臭氧机的作用:firewall

来源:百度文库 编辑:九乡新闻网 时间:2024/05/04 05:38:59
dis cu
#
 sysname USG2130
#
 web-manager enable
#
 info-center source default channel 4 log level notifications
#
 firewall packet-filter default permit interzone local trust direction inbound
 firewall packet-filter default permit interzone local trust direction outbound
#
 nat address-group 1 211.143.254.163 211.143.254.163
 firewall permit sub-ip
#
 dhcp enable
#
 firewall mode route
#
 firewall statistic system enable
#
 set runmode firewall
#
dhcp server ip-pool 0
 network 192.168.10.0 mask 255.255.255.0
 gateway-list 192.168.10.1               
#
dhcp server ip-pool 1
 network 192.168.20.0 mask 255.255.255.0
 gateway-list 192.168.20.1
#
dhcp server ip-pool 2
 network 192.168.30.0 mask 255.255.255.0
 gateway-list 192.168.30.1
#
interface Cellular5/0/0
 link-protocol ppp
#
vlan 1
#
vlan 5
#
vlan 10
#
vlan 20
#
vlan 30
#
interface Vlanif1                        
 ip address 192.168.0.1 255.255.255.0
#
interface Vlanif10
 ip address 192.168.10.1 255.255.255.0
#
interface Vlanif20
 ip address 192.168.20.1 255.255.255.0
#
interface Vlanif30
 ip address 192.168.30.1 255.255.255.0
#
interface Ethernet0/0/0
 ip address 211.143.254.163 255.255.255.192
#
interface Ethernet1/0/0
 port access vlan 10
#
interface Ethernet1/0/1
 port access vlan 20
#
interface Ethernet1/0/2
 port access vlan 30                     
#
interface Ethernet1/0/3
#
interface Ethernet1/0/4
#
interface Ethernet1/0/5
#
interface Ethernet1/0/6
#
interface Ethernet1/0/7
#
interface NULL0
#
right-manager server-group
#
acl number 2001
 rule 0 permit source 192.168.10.0 0.0.0.255
 rule 1 permit source 192.168.20.0 0.0.0.255
 rule 2 permit source 192.168.30.0 0.0.0.255
#
acl number 3000
 rule 0 permit tcp destination-port eq www
#
cwmp
#
firewall zone local
 set priority 100
#
firewall zone trust
 set priority 85
 add interface Vlanif1
 add interface Vlanif10
 add interface Vlanif20
 add interface Vlanif30
#
firewall zone untrust
 set priority 5
 add interface Ethernet0/0/0
#
firewall zone dmz
 set priority 50
#
firewall interzone local trust
 packet-filter 2001 inbound
 nat outbound 2001 address-group 1       
#
firewall interzone local untrust
#
firewall interzone local dmz
#
firewall interzone trust untrust
 packet-filter 3000 inbound
 packet-filter 2001 outbound
 nat outbound 2001 address-group 1
#
firewall interzone trust dmz
#
firewall interzone dmz untrust
#
aaa
 local-user maintainadmin password simple maintainadmin
 local-user maintainadmin level 3
 local-user admin password cipher ]MQ;4\]B+4Z,YWX*NZ55OA!!
 local-user admin level 3
 local-user admin ftp-directory flash:/
 authentication-scheme default
#
 authorization-scheme default            
#
 accounting-scheme default
#
 domain default
#
#
 slb
#
 ip route-static 0.0.0.0 0.0.0.0 211.143.254.129
#
user-interface con 0
user-interface tty 81
 authentication-mode none
 modem both
user-interface vty 0 4
 authentication-mode aaa
#
common
 update auto time 3:51
 update server domain sec.huaweisymantec.com
#
surfbehavior
#                                        
ips
#
 protocol
#
mailfilter
#
firewall ISA Firewall Quick Tip : Blocking Desired Extensions and Content Types 理解Cisco Secure PIX Firewall上的alias命令 SIP穿越NAT&FireWall解决方案 - 紅③白②藍① - 51CTO技术博客