目录
- 18.1. 策略管理
- 18.2. OpenSSH
- 18.3. HTTP
- 18.4. RemoteDesktop
- 18.5. PPTP
- 18.6. DMZ to Untrust (nat src)
18.1. 策略管理
show policy
firewall-> get policy Total regular policies 24, Default deny. ID From To Src-address Dst-address Service Action State ASTLCB 76 Untrust Trust Any VIP(61.144.~ OpenSSH Permit enabled -----X 77 Untrust Trust Any VIP(61.144.~ CTBS Permit enabled -----X 78 Untrust Trust Any VIP(61.144.~ RemoteDesktop Permit enabled -----X firewall-> get policy Total regular policies 23, Default deny. 76 Untrust Trust Any VIP(61.144.~ OpenSSH Permit enabled -----X 78 Untrust Trust Any VIP(61.144.~ RemoteDesktop Permit enabled -----X
Removing policy
firewall-> get policy Total regular policies 24, Default deny. ID From To Src-address Dst-address Service Action State ASTLCB 76 Untrust Trust Any VIP(61.144.~ OpenSSH Permit enabled -----X 77 Untrust Trust Any VIP(61.144.~ CTBS Permit enabled -----X 78 Untrust Trust Any VIP(61.144.~ RemoteDesktop Permit enabled -----X firewall-> unset policy 77 firewall-> get policy Total regular policies 23, Default deny. 76 Untrust Trust Any VIP(61.144.~ OpenSSH Permit enabled -----X 78 Untrust Trust Any VIP(61.144.~ RemoteDesktop Permit enabled -----X
policy id = 79
set policy id 79 set service "HTTPS"
unset service "SSH" exit
原文出处:Netkiller 系列 手札
本文作者:陈景峯
转载请与作者联系,同时请务必标明文章原始出处和作者信息及本声明。