首页 > 专利查询

ACL控制BT及迅雷

//由于三层交换性能低，同时为了控制内网用户的互相访问

//采用了子接口+交换机TRUNK的方式

<R>dis cu

#

version 5.20, Release 2207, Standard

#

sysname R

#

clock timezone Beijing add 08:00:00

#

super password level 3 XXXXXXXX

#

ftp server enable

镀铬添加剂#

firewall enable

#

domain default enable system

#

telnet server enable

#

dar p2p signature-file cfa0:/d

#

port-security enable

#

ip http port 2020

#

acl number 3000

//内网网段

rule 0 permit ip source 192.168.2.0 0.0.0.255

rule 1 permit ip source 192.168.3.0 0.0.0.255

rule 2 permit ip source 192.168.8.0 0.0.0.255

rule 3 permit ip source 192.168.1.0 0.0.0.255

rule 4 permit ip source 192.168.88.0 0.0.0.255

rule 5 deny ip

acl number 3001

//BT与迅雷的常用IP地址及网段

description Download Control

rule 0 deny ip destination 123.129.242.0 0.0.0.255

rule 1 deny ip destination 125.39.72.0 0.0.0.255

rule 2 deny ip destination 58.254.134.0 0.0.0.255

rule 3 deny ip destination 61.137.191.70 0

rule 4 deny ip destination 221.4.246.73 0

rule 5 deny ip destination 218.59.144.40 0.0.0.7

rule 6 deny ip destination 125.46.42.145 0

rule 7 deny ip destination 58.251.57.115 0

rule 9 deny ip destination 119.120.94.148 0

rule 10 deny ip destination 119.178.12.10 0

rule 11 deny ip destination 119.178.12.16 0

rule 13 deny ip destination 125.46.42.146 0

rule 16 deny ip destination 58.251.57.67 0

rule 17 deny ip destination 58.251.57.69 0

rule 18 deny ip destination 58.251.57.88 0

rule 19 deny ip destination 58.251.57.232 0

rule 21 deny ip destination 221.4.246.80 0

rule 22 deny ip destination 61.137.191.88 0

rule 23 deny ip destination 218.59.144.52 0

rule 24 deny ip destination 60.19.64.43 0

rule 25 deny ip destination 60.19.64.47 0

rule 26 deny ip destination 60.19.64.50 0

rule 27 deny ip destination 60.19.64.60 0

rule 28 deny ip destination 61.137.191.89 0

rule 29 deny tcp destination-port eq 3076

rule 30 deny tcp destination-port eq 3077

rule 31 deny tcp destination-port eq 3078

rule 32 deny udp destination-port eq 3076

rule 33 deny udp destination-port eq 3077

rule 34 deny udp destination-port eq 3078

rule 35 deny tcp destination-port eq 6881

rule 36 deny tcp destination-port eq 6882

rule 37 deny tcp destination-port eq 6883

rule 38 deny tcp destination-port eq 6884

rule 39 deny tcp destination-port eq 6885

rule 40 deny tcp destination-port eq 6886

rule 41 deny tcp destination-port eq 6887

rule 42 deny tcp destination-port eq 6888

rule 43 deny tcp destination-port eq 6889

rule 44 deny udp destination-port eq 6881

rule 45 deny udp destination-port eq 6882

rule 46 deny udp destination-port eq 6883

rule 47 deny udp destination-port eq 6884

rule 48 deny udp destination-port eq 6885

rule 49 deny udp destination-port eq 6886

rule 50 deny udp destination-port eq 6887

rule 51 deny udp destination-port eq 6888

家用沼气池rule 52 deny udp de

stination-port eq 6889

rule 54 permit ip

acl number 3002

/

/禁止互联网用户登录路由器，同时禁ping

rule 0 deny tcp destination XXXXXXXX 0 destination-port eq telnet

rule 1 deny icmp destination XXXXXXXX 0

rule 2 permit ip

#

vlan 1

#

挂式小便器vlan 2

#

domain system

access-limit disable

state active

idle-cut disable

self-service-url disable

#

user-group system

group-attribute allow-guest

#

local-user admin

password cipher XXXXXXXX

authorization-attribute level 1

service-type telnet terminal

service-type ftp

service-type web

#

cwmp

undo cwmp enable

#

interface Aux0

async mode flow

link-protocol ppp

#

interface Cellular0/0

async mode protocol

link-protocol ppp

#

interface Ethernet0/0

port link-mode route

#

interface Ethernet0/1

port link-mode route

#

interface Ethernet1/0

port link-mode route

description to Internet

firewall packet-filter 3002 inbound

firewall packet-filter 3001 outbound

nat outbound 3000

nat server protocol tcp global XXXXXXXX www inside 192.168.2.10 www

//内部有对外提供WWW服务的web服务器

ip address XXXXXXXX 255.255.255.248

#

interface Ethernet2/0

port link-mode route

#

interface Ethernet2/0.2

description Server

vlan-type dot1q vid 2

ip address 192.168.2.9 255.255.255.0

mac-address 3822-d627-9eb2

ip flow-ordering internal

#

interface Ethernet2/0.3

description XXXXXXXX

vlan-type dot1q vid 3

ip address 192.168.3.1 255.255.255.0

mac-address 3822-d627-9eb3

ip flow-ordering internal

#

双向呼叫interface Ethernet2/0.8

description XXXXXXXX

旋转式清堵机看看vlan-type dot1q vid 8

ip address 192.168.8.1 255.255.255.0

mac-address 3822-d627-9eb8

ip flow-ordering internal

#

interface NULL0

#

ip route-static 0.0.0.0 0.0.0.0 58.18.170.113

#

ip flow-ordering stat-interval 60

#

load xml-configuration

#

load tr069-configuration

机柜空调器#

user-interface con 0

authentication-mode scheme

user-interface tty 13

user-interface aux 0

user-interface vty 0 4

authentication-mode scheme

#

return

<R>

本文发布于:2024-09-23 10:28:31，感谢您对本站的认可！

本文链接：https://www.17tex.com/tex/4/268328.html

版权声明：本站内容均来自互联网，仅供演示用，请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系，我们将在24小时内删除。

上一篇：HGU设备数据配置

下一篇：中兴ZXV10_H108B超级帐号密码破解

标签：用户服务 IP地址

留言与评论（共有 0 条评论）

推荐文章

排行榜

热门标签

Copyright ©2019-2024 Comsenz Inc.Powered by © 易纺专利技术学习网豫ICP备2022007602号

豫公网安备41160202000603 站长QQ:729038198 关于我们投诉建议

我要关灯

我要开灯
返回顶部