{"id":1727,"date":"2025-12-06T11:39:30","date_gmt":"2025-12-06T02:39:30","guid":{"rendered":"https:\/\/mylifeisbeautiful555.net\/?page_id=1727"},"modified":"2025-12-06T11:39:30","modified_gmt":"2025-12-06T02:39:30","slug":"%e3%82%b9%e3%83%86%e3%83%bc%e3%83%88%e3%83%95%e3%83%ab%e3%82%a4%e3%83%b3%e3%82%b9%e3%83%9a%e3%82%af%e3%82%b7%e3%83%a7%e3%83%b3%e3%81%8c%e6%89%b1%e3%81%86%e3%83%97%e3%83%ad%e3%83%88%e3%82%b3%e3%83%ab","status":"publish","type":"page","link":"https:\/\/mylifeisbeautiful555.net\/?page_id=1727","title":{"rendered":"\u30b9\u30c6\u30fc\u30c8\u30d5\u30eb\u30a4\u30f3\u30b9\u30da\u30af\u30b7\u30e7\u30f3\u304c\u6271\u3046\u30d7\u30ed\u30c8\u30b3\u30eb"},"content":{"rendered":"\n

(1) L3 \/ L4 \u306e\u57fa\u672c\u30d7\u30ed\u30c8\u30b3\u30eb<\/strong><\/h1>\n\n\n\n

FW \u304c\u6a19\u6e96\u3067\u30b9\u30c6\u30fc\u30c8\u7ba1\u7406\u3059\u308b\u3082\u306e\u3002<\/p>\n\n\n\n

\u30d7\u30ed\u30c8\u30b3\u30eb<\/th>\u8aac\u660e<\/th><\/tr><\/thead>
TCP<\/strong><\/td>SYN, ACK, FIN, SEQ \u3067\u5b8c\u5168\u30b9\u30c6\u30fc\u30c8\u7ba1\u7406<\/td><\/tr>
UDP<\/strong><\/td>pseudo-state\uff08\u7591\u4f3c\u30b9\u30c6\u30fc\u30c8\uff09\u3067\u30bf\u30a4\u30de\u7ba1\u7406<\/td><\/tr>
ICMP<\/strong><\/td>ID \u3068 SEQ \u306b\u3088\u308b\u95a2\u9023\u30bb\u30c3\u30b7\u30e7\u30f3\u7ba1\u7406<\/td><\/tr>
GRE<\/strong><\/td>\u30c8\u30f3\u30cd\u30eb\u30bb\u30c3\u30b7\u30e7\u30f3\u3092\u30c8\u30e9\u30c3\u30ad\u30f3\u30b0<\/td><\/tr>
ESP\uff08IPsec\uff09<\/strong><\/td>SPI\uff08Security Parameters Index\uff09\u3067\u30b9\u30c6\u30fc\u30c8\u7ba1\u7406<\/td><\/tr>
AH\uff08IPsec\uff09<\/strong><\/td>\u30d8\u30c3\u30c0\u6574\u5408\u6027\u3092\u691c\u8a3c\u3057\u3064\u3064\u30b9\u30c6\u30fc\u30c8\u7ba1\u7406<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

(2) NAT \/ ALG \u304c\u5fc5\u8981\u306a\u30d7\u30ed\u30c8\u30b3\u30eb\uff08\u30b9\u30c6\u30fc\u30c8\u3092\u6df1\u304f\u8ffd\u8de1\uff09<\/strong><\/h1>\n\n\n\n

\u3053\u308c\u3089\u306f \u5236\u5fa1\u30c1\u30e3\u30cd\u30eb\u3068\u30c7\u30fc\u30bf\u30c1\u30e3\u30cd\u30eb\u304c\u5206\u304b\u308c\u308b\u7279\u6b8a\u30d7\u30ed\u30c8\u30b3\u30eb<\/strong>\u3002<\/p>\n\n\n\n

Firewall \u306f\u305d\u308c\u3089\u3092\u89e3\u6790\u3057\u3066\u3001\u95a2\u9023\u3059\u308b\u30dd\u30fc\u30c8\u3092\u81ea\u52d5\u3067\u958b\u3051\u308b\uff08ALG\uff09\u3002<\/p>\n\n\n\n

\u30d7\u30ed\u30c8\u30b3\u30eb<\/th>\u5185\u5bb9<\/th>FW\u52d5\u4f5c<\/th><\/tr><\/thead>
FTP\uff08Active\/Passive\uff09<\/strong><\/td>20\/21 \u306e\u5236\u5fa1+\u30c7\u30fc\u30bf\u3067\u8907\u96d1<\/td>PORT\/PASV\u3092\u89e3\u6790\u3057\u3066\u30c7\u30fc\u30bf\u30c1\u30e3\u30cd\u30eb\u958b\u653e<\/td><\/tr>
SIP\uff08VoIP\uff09<\/strong><\/td>5060 + \u52d5\u7684\u30dd\u30fc\u30c8\u591a\u6570<\/td>INVITE\/SDP \u3092\u8aad\u307f\u53d6\u3063\u3066RTP\u30dd\u30fc\u30c8\u8a31\u53ef<\/td><\/tr>
H.323\uff08VoIP\uff09<\/strong><\/td>\u5236\u5fa1\u3068\u30e1\u30c7\u30a3\u30a2\u3067\u591a\u6570\u306e\u30dd\u30fc\u30c8<\/td>\u95a2\u9023\u30c1\u30e3\u30cd\u30eb\u3092\u81ea\u52d5\u958b\u653e<\/td><\/tr>
RTSP\uff08\u52d5\u753b\u30b9\u30c8\u30ea\u30fc\u30df\u30f3\u30b0\uff09<\/strong><\/td>TCP 554 + \u52d5\u7684\u30dd\u30fc\u30c8<\/td>SETUP\/PLAY \u3092\u89e3\u6790<\/td><\/tr>
TFTP<\/strong><\/td>\u5236\u5fa1+\u30c7\u30fc\u30bf\u304c\u52d5\u7684\u306b\u5909\u308f\u308b<\/td>\u81ea\u52d5\u3067\u30c7\u30fc\u30bf\u30dd\u30fc\u30c8\u3092\u958b\u3051\u308b<\/td><\/tr>
DNS\uff08\u30a4\u30f3\u30b9\u30da\u30af\u30b7\u30e7\u30f3\uff09<\/strong><\/td>53\/UDP\/TCP<\/td>\u5fdc\u7b54\u30b5\u30a4\u30ba\u3084ID\u3092\u78ba\u8a8d<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

\u3053\u308c\u3089\u306f \u30b9\u30c6\u30fc\u30c8\u30d5\u30eb\uff0b\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u30a4\u30f3\u30b9\u30da\u30af\u30b7\u30e7\u30f3\u306e\u30cf\u30a4\u30d6\u30ea\u30c3\u30c9<\/strong>\u3067\u52d5\u4f5c\u3057\u307e\u3059\u3002<\/p>\n\n\n\n

(3) \u30c8\u30f3\u30cd\u30eb\u30fbVPN\u7cfb\u30d7\u30ed\u30c8\u30b3\u30eb<\/strong><\/h1>\n\n\n\n

Firewall \u306f\u3053\u308c\u3089\u3082\u30b9\u30c6\u30fc\u30c8\u7ba1\u7406\u3057\u307e\u3059\u3002<\/p>\n\n\n\n

\u30d7\u30ed\u30c8\u30b3\u30eb<\/th>\u8aac\u660e<\/th><\/tr><\/thead>
IKEv1 \/ IKEv2<\/strong><\/td>IPsec\u306e\u4ea4\u6e09\u72b6\u614b\u3092\u7ba1\u7406<\/td><\/tr>
IPsec ESP\/AH<\/strong><\/td>SPI\u3092\u57fa\u6e96\u306b\u30bb\u30c3\u30b7\u30e7\u30f3\u7ba1\u7406<\/td><\/tr>
L2TP<\/strong><\/td>PPP\u30d5\u30ec\u30fc\u30e0\u306e\u72b6\u614b\u7ba1\u7406<\/td><\/tr>
PPTP<\/strong><\/td>GRE \u3068 TCP1723 \u306e\u95a2\u9023\u4ed8\u3051<\/td><\/tr>
SSL\/TLS<\/strong><\/td>\u30bb\u30c3\u30b7\u30e7\u30f3\u3054\u3068\u306b\u72b6\u614b\u7ba1\u7406<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

(4) \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u30d7\u30ed\u30c8\u30b3\u30eb\u3067\u306e\u30b9\u30c6\u30fc\u30c8<\/strong><\/h1>\n\n\n\n

\u591a\u304f\u306e FW\uff08\u7279\u306b\u6b21\u4e16\u4ee3FW\uff09\u306f L7 \u307e\u3067\u30b9\u30c6\u30fc\u30c8\u7ba1\u7406\u3057\u307e\u3059\u3002<\/p>\n\n\n\n

\u30d7\u30ed\u30c8\u30b3\u30eb<\/th>\u5185\u5bb9<\/th><\/tr><\/thead>
HTTP\/HTTPS<\/strong><\/td>\u30ea\u30af\u30a8\u30b9\u30c8\/\u30ec\u30b9\u30dd\u30f3\u30b9\u3092\u30b3\u30cd\u30af\u30b7\u30e7\u30f3\u5358\u4f4d\u3067\u7ba1\u7406<\/td><\/tr>
SSH<\/strong><\/td>\u30bb\u30c3\u30b7\u30e7\u30f3\u3054\u3068\u306e\u9375\u4ea4\u63db\u72b6\u614b\u3092\u7dad\u6301<\/td><\/tr>
Telnet<\/strong><\/td>\u30b3\u30cd\u30af\u30b7\u30e7\u30f3\u7ba1\u7406<\/td><\/tr>
SMTP\/POP3\/IMAP<\/strong><\/td>\u30e1\u30fc\u30eb\u30bb\u30c3\u30b7\u30e7\u30f3\u7ba1\u7406<\/td><\/tr>
RDP<\/strong><\/td>3389\/TCP \u306e\u72b6\u614b\u7ba1\u7406<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

\u6b21\u4e16\u4ee3 FW\uff08NGFW\uff09\u3067\u306f\u300c\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u8b58\u5225\u300d\uff0b\u300c\u30b9\u30c6\u30fc\u30c8\u7ba1\u7406\u300d\u304c\u6a19\u6e96\u3002<\/p>\n\n\n\n

2. \u30b9\u30c6\u30fc\u30c8\u30d5\u30eb\u30c6\u30fc\u30d6\u30eb\u306b\u767b\u9332\u3055\u308c\u308b\u5185\u5bb9\uff08\u91cd\u8981\uff09<\/strong><\/h1>\n\n\n\n

FW \u304c\u4fdd\u6301\u3059\u308b\u72b6\u614b\u306f\u3001\u30d7\u30ed\u30c8\u30b3\u30eb\u306b\u3088\u3063\u3066\u9055\u3046\u3002<\/p>\n\n\n\n

\n\n\n\n

🟩 TCP \u306e\u5834\u5408<\/strong><\/h2>\n\n\n\n

FW \u304c\u8ffd\u8de1\u3059\u308b\u9805\u76ee\uff1a<\/p>\n\n\n\n

    \n
  • \u9001\u4fe1\u5143IP \/ \u30dd\u30fc\u30c8<\/li>\n\n\n\n
  • \u5b9b\u5148IP \/ \u30dd\u30fc\u30c8<\/li>\n\n\n\n
  • \u30b7\u30fc\u30b1\u30f3\u30b9\u756a\u53f7<\/li>\n\n\n\n
  • ACK\u756a\u53f7<\/li>\n\n\n\n
  • TCP\u30d5\u30e9\u30b0\uff08SYN\/ACK\/FIN\/RST\uff09<\/li>\n\n\n\n
  • \u30bb\u30c3\u30b7\u30e7\u30f3\u72b6\u614b\uff08ESTABLISHED, FIN-WAIT \u7b49\uff09<\/li>\n\n\n\n
  • \u30bf\u30a4\u30e0\u30a2\u30a6\u30c8<\/li>\n\n\n\n
  • NAT\u5909\u63db\u5f8c\u306e\u5b9b\u5148<\/li>\n\n\n\n
  • \u30d0\u30a4\u30c8\u6570 \/ \u30d1\u30b1\u30c3\u30c8\u6570<\/li>\n<\/ul>\n\n\n\n

    UDP \u306e\u5834\u5408\uff08\u7591\u4f3c\u30b9\u30c6\u30fc\u30c8\uff09<\/strong><\/h2>\n\n\n\n
      \n
    • \u30bb\u30c3\u30b7\u30e7\u30f3\u958b\u59cb IP\/Port<\/li>\n\n\n\n
    • \u30bf\u30a4\u30e0\u30a2\u30a6\u30c8\uff08\u30c7\u30d5\u30a9\u30eb\u30c8 2\u5206\u306a\u3069\uff09<\/li>\n\n\n\n
    • NAT\u60c5\u5831<\/li>\n<\/ul>\n\n\n\n

      \u203bUDP \u306f\u30b3\u30cd\u30af\u30b7\u30e7\u30f3\u30ec\u30b9\u306a\u306e\u3067\u3001\u5b8c\u5168\u30b9\u30c6\u30fc\u30c8\u3067\u306f\u306a\u304f
      \u300c\u4e00\u5b9a\u6642\u9593\u3060\u3051\u901a\u4fe1\u3092\u95a2\u9023\u4ed8\u3051\u308b\u4ed5\u7d44\u307f\u300d\u3002<\/p>\n\n\n\n

      ICMP \u306e\u5834\u5408<\/strong><\/h2>\n\n\n\n
        \n
      • Identifier\uff08ID\uff09<\/li>\n\n\n\n
      • Sequence number<\/li>\n\n\n\n
      • NAT\u60c5\u5831<\/li>\n\n\n\n
      • \u30bf\u30a4\u30e0\u30a2\u30a6\u30c8<\/li>\n<\/ul>\n\n\n\n

        SIP \/ RTSP \/ FTP \u306e\u3088\u3046\u306a\u8907\u96d1\u30d7\u30ed\u30c8\u30b3\u30eb<\/strong><\/h2>\n\n\n\n

        FW \u306f\u5236\u5fa1\u30c1\u30e3\u30cd\u30eb\u3092\u89e3\u6790\u3057\u3001<\/p>\n\n\n\n

          \n
        • \u4f55\u756a\u30dd\u30fc\u30c8\u3067\u30c7\u30fc\u30bf\u304c\u6d41\u308c\u308b\u304b<\/li>\n\n\n\n
        • \u3069\u306e\u76f8\u624b\u3068\u901a\u4fe1\u3059\u308b\u304b<\/li>\n<\/ul>\n\n\n\n

          \u3092\u8aad\u307f\u53d6\u3063\u3066\u3001\u305d\u306e\u30dd\u30fc\u30c8\u3060\u3051\u4e00\u6642\u7684\u306b\u8a31\u53ef\u3057\u307e\u3059\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"

          (1) L3 \/ L4 \u306e\u57fa\u672c\u30d7\u30ed\u30c8\u30b3\u30eb FW \u304c\u6a19\u6e96\u3067\u30b9\u30c6\u30fc\u30c8\u7ba1\u7406\u3059\u308b\u3082\u306e\u3002 \u30d7\u30ed\u30c8\u30b3\u30eb \u8aac\u660e TCP SYN, ACK, FIN, SEQ \u3067\u5b8c\u5168\u30b9\u30c6\u30fc\u30c8\u7ba1\u7406 UDP pseudo-state\uff08\u7591\u4f3c\u30b9\u30c6\u30fc\u30c8\uff09\u3067\u30bf\u30a4\u30de […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-1727","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/pages\/1727","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1727"}],"version-history":[{"count":1,"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/pages\/1727\/revisions"}],"predecessor-version":[{"id":1728,"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/pages\/1727\/revisions\/1728"}],"wp:attachment":[{"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1727"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}