#
# PCごとにIPフィルターを設定する
#

#
# ルーター
#

#
# LANインターフェースの設定 (LAN1ポートを使用)
#
ip lan1 address 192.168.100.1/24

#
# WAN(ISP)インターフェースの設定 (LAN2ポートを使用)
#
pp select 1
 pp always-on on
 pppoe use lan2
 pp auth accept pap chap
 pp auth myname (ISPと接続するID) (ISPと接続するパスワード)
 ppp lcp mru on 1454
 ppp ipcp ipaddress on
 ppp ipcp msext on
 ppp ccp type none
 ip pp nat descriptor 1
 pp enable 1
ip route default gateway pp 1

#
# IPフィルターの設定
#
ip filter 1 pass 192.168.100.2,192.168.100.3 * * * *
ip filter 2 reject 192.168.100.4 * * * *
ip filter 101 reject 192.168.100.0/24 * * * *
ip filter 102 reject * 192.168.100.0/24 * * *
ip filter 110 reject * * udp,tcp 135 *
ip filter 111 reject * * udp,tcp * 135
ip filter 112 reject * * udp,tcp netbios_ns-netbios_ssn *
ip filter 113 reject * * udp,tcp * netbios_ns-netbios_ssn
ip filter 114 reject * * udp,tcp 445 *
ip filter 115 reject * * udp,tcp * 445
ip filter 116 restrict * * tcpfin * www,21,nntp
ip filter 117 restrict * * tcprst * www,21,nntp
ip filter 120 pass * 192.168.100.0/24 icmp * *
ip filter 121 pass * 192.168.100.0/24 tcp * ident
ip filter dynamic 1 192.168.100.2 * ftp
ip filter dynamic 2 192.168.100.2,192.168.100.3 * domain
ip filter dynamic 3 192.168.100.2 * www
ip filter dynamic 4 192.168.100.2,192.168.100.3 * smtp
ip filter dynamic 5 192.168.100.2,192.168.100.3 * pop3
ip filter dynamic 6 192.168.100.2,192.168.100.3 * submission
ip filter dynamic 7 192.168.100.2 * tcp
ip filter dynamic 8 192.168.100.2 * udp
pp select 1
ip pp secure filter in 101 110 111 112 113 114 115 120 121
ip pp secure filter out 102 110 111 112 113 114 115 116 117 1 2 dynamic 1 2 3 4 5 6 7 8

#
# NATの設定
#
nat descriptor type 1 masquerade

#
# DNSの設定
#
dns host lan1
dns server pp 1
dns private address spoof on