HomeServer36
をテンプレートにして作成
[
トップ
] [
新規
|
一覧
|
検索
|
最終更新
|
ヘルプ
]
開始行:
#contents()
** fail2ban 有効化 [#c1cc074f]
- fail2ban インストール
[AWS MX2(sudo)]:~# sudo apt install fail2ban
- jail.local の編集
[AWS MX2(sudo)]:~# cat /etc/fail2ban/jail.local
[DEFAULT]
backend = systemd
maxretry = 3
findtime = 600
# おすすめ:7日BAN(EC2なら問題なし)→ 無期限に変更
#bantime = 604800
bantime = forever
banaction = iptables-multiport
# --- Postfix SASL ---
[postfix-sasl]
enabled = true
port = smtp,submission,465
filter = postfix[mode=auth]
logpath = %(postfix_log)s
# --- Dovecot ---
[dovecot]
enabled = true
port = pop3,pop3s,imap,imaps,submission,465
filter = dovecot
logpath = %(dovecot_log)s
- fail2ban 起動
[AWS MX2(sudo)]:~# sudo systemctl restart fail2ban
[AWS MX2(sudo)]:~# sudo systemctl enable fail2ban
Synchronizing state of fail2ban.service with SysV servic...
Executing: /lib/systemd/systemd-sysv-install enable fail...
- fail2ban 起動状況確認
[AWS MX2(sudo)]:~# sudo systemctl status fail2ban
● fail2ban.service - Fail2Ban Service
Loaded: loaded (/lib/systemd/system/fail2ban.service;...
Active: active (running) since Thu 2026-01-08 11:09:3...
Docs: man:fail2ban(1)
Process: 28396 ExecStop=/usr/bin/fail2ban-client stop ...
Process: 28397 ExecStartPre=/bin/mkdir -p /var/run/fai...
Main PID: 28409 (fail2ban-server)
Tasks: 7 (limit: 4680)
CGroup: /system.slice/fail2ban.service
└─28409 /usr/bin/python3 /usr/bin/fail2ban-se...
Jan 08 11:09:35 ip-172-31-22-38 systemd[1]: Stopped Fail...
Jan 08 11:09:35 ip-172-31-22-38 systemd[1]: Starting Fai...
Jan 08 11:09:35 ip-172-31-22-38 systemd[1]: Started Fail...
Jan 08 11:09:35 ip-172-31-22-38 fail2ban-server[28409]: ...
- フィルター有効化状況の確認
AWS MX2(sudo)]:~# sudo fail2ban-client status postfix-sasl
Status for the jail: postfix-sasl
|- Filter
| |- Currently failed: 0
| |- Total failed: 0
| `- Journal matches: _SYSTEMD_UNIT=postfix.service
`- Actions
|- Currently banned: 0
|- Total banned: 0
`- Banned IP list:
[AWS MX2(sudo)]:~# sudo fail2ban-client status dovecot
Status for the jail: dovecot
|- Filter
| |- Currently failed: 1
| |- Total failed: 2
| `- Journal matches: _SYSTEMD_UNIT=dovecot.service
`- Actions
|- Currently banned: 0
|- Total banned: 0
`- Banned IP list:
** メール送信ポートの変更( 465 → 587 ) [#wc6727e6]
- mx2 のログにSASLポート(465)に対する不正アクセスの記録...
- これは典型的な SMTP AUTH ブルートフォース攻撃で、叩かれ...
- 対策として 465番ポートの利用をやめ、submissionポートの5...
− 変更するのは /etc/postfix/master.cf の中の記述 ---> &re...
#
# Postfix master process configuration file. For detail...
# of the file, see the master(5) manual page (command: "...
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editin...
#
# ======================================================...
# service type private unpriv chroot wakeup maxproc ...
# (yes) (yes) (no) (never) (100)
# ======================================================...
smtp inet n - y - - ...
-o smtpd_sasl_auth_enable=no
submission inet n - y - - ...
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated...
-o smtpd_recipient_restrictions=permit_sasl_authentica...
#smtp inet n - y - 1 ...
#smtpd pass - - y - - ...
#dnsblog unix - - y - 0 ...
#tlsproxy unix - - y - 0 ...
# SMTP with TLS on port 587. Currently commented.
#submission inet n - y - - ...
# -o syslog_name=postfix/submission
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_enforce_tls=yes
# -o smtpd_client_restrictions=permit_sasl_authenticate...
# -o smtpd_sasl_tls_security_options=noanonymous
# SMTP over SSL on port 465.
# Intentionally disable 465 port access (=smtps) : 20260...
#smtps inet n - y - - ...
# -o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_tls_auth_only=yes
# -o smtpd_client_restrictions=permit_sasl_authenticate...
# -o smtpd_sasl_security_options=noanonymous,noplaintext
# -o smtpd_sasl_tls_security_options=noanonymous
- postfix バージョンの指定(ワーニング対策)
[AWS MX2(sudo)]:~# postconf -e 'compatibility_level = 2'
[AWS MX2(sudo)]:~# postfix reload
- postfix check の実行
[AWS MX2(sudo)]:~# postfix check
postfix/postfix-script: warning: not owned by root: /etc...
-- ここで出ているエラーは無視できる(postfix ディレクトリ...
- メールクライアントの送信サーバー設定の変更
|項目|変更前|変更後|h
|サーバー名|mail2.hmuna.com|変更なし|
|BGCOLOR(AQUAMARINE):ポート|BGCOLOR(AQUAMARINE):465|BGCOL...
|BGCOLOR(AQUAMARINE):接続の保護|BGCOLOR(AQUAMARINE):SSL/T...
|認証方式|通常のパスワード認証|変更なし|
** sieve 関連 [#pa23465f]
- 設定ファイルの場所(/etc/dovecot/conf.d/90-sieve.conf)
[AWS MX2(sudo)]:/etc# ls -l dovecot/conf.d/90-sieve.conf
-rw-r--r-- 1 root root 10855 Dec 26 2024 dovecot/conf.d...
[AWS MX2(sudo)]:/etc# cat dovecot/conf.d/90-sieve.conf |...
plugin {
sieve = file:/var/vmail/%d/%n/sieve;active=/var/vmail/...
sieve_default = /var/lib/dovecot/sieve/default.sieve
sieve_global = /var/lib/dovecot/sieve/global/
sieve_trace_dir = /var/vmail/%d/%n/
sieve_trace_level = actions
}
- レシピの場所(/var/vmail/hmuna.com/public_mail/sieve/si...
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail# ls -l ...
-rw------- 1 vmail mail 45947 Jan 9 08:59 sieve/sieve.s...
- ログの場所(/var/log/mail.log mail.err)
-- sieveはdovecotの一部として動いているが、ログは mail.lo...
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail# ls -l ...
-rw-r----- 1 syslog adm 35392 Jan 9 08:25 /var/log/ma...
-rw-r----- 1 syslog adm 93124 Jan 5 06:08 /var/log/ma...
-rw-r----- 1 syslog adm 1361 Dec 27 11:43 /var/log/ma...
-rw-r----- 1 syslog adm 3784 Dec 22 06:16 /var/log/ma...
-rw-r----- 1 syslog adm 3597 Dec 13 21:07 /var/log/ma...
-rw-r----- 1 syslog adm 4869424 Jan 9 09:02 /var/log/ma...
-rw-r----- 1 syslog adm 7787321 Jan 5 06:25 /var/log/ma...
-rw-r----- 1 syslog adm 645409 Dec 28 06:25 /var/log/ma...
-rw-r----- 1 syslog adm 997214 Dec 22 06:25 /var/log/ma...
-rw-r----- 1 syslog adm 870009 Dec 14 06:25 /var/log/ma...
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail# tail -...
Jan 8 22:53:46 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 22:53:47 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:09:29 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:09:30 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:23:09 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:23:09 ip-172-31-22-38 dovecot: imap(public_mai...
Jan 8 23:24:48 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:24:48 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:40:54 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:40:55 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:47:58 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:47:58 ip-172-31-22-38 dovecot: imap(public_mai...
Jan 8 23:53:25 ip-172-31-22-38 dovecot: imap(munakata@h...
- &color(red){''レシピの構文チェック(sievec)''};(レシ...
-- このように何行目にエラーがあるか指摘してくれるのでバグ...
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail# sievec...
sieve: line 609: error: unexpected character(s) starting...
sieve: line 609: error: expected end of command ';' or t...
sieve: error: parse failed.
sievec(root): Fatal: failed to compile sieve script 'sie...
- sieve レシピのバックアップ(レシピのオーナー、パーミシ...
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail/sieve# ...
total 2108
drwx------ 3 vmail mail 4096 Jan 9 08:59 .
drwx------ 400 vmail mail 2007040 Jan 9 09:20 ..
-rw------- 1 vmail mail 45947 Jan 9 08:59 sieve.sieve
-rw------- 1 vmail mail 45953 Jan 8 18:31 sieve.sie...
-rw------- 1 root root 39652 Jan 9 08:59 sieve.svbin
drwxrwx--- 2 vmail mail 4096 Dec 7 2020 tmp
-- レシピを別の場所に移し、オーナーを変更する
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail/sieve# ...
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail/sieve# ...
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail/sieve# ...
[AWS MX2(sudo)]:/sieve_backup# ls -l
total 48
-rw------- 1 root root 45947 Jan 9 09:49 sieve.sieve
[AWS MX2(sudo)]:/sieve_backup# chown ubuntu:ubuntu sieve...
[AWS MX2(sudo)]:/sieve_backup# ls -l
total 48
-rw------- 1 ubuntu ubuntu 45947 Jan 9 09:49 sieve.sieve
-- scp でコピーする
munakata@muna-E14G3:~$ scp -i ~/.ssh/magu-tokyo-messenge...
sieve.sieve ...
munakata@muna-E14G3:~$
*** sieve レシピ バックアップ [#u0aaac73]
-- &ref(sieve.sieve_20260109);
** Ubuntu One 有効化 [#odf0b663]
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail# pro st...
SERVICE ENTITLED STATUS DESCRIPTION
cc-eal yes disabled Common Criteria ...
cis yes disabled Security complia...
esm-apps yes enabled Expanded Securit...
esm-infra yes enabled Expanded Securit...
fips yes disabled NIST-certified F...
fips-updates yes disabled FIPS compliant c...
livepatch yes warning Canonical Livepa...
ros yes disabled Security Updates...
ros-updates yes disabled All Updates for ...
NOTICES
The running kernel has reached the end of its active liv...
Please upgrade the kernel with apt and reboot for contin...
For a list of all Ubuntu Pro services, run 'pro status -...
Enable services with: pro enable <service>
Account: public_mail@hmuna.com
Subscription: Ubuntu Pro - free personal subscription
終了行:
#contents()
** fail2ban 有効化 [#c1cc074f]
- fail2ban インストール
[AWS MX2(sudo)]:~# sudo apt install fail2ban
- jail.local の編集
[AWS MX2(sudo)]:~# cat /etc/fail2ban/jail.local
[DEFAULT]
backend = systemd
maxretry = 3
findtime = 600
# おすすめ:7日BAN(EC2なら問題なし)→ 無期限に変更
#bantime = 604800
bantime = forever
banaction = iptables-multiport
# --- Postfix SASL ---
[postfix-sasl]
enabled = true
port = smtp,submission,465
filter = postfix[mode=auth]
logpath = %(postfix_log)s
# --- Dovecot ---
[dovecot]
enabled = true
port = pop3,pop3s,imap,imaps,submission,465
filter = dovecot
logpath = %(dovecot_log)s
- fail2ban 起動
[AWS MX2(sudo)]:~# sudo systemctl restart fail2ban
[AWS MX2(sudo)]:~# sudo systemctl enable fail2ban
Synchronizing state of fail2ban.service with SysV servic...
Executing: /lib/systemd/systemd-sysv-install enable fail...
- fail2ban 起動状況確認
[AWS MX2(sudo)]:~# sudo systemctl status fail2ban
● fail2ban.service - Fail2Ban Service
Loaded: loaded (/lib/systemd/system/fail2ban.service;...
Active: active (running) since Thu 2026-01-08 11:09:3...
Docs: man:fail2ban(1)
Process: 28396 ExecStop=/usr/bin/fail2ban-client stop ...
Process: 28397 ExecStartPre=/bin/mkdir -p /var/run/fai...
Main PID: 28409 (fail2ban-server)
Tasks: 7 (limit: 4680)
CGroup: /system.slice/fail2ban.service
└─28409 /usr/bin/python3 /usr/bin/fail2ban-se...
Jan 08 11:09:35 ip-172-31-22-38 systemd[1]: Stopped Fail...
Jan 08 11:09:35 ip-172-31-22-38 systemd[1]: Starting Fai...
Jan 08 11:09:35 ip-172-31-22-38 systemd[1]: Started Fail...
Jan 08 11:09:35 ip-172-31-22-38 fail2ban-server[28409]: ...
- フィルター有効化状況の確認
AWS MX2(sudo)]:~# sudo fail2ban-client status postfix-sasl
Status for the jail: postfix-sasl
|- Filter
| |- Currently failed: 0
| |- Total failed: 0
| `- Journal matches: _SYSTEMD_UNIT=postfix.service
`- Actions
|- Currently banned: 0
|- Total banned: 0
`- Banned IP list:
[AWS MX2(sudo)]:~# sudo fail2ban-client status dovecot
Status for the jail: dovecot
|- Filter
| |- Currently failed: 1
| |- Total failed: 2
| `- Journal matches: _SYSTEMD_UNIT=dovecot.service
`- Actions
|- Currently banned: 0
|- Total banned: 0
`- Banned IP list:
** メール送信ポートの変更( 465 → 587 ) [#wc6727e6]
- mx2 のログにSASLポート(465)に対する不正アクセスの記録...
- これは典型的な SMTP AUTH ブルートフォース攻撃で、叩かれ...
- 対策として 465番ポートの利用をやめ、submissionポートの5...
− 変更するのは /etc/postfix/master.cf の中の記述 ---> &re...
#
# Postfix master process configuration file. For detail...
# of the file, see the master(5) manual page (command: "...
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editin...
#
# ======================================================...
# service type private unpriv chroot wakeup maxproc ...
# (yes) (yes) (no) (never) (100)
# ======================================================...
smtp inet n - y - - ...
-o smtpd_sasl_auth_enable=no
submission inet n - y - - ...
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated...
-o smtpd_recipient_restrictions=permit_sasl_authentica...
#smtp inet n - y - 1 ...
#smtpd pass - - y - - ...
#dnsblog unix - - y - 0 ...
#tlsproxy unix - - y - 0 ...
# SMTP with TLS on port 587. Currently commented.
#submission inet n - y - - ...
# -o syslog_name=postfix/submission
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_enforce_tls=yes
# -o smtpd_client_restrictions=permit_sasl_authenticate...
# -o smtpd_sasl_tls_security_options=noanonymous
# SMTP over SSL on port 465.
# Intentionally disable 465 port access (=smtps) : 20260...
#smtps inet n - y - - ...
# -o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_tls_auth_only=yes
# -o smtpd_client_restrictions=permit_sasl_authenticate...
# -o smtpd_sasl_security_options=noanonymous,noplaintext
# -o smtpd_sasl_tls_security_options=noanonymous
- postfix バージョンの指定(ワーニング対策)
[AWS MX2(sudo)]:~# postconf -e 'compatibility_level = 2'
[AWS MX2(sudo)]:~# postfix reload
- postfix check の実行
[AWS MX2(sudo)]:~# postfix check
postfix/postfix-script: warning: not owned by root: /etc...
-- ここで出ているエラーは無視できる(postfix ディレクトリ...
- メールクライアントの送信サーバー設定の変更
|項目|変更前|変更後|h
|サーバー名|mail2.hmuna.com|変更なし|
|BGCOLOR(AQUAMARINE):ポート|BGCOLOR(AQUAMARINE):465|BGCOL...
|BGCOLOR(AQUAMARINE):接続の保護|BGCOLOR(AQUAMARINE):SSL/T...
|認証方式|通常のパスワード認証|変更なし|
** sieve 関連 [#pa23465f]
- 設定ファイルの場所(/etc/dovecot/conf.d/90-sieve.conf)
[AWS MX2(sudo)]:/etc# ls -l dovecot/conf.d/90-sieve.conf
-rw-r--r-- 1 root root 10855 Dec 26 2024 dovecot/conf.d...
[AWS MX2(sudo)]:/etc# cat dovecot/conf.d/90-sieve.conf |...
plugin {
sieve = file:/var/vmail/%d/%n/sieve;active=/var/vmail/...
sieve_default = /var/lib/dovecot/sieve/default.sieve
sieve_global = /var/lib/dovecot/sieve/global/
sieve_trace_dir = /var/vmail/%d/%n/
sieve_trace_level = actions
}
- レシピの場所(/var/vmail/hmuna.com/public_mail/sieve/si...
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail# ls -l ...
-rw------- 1 vmail mail 45947 Jan 9 08:59 sieve/sieve.s...
- ログの場所(/var/log/mail.log mail.err)
-- sieveはdovecotの一部として動いているが、ログは mail.lo...
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail# ls -l ...
-rw-r----- 1 syslog adm 35392 Jan 9 08:25 /var/log/ma...
-rw-r----- 1 syslog adm 93124 Jan 5 06:08 /var/log/ma...
-rw-r----- 1 syslog adm 1361 Dec 27 11:43 /var/log/ma...
-rw-r----- 1 syslog adm 3784 Dec 22 06:16 /var/log/ma...
-rw-r----- 1 syslog adm 3597 Dec 13 21:07 /var/log/ma...
-rw-r----- 1 syslog adm 4869424 Jan 9 09:02 /var/log/ma...
-rw-r----- 1 syslog adm 7787321 Jan 5 06:25 /var/log/ma...
-rw-r----- 1 syslog adm 645409 Dec 28 06:25 /var/log/ma...
-rw-r----- 1 syslog adm 997214 Dec 22 06:25 /var/log/ma...
-rw-r----- 1 syslog adm 870009 Dec 14 06:25 /var/log/ma...
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail# tail -...
Jan 8 22:53:46 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 22:53:47 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:09:29 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:09:30 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:23:09 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:23:09 ip-172-31-22-38 dovecot: imap(public_mai...
Jan 8 23:24:48 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:24:48 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:40:54 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:40:55 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:47:58 ip-172-31-22-38 dovecot: imap(munakata@h...
Jan 8 23:47:58 ip-172-31-22-38 dovecot: imap(public_mai...
Jan 8 23:53:25 ip-172-31-22-38 dovecot: imap(munakata@h...
- &color(red){''レシピの構文チェック(sievec)''};(レシ...
-- このように何行目にエラーがあるか指摘してくれるのでバグ...
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail# sievec...
sieve: line 609: error: unexpected character(s) starting...
sieve: line 609: error: expected end of command ';' or t...
sieve: error: parse failed.
sievec(root): Fatal: failed to compile sieve script 'sie...
- sieve レシピのバックアップ(レシピのオーナー、パーミシ...
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail/sieve# ...
total 2108
drwx------ 3 vmail mail 4096 Jan 9 08:59 .
drwx------ 400 vmail mail 2007040 Jan 9 09:20 ..
-rw------- 1 vmail mail 45947 Jan 9 08:59 sieve.sieve
-rw------- 1 vmail mail 45953 Jan 8 18:31 sieve.sie...
-rw------- 1 root root 39652 Jan 9 08:59 sieve.svbin
drwxrwx--- 2 vmail mail 4096 Dec 7 2020 tmp
-- レシピを別の場所に移し、オーナーを変更する
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail/sieve# ...
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail/sieve# ...
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail/sieve# ...
[AWS MX2(sudo)]:/sieve_backup# ls -l
total 48
-rw------- 1 root root 45947 Jan 9 09:49 sieve.sieve
[AWS MX2(sudo)]:/sieve_backup# chown ubuntu:ubuntu sieve...
[AWS MX2(sudo)]:/sieve_backup# ls -l
total 48
-rw------- 1 ubuntu ubuntu 45947 Jan 9 09:49 sieve.sieve
-- scp でコピーする
munakata@muna-E14G3:~$ scp -i ~/.ssh/magu-tokyo-messenge...
sieve.sieve ...
munakata@muna-E14G3:~$
*** sieve レシピ バックアップ [#u0aaac73]
-- &ref(sieve.sieve_20260109);
** Ubuntu One 有効化 [#odf0b663]
[AWS MX2(sudo)]:/var/vmail/hmuna.com/public_mail# pro st...
SERVICE ENTITLED STATUS DESCRIPTION
cc-eal yes disabled Common Criteria ...
cis yes disabled Security complia...
esm-apps yes enabled Expanded Securit...
esm-infra yes enabled Expanded Securit...
fips yes disabled NIST-certified F...
fips-updates yes disabled FIPS compliant c...
livepatch yes warning Canonical Livepa...
ros yes disabled Security Updates...
ros-updates yes disabled All Updates for ...
NOTICES
The running kernel has reached the end of its active liv...
Please upgrade the kernel with apt and reboot for contin...
For a list of all Ubuntu Pro services, run 'pro status -...
Enable services with: pro enable <service>
Account: public_mail@hmuna.com
Subscription: Ubuntu Pro - free personal subscription
ページ名:
![[PukiWiki]](image/taikyoku.gif "[PukiWiki]")
