to any</programlisting>
 
-      <note>
-	<para>¥ë¡¼¥ëÈÖ¹æ¤Ï¡¢
-	¸½ºß¤Î¥Û¥¹¥È¤ÎÀßÄê¤Ë¤è¤Ã¤Æ¤ÏÊѹ¹¤¹¤ëɬÍפ¬¤¢¤ë¤Ç¤·¤ç¤¦¡£</para>
-      </note>
+	<note>
+	  <para>¥ë¡¼¥ëÈÖ¹æ¤Ï¡¢
+	  ¸½ºß¤Î¥Û¥¹¥È¤ÎÀßÄê¤Ë¤è¤Ã¤Æ¤ÏÊѹ¹¤¹¤ëɬÍפ¬¤¢¤ë¤Ç¤·¤ç¤¦¡£</para>
+	</note>
 
-      <para>&man.pf.4; ¤Þ¤¿¤Ï &man.ipf.8; ¤ò»ÈÍѤ·¤Æ¤¤¤ë¥·¥¹¥Æ¥à¤Ç¤Ï¡¢
-	°Ê²¼¤Î¥ë¡¼¥ë¤Ç¾å¼ê¤¯¤¤¤¯¤Ç¤·¤ç¤¦¡£</para>
+	<para>&man.pf.4; ¤Þ¤¿¤Ï &man.ipf.8; ¤ò»ÈÍѤ·¤Æ¤¤¤ë¥·¥¹¥Æ¥à¤Ç¤Ï¡¢
+	  °Ê²¼¤Î¥ë¡¼¥ë¤Ç¾å¼ê¤¯¤¤¤¯¤Ç¤·¤ç¤¦¡£</para>
 
-      <programlisting>pass in quick proto esp from any to any
+	<programlisting>pass in quick proto esp from any to any
 pass in quick proto ah from any to any
 pass in quick proto ipencap from any to any
 pass in quick proto udp from any port = 500 to any port = 500
@@ -2997,17 +2998,17 @@ pass out quick proto ipencap from any to any
 pass out quick proto udp from any port = 500 to any port = 500
 pass out quick on gif0 from any to any</programlisting>
 
-      <para>ºÇ¸å¤Ë¡¢¥·¥¹¥Æ¥à¤Î½é´ü²½Ãæ¤Ë <acronym>VPN</acronym>
-	¤¬µ¯Æ°¤¹¤ë¤è¤¦¤Ë¡¢°Ê²¼¤Î¹Ô¤ò
-	<filename>/etc/rc.conf</filename> ¤ËÄɲ䷤Ƥ¯¤À¤µ¤¤¡£</para>
+	<para>ºÇ¸å¤Ë¡¢¥·¥¹¥Æ¥à¤Î½é´ü²½Ãæ¤Ë <acronym>VPN</acronym>
+	  ¤¬µ¯Æ°¤¹¤ë¤è¤¦¤Ë¡¢°Ê²¼¤Î¹Ô¤ò
+	  <filename>/etc/rc.conf</filename> ¤ËÄɲ䷤Ƥ¯¤À¤µ¤¤¡£</para>
 
-      <programlisting>ipsec_enable="YES"
+	<programlisting>ipsec_enable="YES"
 ipsec_program="/usr/local/sbin/setkey"
 ipsec_file="/usr/local/etc/racoon/setkey.conf" # allows setting up spd policies on boot
 racoon_enable="yes"</programlisting>
-     </sect3>
-   </sect2>
-   </sect1>
+      </sect3>
+    </sect2>
+  </sect1>
 
   <sect1 xml:id="openssh">
     <info>


More information about the svn-doc-all mailing list